Microsoft Copilot · OAuth Scopes
Microsoft Copilot OAuth Scopes
OAuth 2.0
derived
Microsoft Copilot publishes 5 OAuth 2.0 scopes via the authorizationCode flow. Scopes are the fine-grained permissions an application requests at authorization time to act against the Microsoft Copilot API on a user’s behalf.
Tokens are issued from https://login.microsoftonline.com/common/oauth2/v2.0/token.
This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.
AgentsAI AssistantArtificial IntelligenceChatbotCopilotExtensibilityGenerative AIMicrosoft 365Productivity
Scopes: 5
Flows: authorizationCode
Method: derived
OAuth endpoints
Authorization URL
https://login.microsoftonline.com/common/oauth2/v2.0/authorize
https://login.microsoftonline.com/common/oauth2/v2.0/authorize
Token URL
https://login.microsoftonline.com/common/oauth2/v2.0/token
https://login.microsoftonline.com/common/oauth2/v2.0/token
Flows
authorizationCode
authorizationCode
Scopes (5)
| Scope | Description | Flows |
|---|---|---|
| AIInteraction.Read.All | Read all AI interactions for compliance | authorizationCode |
| Chat.Read | Read user chat messages | authorizationCode |
| ExternalItem.Read.All | Read external items from Copilot connectors | authorizationCode |
| Files.Read.All | Read all files the user can access | authorizationCode |
| Sites.Read.All | Read items in all site collections | authorizationCode |