Microsoft / Copilot

Register a Microsoft Entra application and grant Microsoft Graph access for the Section Microsoft 365 Copilot connector.

You will register a Microsoft Entra application and grant Microsoft Graph access so Section can sync Microsoft 365 Copilot adoption data.

Section connects to Microsoft 365 Copilot through the Microsoft Graph API, syncing Copilot-licensed users and their interaction history to track adoption across your organization. Setup requires registering an application in Microsoft Entra (Azure AD) and granting it permission to read Copilot usage reports and enterprise interactions. Both the Entra admin center and the Azure Portal lead to the same App registrations — use whichever your team prefers.

Prerequisites

  1. Sign in to the Microsoft Entra admin center or Azure Portal with an account that can create app registrations and grant admin consent.
  2. Confirm your organization has Microsoft 365 Copilot-licensed users whose adoption data should sync to Section.
  3. Keep your Section connector setup page open so you can paste the Microsoft credentials after registration.

Required permissions and connection values

ItemRequired valueWhere to find it
Tenant IDMicrosoft Entra directory ID for your organizationMicrosoft Entra admin center → Overview
Application (client) IDClient ID for the app registration you create for SectionApp registration → Overview
Client secret valueSecret value for the app registrationApp registration → Certificates & secrets
Microsoft Graph permissionsPermissions that allow the app to read Copilot usage reports and enterprise interactionsApp registration → API permissions
Admin consentGranted for the Microsoft Graph permissionsApp registration → API permissionsGrant admin consent

Register the Microsoft Entra application

  1. Open Microsoft Entra admin center or Azure Portal.
  2. Go to App registrations and select New registration.
  3. Enter a name that identifies the app as the Section Microsoft 365 Copilot connector.
  4. Complete the registration using the account type required by your organization.
  5. Copy the Application (client) ID and Directory (tenant) ID from the app registration overview.

Create a client secret

  1. In the app registration, go to Certificates & secrets.
  2. Select New client secret.
  3. Add a description that identifies the secret as used by Section.
  4. Choose an expiration period that matches your organization's credential rotation policy.
  5. Copy the secret Value immediately. Microsoft only shows this value once.

Grant Microsoft Graph access

  1. In the app registration, go to API permissions.
  2. Select Add a permission.
  3. Choose Microsoft Graph.
  4. Add the application permissions that allow Section to read Copilot usage reports and enterprise interactions.
  5. Select Grant admin consent so the permissions are active for the tenant.

Connect Section

  1. Return to the Section Microsoft 365 Copilot connector setup page.
  2. Enter the Tenant ID, Application (client) ID, and Client secret value.
  3. Save the connector configuration.
  4. Run a test sync or start the first sync from Section.
  5. Confirm that Copilot-licensed users and interaction history appear in Section after the sync completes.

Troubleshooting

Error or symptomHow to resolve it
Admin consent is requiredGrant admin consent for the Microsoft Graph permissions in the app registration.
Invalid client secretPaste the secret Value, not the secret ID. If the value is unavailable or expired, create a new client secret.
Insufficient privileges or access deniedConfirm the app registration has Microsoft Graph application permissions for Copilot usage reports and enterprise interactions, then grant admin consent again.
No users sync to SectionConfirm the users have Microsoft 365 Copilot licenses and that Copilot usage data is available in Microsoft 365.

Optional: Next steps

  • Store the client secret in your organization's approved secrets manager.
  • Record the secret expiration date so you can rotate it before syncs fail.
  • Review the app registration permissions during regular access reviews.