Microsoft has quietly rolled out a critical security update to its Microsoft 365 Copilot connectors. Starting in April 2026, connectors for Jira, Confluence, and ServiceNow can now evaluate nested access control lists (ACLs)—meaning they finally respect inherited permissions from parent objects like spaces, projects, and catalog categories. The update, tagged as Roadmap item 503587 and marked as generally available for worldwide standard multi-tenant customers, closes a gap that could have exposed sensitive data through Copilot and Microsoft Search.

What actually changed

The core change is straightforward: connectors now evaluate permissions hierarchically. Before this update, a connector might only check permissions directly attached to an individual item—a single Jira issue, a Confluence page, or a ServiceNow catalog item. That approach ignored broader access rules set at the project, space, or category level. Now, when Copilot indexes content from these platforms, it walks the full ACL chain, combining page-level restrictions, parent-page permissions, and space-wide settings for Confluence; project and issue-level security for Jira; and category- and item-level user criteria for ServiceNow.

Microsoft’s connector documentation illustrates the logic. For Confluence on-premises, the connector computes effective access by merging restrictions from the page itself, its parent page, and the space. For ServiceNow Catalog, it checks user criteria on both the catalog category and the individual catalog item. Jira connectors traverse the project hierarchy, applying issue-level security schemes where they exist and falling back to project permissions otherwise. The result isn’t a new permissions layer inside Microsoft 365; it’s a faithful mirror of the source system’s existing authorization decisions.

The rollout timing is critical: the Microsoft 365 Roadmap entry was last updated on July 13, confirming general availability for the worldwide standard multi-tenant cloud. Government, sovereign, and dedicated cloud instances are explicitly excluded—a limitation buried in the fine print for ServiceNow connectors, which notes that some hierarchical permission features won’t work in those environments.

What it means for you

The practical impact varies depending on your role.

For everyday users and Copilot power users:
Until now, if you searched Copilot for a Confluence page you technically had access to only through space membership, you might not have seen it—or worse, you might have seen results belonging to someone else. That’s now fixed. Your Copilot and Microsoft Search results should align with what you can access when you log directly into Jira, Confluence, or ServiceNow. The experience becomes seamless: you get the answers you expect, no more, no less.

For IT admins and compliance officers:
This update is a double-edged sword. On one hand, it dramatically reduces the risk of data leakage via Copilot. On the other, it requires immediate attention to connector configuration. Microsoft has never supported changing a connector’s permission model after creation. If your existing Jira, Confluence, or ServiceNow connectors were set up with organization-wide visibility—basically, making all indexed content accessible to everyone in the tenant—you cannot simply flip a switch to enable nested ACLs. The documented fix is to delete the connection and recreate it via the custom setup flow, this time selecting the option to respect source-system ACLs.

And there’s more. Even a properly ACL-bound connector is only as secure as the identity plumbing behind it. If your service account lacks read access to the full ACL tree, the connector may mis-evaluate permissions. If your Entra ID (formerly Azure AD) identity mapping is broken or incomplete, users and groups from the source system won’t be matched correctly, and access will fail silently or grant overly broad permissions. The same goes for denied-users: you must test with accounts that inherit access through a parent container and with accounts explicitly denied at a child-item level.

How we got here

Microsoft released Copilot connectors—originally dubbed “Graph connectors”—to bring external content into Microsoft 365’s search and intelligence fabric. The Jira, Confluence, and ServiceNow connectors shipped with basic ACL support, but early implementations often forced a binary choice: either enforce all permissions exactly as defined in the source system (which sometimes missed inherited rights) or throw the doors open to everyone in the organization. For most IT teams, neither option was acceptable.

Over the past two years, Microsoft has steadily improved connector permissions. March 2024 brought Confluence On-Premises connectors into public preview with granular ACL support. By late 2025, the ServiceNow Knowledge connector gained user-criteria evaluation. Yet nested ACLs remained conspicuously absent. Roadmap item 503587 has been in various stages of development since early 2026, and its April 2026 GA launch finally brings these connectors in line with enterprise expectations.

The industry context matters, too. As organizations dump more data into Copilot and other AI-powered search tools, the blast radius of a permissions error grows. A 2024 Gartner report found that 45% of enterprises had experienced an AI-related data exposure incident caused by misconfigured access controls. This update is Microsoft’s answer to that risk for three of the most widely used third-party workplace tools.

What to do now

If you manage Microsoft 365 Copilot connectors for Jira, Confluence, or ServiceNow, here’s your step-by-step check-up:

  1. Audit your existing connections.
    Go to the Microsoft 365 admin center, navigate to Copilot > Connectors > Your Connections, and examine each active connector’s settings. Look for the access-permission model—if it’s set to “Everyone in the organization,” you’ve got a problem.

  2. Be prepared to rebuild.
    When you find a connector with broad visibility, plan to delete it and recreate it. Before deleting, document its crawl schedule, content filters, and any custom mappings. After recreation, run a full crawl to populate the index.

  3. Validate service-account privileges.
    The accounts used by the connectors must be able to read not just the content, but also the permission metadata. For ServiceNow, that means the account needs access to both the sc_cat_item table and the user_criteria table; for Confluence, it needs at least space-level browse permissions. Insufficient privileges will silently cause access to fail.

  4. Double-check identity mapping.
    The connector translates source-system identities into Entra ID objects. If you’ve changed user or group naming conventions, migrated tenants, or recently reconfigured federation, the mapping could be stale. Run a test query with a known user and verify that only their allowed content appears.

  5. Test inheritance explicitly.
    Don’t assume everything works. Log into Copilot as a test user who holds no direct permissions on a child item but inherits access from a parent space or project. Then try a search that should return that item. Next, confirm that a user who is denied at the child level does not see the item. Flawed hierarchies—such as a page that restricts view to a few individuals but sits in a space open to all—can produce unexpected results.

  6. Monitor for gaps.
    Even with nested ACLs, the connector’s fidelity isn’t perfect. ServiceNow’s advanced scripts, Jira’s issue security schemes with custom conditions, and Confluence’s external directory settings can all confuse the permission translator. Set up ongoing alerts for connector errors via the Microsoft 365 admin center’s health dashboard.

Outlook

Microsoft’s roadmap doesn’t mention nested ACLs for other connectors yet, but the pattern is clear: every connector that touches structured, permission-heavy data—Think GitHub, Salesforce, or Zendesk—will eventually need similar treatment. The architecture documented in the Microsoft 365 Copilot architecture whitepaper suggests a pluggable permission-sync framework that could make these rollouts faster.

For now, the Jira, Confluence, and ServiceNow update is a welcome fix. It proves Microsoft is listening to the enterprise customers who’ve been shouting about AI governance. But it’s not a set-it-and-forget-it feature. Permissions hygiene remains a shared responsibility—and the gap between what a source system enforces and what Copilot indexes is a gap only well-trained admins can close.