SharePoint Document Sharing


This document provides a complete overview of document and folder sharing in Microsoft SharePoint Online. It explains sharing models, link types, permission levels, administrative controls, and governance best practices based on official Microsoft behavior.

1. Overview

Enables secure document collaboration across: - Internal users within the organization - External guest users - Controlled sharing links

Sharing behavior is governed by: - Tenant-level policies - Site-level settings - Item-level permissions (file or folder)

2. Sharing Levels and Scope

2.1 Tenant-Level Sharing

Configured in the SharePoint Admin Center: - Enables or restricts external sharing - Defines default link type - Controls anonymous access availability - Allows or blocks sharing with specific domains

Tenant settings define the maximum allowed sharing capability.


2.2 Site-Level Sharing

Each SharePoint site can: - Inherit tenant-level settings - Further restrict sharing - Completely disable external access

Site settings cannot be more permissive than tenant settings.


2.3 Item-Level Sharing

Applies to: - Individual documents - Folders

Item-level sharing can override inherited permissions by creating unique access rules.

3. Sharing Methods

3.1 Internal Sharing

  • Access limited to users within the organization
  • Authentication via Microsoft Entra ID
  • Links can be forwarded internally

3.2 External Sharing

External users can access content using: - Work or school account - Microsoft account - One-time passcode (OTP)

External sharing depends on tenant and site policies.

4. Link Types (SharePoint UI – Link Settings)

4.1 People in Your Organization

  • Access limited to users in the same tenant
  • Authentication required
  • Link may be forwarded internally
  • No external access

4.2 Only People with Existing Access

  • Does not grant new permissions
  • Works only for users who already have access
  • Used as a convenience link

Recommended for:

Sharing links without changing security posture.

4.3 People You Choose

  • Access restricted to explicitly selected users
  • Authentication required
  • Link cannot be reused by others
  • Supports internal and external users

Recommended for:

Secure sharing with specific individuals.

5. Permission Levels

5.1 Can View

  • Read-only access
  • Open and preview files
  • Download behavior depends on policy
  • No editing or deletion

5.2 Can Edit

  • Modify documents
  • Upload new files (for folders)
  • Delete or rename files (depending on permissions)
  • May allow reshare unless restricted

5.3 Manage Access (Owners only)

  • Modify permissions
  • Remove users
  • Stop sharing

6.1 Expiration Date

  • Automatically disables link after a defined date
  • Prevents long-term access exposure

Best practice:

Always use expiration dates for external access.

6.2 Password Protection

  • Available for external links (policy dependent)
  • Requires password to open the document
  • Password must be shared separately

6.3 Block Download

  • Prevents local file download
  • Allows browser-based viewing only
  • Applies mainly to Office documents and PDFs

7. Folder vs File Sharing

File Sharing

  • Applies to a single document
  • Suitable for one-off sharing
  • Easier to manage permissions

Folder Sharing

  • Grants access to all current and future files
  • Suitable for long-term collaboration
  • Requires careful permission control

8. Permission Inheritance

  • By default, documents inherit permissions from the library or site
  • Sharing breaks inheritance and creates unique permissions
  • Excessive unique permissions increase administrative complexity

9. External User Management

  • External users are stored as guest accounts in Tenant
  • Access can be revoked by:
  • Removing sharing links
  • Removing guest users
  • Adjusting site or tenant policies

10. Auditing and Monitoring

All sharing actions are logged and available in: audit logs

Administrators can review: - Who shared content - What was shared - When access was granted or removed

11. Governance and Security Best Practices

  • Prefer People You Choose for external sharing
  • Avoid Anyone links unless explicitly required
  • Use expiration dates for all external access
  • Avoid sharing at folder level when possible
  • Regularly review external access
  • Combine sharing with sensitivity labels and DLP where applicable

12. Summary

SharePoint provides flexible document sharing capabilities that balance collaboration and security. Proper use of link types, permission levels, and administrative controls ensures secure and manageable access to organizational data.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us