fbpx

Set permissions options for Anyone links

Introduction

By default, Anyone links for a file allow people to edit the file, and Anyone links for a folder allow people to edit and view files, and upload new files to the folder. You can change these permissions for files and for folders independently to view-only.

If you want to allow unauthenticated sharing, but are concerned about unauthenticated people modifying your organization’s content, consider setting the file and folder permissions to View.

With Anyone links set to View, users can still share files and folders with guests and give them edit permissions by using Specific people links. These links require people outside your organization to authenticate as guests, and you can track and audit guest activity on files and folders shared with these links.

Best practices for unauthenticated sharing | Microsoft Docs

User Impact

Low – Users will no longer have permission to anonymously share content with edit permissions if the setting is set to View.

Parameters

FolderAnonymousLinkType – View | View, edit, and upload

FileAnonymousLinkType – View | View and edit

Admin Portal Reference

Anyone link permissions options are configured in the SharePoint Admin Center

SharePoint Admin Center -> Policies -> Sharing

PowerShell Reference

# Set folder anonymous link type
Set-SPOTenant -FolderAnonymousLinkType 

# Set file anonymous link type
Set-SPOTenant -FileAnonymousLinkType 

Additional Notes

Refer to Microsoft’s best practices for sharing files and folders with unauthenticated users – click here

Compliance Reporting

Important note – this setting can only be configured when anonymous links are enabled in the tenant. If anonymous links are not enabled, the default anonymous link type cannot be adjusted and anonymous links are not available to end users which renders this setting irrelevant. As a consequence, we will report this setting compliant with a compliance message which reflects this.
To configure organization-level external sharing settings and enable anonymous sharing links refer to this setting.

If Action is set to Notify

We report the setting as compliant if the setting matches the values as set by the parameters.

We report the setting as non-compliant if the setting does not match the values as set by the parameters.

If Action is set to Enforce

We report the setting as compliant if the setting matches the values as set by the parameters.

We report the setting as compliant-fixed if the setting does not match the values as set by the parameters and we adjust them to match.

Get Started!

The first three tenants are free! No credit card required.

Sign Up