Last Updated on February 27, 2025
How does the guest access work?
In this guide, let’s talk about guest access in SharePoint, how to configure it, and more.
Let’s get started.
Table of Contents:
When to use guest access?
From the name itself, guest access enables collaboration with individuals outside the organization.
But at the same time, it’s important to use this feature judiciously to maintain security and control over the content.
Examples of scenarios on when to use this feature include:
- Collaboration with external partners like vendors or consultants
- Sharing files or folders to get client review and feedback
- Coordinating events by granting external access to schedules, task lists, and related documents
Before sharing with external users, you might want to assess the sensitivity of the information on the site.
It’s also important to configure the permissions carefully, like granting the least privilege necessary for guests.
Sign up for exclusive updates, tips, and strategies
Enable Guest Sharing at the Organization Level
It’s possible to enable or disable guest sharing right at the organization level through the SharePoint admin center.
Here’s how:
Go to any page in Microsoft 365 and click the app launcher.
Then select the Admin button:
From there, expand the options in the left panel
Select SharePoint from the list of admin centers.
Nice! 🙂
Step 2: Go to sharing policies
You’re now in the SharePoint admin center.
On the left panel, expand the Policies item and then click Sharing:
The first thing you will see is the external sharing part.
Step 3: Set the external sharing
It’s easy to understand the settings here since you just need to decide how “permissive” the settings will be.
My recommendation here is to put the external sharing to new and existing guests:
The top setting is for sharing content with anyone, meaning, they won’t need to sign in or create a Microsoft account.
That’s why I recommend the second-most permissive setting so external guests still have to provide a verification code.
There are also a few settings on this page, but you can leave them as they are.
For example, there are options for changing the default behavior of file and folder links like expiration and permission.
Adjusting Site-Level Sharing Settings
What’s nice is that it’s possible to set precise control over who can access specific sites.
While still in the SharePoint admin center, go to the Active sites page.
You will see all the active sites in the tenant.
What you need to do here is look for the site, select it (don’t click on its name), and then click the Sharing button.
Same with setting the tenant-wide external sharing, you can also do the same here per site.
Again, the best course of action here is to set the external sharing to New and existing guests.
Save the changes to apply the settings.
It’s important to note though that site-level sharing settings cannot exceed the permissions set at the organization level.
There are different ways to add guest users to sites:
1. Sharing the site
Whether that’s a communication site or a team site, there would be an option to share the site with others.
Look for it in the site permissions settings and you will find it there.
Make sure to assign the appropriate permission level before sending the invitation.
2. Add members to a Microsoft 365 group
It’s also possible to add guests to a Microsoft 365 group.
Go to the Microsoft 365 admin center, then find the Active teams and groups page.
Click the group where you want to add a guest member.
This will open a side panel from the right, go to the Membership tab, then to Site visitors.
Click the add site visitors button:
You will then be able to add members here by putting in their email addresses.
They will then receive an email invitation to join the group and the associated SharePoint site.
Security Considerations for Guest Access
We’re talking here about guest access, so it’s important to protect sensitive information and maintain compliance.
At the very least:
- Require guests to verify their identity through multiple methods like MFA
- Define time limits for guests’ access
- Limit guests’ abilities to share
- Periodically assess and adjust guest permissions
In addition, apply specific conditions like device compliance or location, for guests to meet to meet or access resources.
What’s important here is to maintain an effective collaboration with external parties while keeping your data safe.
Do you have any questions about guess access in SharePoint? Let me know in the comments.
For any business-related queries or concerns, contact me through the contact form. I always reply. 🙂
