Skip to Content
EmailExchangePublic FoldersPublic Folder Permissions

Public Folder Permissions

Manage access permissions for Exchange Online public folders. Permissions control what actions users can perform on folder content, including reading, creating, editing, and deleting items.

Note: Public folder permissions are set per folder. Child folders inherit permissions from their parent by default, but inheritance can be overridden.

Permission Roles

RoleReadCreate ItemsEdit OwnEdit AllDelete OwnDelete AllCreate SubfoldersManage Permissions
OwnerYesYesYesYesYesYesYesYes
Publishing EditorYesYesYesYesYesYesYesNo
EditorYesYesYesYesYesYesNoNo
Publishing AuthorYesYesYesNoYesNoYesNo
AuthorYesYesYesNoYesNoNoNo
Non-Editing AuthorYesYesNoNoYesNoNoNo
ContributorNoYesNoNoNoNoNoNo
ReviewerYesNoNoNoNoNoNoNo
NoneNoNoNoNoNoNoNoNo

Managing Permissions

Adding User Permissions

  1. Select folder — Choose the public folder to manage.
  2. Add user — Select the user or group to grant access.
  3. Assign role — Choose the appropriate permission role.
  4. Apply — Save the permission assignment.

Modifying Permissions

  • Change a user’s role to increase or decrease access
  • Remove a user’s permissions entirely
  • Apply custom permission combinations beyond standard roles

Bulk Permission Updates

Apply permissions to multiple folders at once:

  • Set permissions on a parent folder and all child folders
  • Apply the same role to multiple users
  • Reset permissions to default for a folder branch

Default Permissions

Default User Permissions

The “Default” entry controls access for all authenticated users not explicitly listed:

  • Set to Reviewer for read-only access organization-wide
  • Set to None to restrict access to only listed users
  • Set to Author to allow all users to contribute

Anonymous Permissions

The “Anonymous” entry controls access for unauthenticated users:

  • Typically set to None for security
  • Can be set to Reviewer for public-facing folders (rare)

Inheritance

Default Behavior

Child folders inherit permissions from their parent:

  • New subfolders automatically receive parent permissions
  • Changes to parent permissions propagate to children
  • Simplifies permission management for folder hierarchies

Overriding Inheritance

Set custom permissions on a child folder:

  • Child folder permissions override parent settings
  • Only affects the specific folder, not siblings
  • Further nested folders inherit from the overridden child

Best Practices

  • Use roles, not custom permissions — Standard roles are easier to audit and manage.
  • Apply least privilege — Grant minimum necessary access. Use Reviewer for most users.
  • Set appropriate defaults — Configure the Default entry to control organization-wide access.
  • Audit permissions regularly — Review who has access, especially Owner and Editor roles.

API Reference

GET /api/exchange/public-folders/:id/permissions List folder permissions

POST /api/exchange/public-folders/:id/permissions Add user permission

PUT /api/exchange/public-folders/:id/permissions/:userId Update user permission

DELETE /api/exchange/public-folders/:id/permissions/:userId Remove user permission

Last updated on
Public FoldersContact Templates