Sharing Settings
Review OneDrive sharing activity and configure sharing policies to identify potential security concerns. Monitor external sharing, anonymous links, and sharing with guests across all managed tenants.
Note: OneDrive storage is included with Microsoft 365 licenses. Default allocation is 1 TB per user. SharePoint tenant storage pools are separate from OneDrive allocations.
Sharing Summary
Track sharing activity across all managed tenants:
| Metric | Count | Risk Level |
|---|---|---|
| Files shared internally | 2,456 | Normal |
| Files shared externally | 342 | Moderate |
| Anonymous links | 28 | High |
| Expiring links | 156 | Normal |
Sharing Levels
OneDrive supports multiple sharing levels, from most permissive to most restrictive:
| Level | Description |
|---|---|
| Anyone | Anonymous access links — most permissive, no sign-in required |
| New and existing guests | Require sign-in for external users |
| Existing guests | Only previously added guest users can access |
| Only people in org | No external sharing — most restrictive |
Link Settings
Configure default link behavior for OneDrive sharing:
- Default link type — Specific people, People in org, or Anyone
- Default permissions — View only or Edit
- Link expiration — Require links to expire after a specified number of days
- Password protection — Require passwords on Anyone links
External Sharing by Domain
Monitor which external domains receive shared files:
| Domain | Files Shared | Risk |
|---|---|---|
partner.com | 124 files | Normal |
vendor.org | 89 files | Normal |
client.co | 67 files | Normal |
gmail.com | 62 files | Elevated |
Warning: Sharing with consumer email domains (e.g.,
gmail.com,outlook.com) may indicate uncontrolled data sharing. Review these shares to ensure they comply with organizational policies.
Sharing Analysis Features
File-Level Tracking
- Identify which files are shared externally
- Track who has access to sensitive documents
- Monitor when sharing links were created and last accessed
- Detect orphaned sharing links for deleted users
Tenant-Level Comparison
Compare sharing policies and activity across managed tenants to identify inconsistencies:
- Which tenants allow anonymous sharing links
- External sharing volume trends by tenant
- Policy compliance status across all tenants
Best Practices
Security
- Disable anonymous sharing links unless specifically required
- Set link expiration policies (30 days recommended for external)
- Require passwords on Anyone links
- Block sharing with consumer email domains
- Track external sharing for sensitive data
Monitoring
- Schedule weekly sharing reports
- Review external sharing by domain regularly
- Monitor anonymous link creation and usage
- Audit sharing activity for compliance requirements
- Set alerts for unusual sharing patterns
API Reference
# Get OneDrive usage report including sharing data
GET /reports/getOneDriveUsageAccountDetail(period='D30')# OpsPilot365 API - Sharing analysis report
GET /api/reports/onedrive/sharing
{
"tenantIds": ["tenant-1", "tenant-2"],
"period": "last30days",
"includeAnonymousLinks": true
}GET /api/onedrive/sharing— Get sharing settingsPUT /api/onedrive/sharing— Update sharing settingsGET /api/onedrive/sharing/external— List externally shared files