Skip to Content
EmailSharepointSite Permissions

Site Permissions

Manage access to SharePoint sites and their content. Configure permission levels, manage site members and owners, and audit access to ensure proper data governance.

Permission Levels

  • Full Control (Highest) — Complete control including managing permissions, site settings, and deletion. Reserved for site collection administrators.
  • Owner — Manage site settings, permissions, and content. Cannot delete site collection.
  • Member (Edit) — Add, edit, and delete content. Create lists and libraries. Cannot manage permissions.
  • Visitor (Read) — View pages and content only. No editing capabilities.
  • Restricted View — View pages only. Cannot download documents or view lists.

Site Groups

GroupPermission LevelMembersDescription
Site OwnersFull Control3 usersSite administrators
Site MembersEdit24 users, 2 groupsContent contributors
Site VisitorsRead156 users, 5 groupsView-only access

Permission Inheritance

SharePoint uses permission inheritance from parent to child:

  • Site Collection
    • Subsite (Inherited)
      • Document Library (Inherited)
        • Folder (Broken)
          • Document (Inherited)

Note: Breaking inheritance creates unique permissions. Changes to parent no longer affect the item. Use sparingly to avoid permission complexity.

Manage Site Access

Add Users/Groups

  • Add individual users to site groups
  • Add security groups for bulk access
  • Add Microsoft 365 groups
  • Invite external guests

Remove Access

  • Remove from site groups
  • Remove direct permissions
  • Revoke sharing links
  • Block guest access

Access Requests

Users can request access when they don’t have permissions. Site owners receive requests and can approve or deny them. Example requests include external users requesting access to project documents or internal users requesting elevated edit permissions.

Permission Check

Verify what permissions a user has on a site or item by specifying the user email and the site or document URL. This helps audit access and troubleshoot permission issues.

Permissions Report

Generate reports on site permissions:

  • User Permissions — All sites and items a specific user can access.
  • Site Permissions — All users and groups with access to a site.
  • Unique Permissions — Items with broken inheritance across sites.

Best Practices

  • Use groups for permissions — Assign permissions to groups rather than individuals for easier management.
  • Minimize broken inheritance — Excessive unique permissions make auditing difficult. Use sparingly.
  • Regular access reviews — Periodically review who has access and remove stale permissions.
  • Limit site owners — Keep the owner group small. Too many owners can lead to permission sprawl.

API Reference

  • GET /api/sharepoint/sites/:id/permissions — Get site permissions
  • POST /api/sharepoint/sites/:id/permissions — Add user/group to site
  • DELETE /api/sharepoint/sites/:id/permissions/:userId — Remove user from site
  • GET /api/sharepoint/permissions/check — Check user permissions
Last updated on
Document LibrariesSharePoint Sites