Set SharePoint Online default sharing link to People With Existing Access

Microsoft announced in a recent Microsoft 365 Admin Center message that administrators will be able to make a change to SharePoint site Sharing settings so the default Sharing Link will be for “People with existing access”. This is a useful option because it allows people to simply share a link with someone who already has access to the content, but just needs to be directed to it – for example sharing a news article from a Communication site. This type of Sharing Link does not break permission inheritance on the item as other sharing links do. In this article, we’ll walk you through making this configuration change, and see in detail how it works.

To view the current Sharing default for a site, go to the Active Sites page in the SharePoint Admin Center, select the appropriate site, and select Sharing from the menu.

image

You may see that this site’s default Sharing link is set to be the same as your Organization-level setting, as in this example. You can change this via the UI, but as you can see, the only options are:

  • Specific people
  • Only people in your organization
  • Anyone with the link

[Note that Anyone with the link may be greyed out depending on your organization’s anonymous sharing policies.]

If you open the Share dialog on an item in SharePoint, and click on the chevron to see the other options, you’ll see there’s a fourth option: People with existing access.

image

But there isn’t a way in the Admin Center to select that as the default option for your users to see when they share. This is what the new feature remedies.

How to configure the new default sharing link

Microsoft has said that in the future this option will be available in the UI, but as of this writing (late January 2020) it must be set using PowerShell. Also, this feature is currently only available in Targeted Release tenants; Microsoft has said it will roll out generally by the end of March 2020.

Here’s how to enable this option: After connecting to SharePoint Online with the SharePoint Online Management Shell, use the Set-SPOSite cmdlet with the -DefaultLinkToExistingAccess parameter:

Set-SPOSite -identity https://YourTenant.sharepoint.com/sites/YourSite -DefaultLinkToExistingAccess 1

Here, 1 represents True.

Now, when you Share an item within that site, you should see that People with existing access is now the default.

image

Other options can still be selected, but it’s easier for users to accept that default option if that’s what you want them to usually do.

Compare sharing behavior

Let’s take a look at what this means for the resulting permissions…

If the default sharing link is People in your organization (and a user accepts the default), this creates a Sharing Link and also breaks permission inheritance on that item, so it no longer will inherit permissions from the list or library.

For example, here we’ve shared the Products Tour file with Test User 2 (who is in our organization).

image

Using Lightning Tools DeliverPoint, we can run a Discover Permissions on this document library, selecting the option to show Unique items. Here we see that the “Products Tour” file now has unique permissions, and Test User 2 now has Contribute permission via a Sharing Link.

image

After using PowerShell to change the default sharing setting to People with existing access, we’ll accept the default to share the “Your thoughts about permissions” file with Test User 2.

image

Again using DeliverPoint’s Discover Permissions report, we can see that “Your thoughts about permissions” is NOT listed as an item with unique permissions; it’s still inheriting permissions from the library.

image

We hope you’ve found this useful!

Reference: Microsoft documentation

If you want to learn more about how easy it can be to report on and manage permissions with DeliverPoint, check out this introductory video or enroll in one of our upcoming webinars.

Comments (4)

[…] Set SharePoint Online default sharing link to People With Existing Access […]

Hello, thank you very much for your post and instructions, but I am always getting error message when I try to run your command:
Set-SPOSite -identity https://YourTenant.sharepoint.com/sites/YourSite -DefaultLinkToExistingAccess 1
I tried with 1 and $true and the end, still no luck and I am getting the same error message :Set-SPOSite : Parameter set cannot be resolved using the specified named parameters. Could you please help me to understand what am I doing wrong ? Thank you.

Hi Andrei,
Perhaps you have already resolved this issue. But in case you haven’t, can you confirm that you have the latest version of the SharePoint Online Management Shell, which supports this parameter? And that you have entered the URL of one of your own site collections?

For people scouring the internet looking for a solution to the error mentioned by Andrei, sadly, I don’t have a workaround yet. I do however might have a cause for the error. The parameter is not applicable to the type of site collection.
When using the both the site title and the identity I get a different error:
Set-SPOSite : https://site.sharerpoint.com/site is a Groups site collection. The valid parameters for this type of site collection are ‘-Identity’, ‘-AllowSelfServiceUpgrade’, ‘-DefaultLinkPermission’,
‘-DefaultSharingLinkType’, ‘-DenyAddAndCustomizePages’, ‘-DisableCompanyWideSharingLinks’,
‘-DisableSharingForNonOwners’, ‘-LockState’, ‘-Owner’, ‘-ResourceQuota’, ‘-ResourceQuotaWarningLevel’,
‘-SandboxedCodeActivationCapability’, ‘-SharingCapability’, ‘-ShowPeoplePickerSuggestionsForGuestUsers’,
‘-SocialBarOnSitePagesDisabled’, ‘-StorageQuota’, ‘-StorageQuotaReset’, and ‘-StorageQuotaWarningLevel’.

As you can see -DefaultLinkToExistingAccess is not part of this group of parameters.

Hope it helps.

Leave a comment