There has always been one problem in the SharePoint world: report on site permissions.
Permissions are tricky in SharePoint. By default, you have permissions assigned to the root site of the site collection and all subsites, libraries etc. inherit root permissions. But You can break inheritance at any level you need to provide specific permissions to the resource. Of course you can navigate to the resource and check resource permissions. But… should you iterate everything under your site to check if permissions are broken or inherited?
So the problem was – you never know who have access to your site as there was no out-of-the-box tool to get all site permissions in one single report. There are third-party solutions – like ShareGate or Metalogix, or you can develop PowerShell script generating report on all SPO site permissions. But finally…
Seems like Microsoft solved the permissions report problem:
Full site permissions report is available for site owners out-of-the-box. Just navigate to Site Usage and run report.
- Select “Site Contents”, then “Site Usage”:
2. Scroll down to the “Shared with external users” block and click “Run report”:
3. Select folder (*) for the report and click “Save”:
After some time (1-5 minutes) – check the folder. There should be a file with a report on all site permissions.
For items shared with direct access, the report contains one row for each user / item combination.
SharePoint groups are shown in the report, but not individual users inside them…
You must be a site admin to run the report.
(*) if you don’t want site members to see the report, consider creating a folder with different permissions where only site owners can access the report…
Here is a short 3-minutes video on How to get Site Permissions Report