Skip to main content
< All Articles

How to configure expiration and permissions options for Anyone links in SharePoint Online

Posted on September 22, 2022
SharePoint

I blogged previously about the Anyone Link in SharePoint and OneDrive. It is a convenient way for users to share content (files, folders, list items) since the recipient does not need to authenticate to access shared documents and list items, thus reducing friction. However, this also opens up a security risk as you never really know who clicked and looked at the content or even modified it.

expiration and permissions options for Anyone links

In that same article, I did provide a few tips on how users can add “additional security mechanisms” on Anyone Link when sharing. However, the problem with that approach is that we are relying on end-users to do so.

In today’s article, I would like to share a few ways SharePoint Administrators can “secure” those Anyone Links from the SharePoint Admin Center by altering expiration and permissions options for Anyone links.

Step 1: Disable Anyone Links

Default Settings

By default, at the tenant level, Anyone links are allowed in SharePoint and OneDrive for Business.

This allows anonymous sharing of content from OneDrive for Business, which is just a personal user’s drive. However, in SharePoint, at the Site level, the default is set to Authenticated sharing.

If you want to allow Anonymous Sharing (Anyone Links) at the site level, you must explicitly configure it for every site within the SharePoint Admin Center.

expiration and permissions options for Anyone links

Disable Anonymous links

If you want to totally prevent any possibility of anonymous sharing for any SharePoint site or OneDrive for Business, you would need to disable it at the tenant level. Here is how to achieve this.

  1. Click on App Launcher > Admin
  2. Under Admin centers, click SharePoint
  3. Under Policies, click Sharing
  4. Drag the toggle from the top position (Anyone), one step down to New and existing guestsexpiration and permissions options for Anyone links
  5. This will set the toggle as shown below and will disable Anonymous sharing for both SharePoint and OneDrive. Click Save at the bottom of the page to save the settings.expiration and permissions options for Anyone links

Step 2: Configure expiration and permissions options for Anyone links

If you decide to allow Anyone Links (essentially leaving the defaults in place), you can add additional security and configure the behavior of those links from within the SharePoint Admin Center. Here is what you can do.

Expire anonymous links

This setting will allow you to expire anonymous links after a certain number of days, so that guests (anonymous users) lose access to the content after that.

  1. On that same Sharing settings page, scroll down to the bottom of the page, and under Choose expiration and permissions options for Anyone links, check the box next to These links must expire within this many daysexpiration and permissions options for Anyone links
  2. Set the number of days and click the Save button (as in the image above)

Set View or Edit permissions for anonymous links

This setting will allow you to limit what anonymous users can do when files and folders are shared with them. By default, when users share files and folders externally using the Anyone link, they can choose between View and Edit link options. You can prevent the ability for users to select the Edit option, essentially making Anonymous links view only. This setting can be set on both files and folders.

  1. Filesexpiration and permissions options for Anyone links
  2. Foldersexpiration and permissions options for Anyone links
  3. Don’t forget to click Save at the bottom of the page to save the settings.