SharePoint access permission is most important for site data security. If your organization has multiple teams then you have to create the multiple team site and provide the access permission for the appropriate team site. By default, SharePoint has many permission groups, also if you create the new site it will be added to the Site Owner, Site Member, and Site visitor groups will be added by default.
If we would like to add the member then we can appropriate groups to provide the access permission.
Permission Level
SharePoint has various permission level by default:
Full Control:
This permission level has full control of the SharePoint site. Such as Add, Edit and Delete the SharePoint sites
Design:
This permission level can View, Add, Edit, Delete and customize the SharePoint Pages
Edit:
This permission level can View, Add, Edit and delete the list and libraries and documents
Contribute:
This permission level can View, Add, Edit and delete the list and libraries items
Read:
This permission level can View, Add, Edit and delete the list and libraries items.
How to Add User permission
If you would like to add the user permission for the SharePoint Site, Go to Site Settings and click on the Site permissions under User and Permissions section.
Here default SharePoint groups displayed. You have to click on the Grant Permissions button it will be open the Share Site popup window. Enter the name as you would like to add the users, you can also add the external user apart from your organization. After you have to enable “Send email notification” and select the permission level and click to share. The user will be received the email for the site URL and click on the link to access the SharePoint site.
How to Add External User Permission
- Open the SharePoint site what you would like to provide the external user permission
- Go Settings -> Site permission
- Click on the Advanced permission settings
- In the PERMISSIONS Tab click on the Grant Permissions button
- It will be open the Share site Popup Window.
- In the Invite, people tab enter the external user email and select a permission level as Contribute permissions
- An email will send to the external user. Please be noted sometimes the email will be sent to the Junk or SPAM folder. If the user clicks on the link it will prompt to sign in with:
• Microsoft Account (ex: live.com, hotmail.com, outlook.com)
• A Work account (Office 365) in Azure AD from another organization
If they don’t have either account, then they need to create a new Microsoft account (ex: live.com, Hotmail.com, outlook.com)
Example: If the user email is Gmail or Custom domain email, they will create a New Microsoft account. After that Microsoft account linked to Gmail or custom domain, so they can log in with Gmail, but they need to use the Microsoft account password.
Please be noted External user received the email link will be work one time only for security reasons. After that, it will be expired. If they click on the link one more time, there will be error that occurred.