SharePoint Diary » Permission » External Sharing » How to Enable External Sharing in SharePoint Online?

How to Enable External Sharing in SharePoint Online?

February 26, 2022 Salaudeen Rajack 0 Comments activate external sharing sharepoint online, allow external sharing sharepoint online, enable external sharing for sharepoint online, enable external sharing in sharepoint online using powershell, enable external sharing on sharepoint online site, how to enable external sharing for sharepoint online site

Requirement: Enable external sharing in SharePoint Online using PowerShell.

SharePoint Online allows you to collaboratively share your content with external users such as vendors, clients, customers, etc. To enable external sharing, you should turn on external sharing both on the tenant level and at the site collection level. External Sharing settings in SharePoint Online offers the below options:

Only people in your organization – Disable external sharing!
Existing guests – Allow sharing only with the external users that already exist in your organization’s directory.
New and existing guests – Allow external users who accept sharing invitations and sign in as authenticated users.
Anyone – Allow sharing with all external users, and by using anonymous access links.

To turn on external sharing in SharePoint Online, follow these steps:

Open SharePoint Online Admin Center (Typically: https://<tenant>-admin.sharepoint.com)
Click on Policies >> Sharing in the left navigation
Under “External sharing” settings, set the sharing option to “New and existing guests” for better security.
Click on “OK” button in the bottom to save your changes.

That’s all! External Sharing is now turned on. There are additional settings on the Sharing page such as Default link type, Limit external sharing using domains, External users must accept sharing invitations using the same account that the invitations were sent to, etc., which are self-explanatory.

We can allow external sharing in SharePoint Online using PowerShell as well. Here is how to configure sharing capabilities in SharePoint Online using PowerShell:

To enable external sharing in SharePoint Online using PowerShell, use the below script:

#Set Admin Center URL
$AdminCenterURL = "https://crescent-admin.sharepoint.com/"

#Connect to SharePoint Online
Connect-SPOService -url $AdminCenterURL -Credential (Get-Credential)

#sharepoint online enable external sharing powershell
Set-SPOTenant -SharingCapability ExternalUserSharingOnly # Disabled, ExistingExternalUserSharingOnly, ExternalUserSharingOnly, ExternalUserAndGuestSharing

The PnP PowerShell version of the above script would be:

#Parameters
$TenantAdminURL = "https://crescent-admin.sharepoint.com"
 
#Connect to Tenant Admin Site
Connect-PnPOnline -url $TenantAdminURL -Interactive
 
#Enable External Sharing for the Tenant to - Anyone
Set-PnPTenant -SharingCapability ExternalUserAndGuestSharing

You can also enable external sharing settings at the tenant level. Here is how to turn ON external sharing in SharePoint Online using PowerShell:

#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.Runtime.dll"
Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.Online.SharePoint.Client.Tenant.dll"

#Variables for processing
$AdminCenterURL="https://crescent-admin.sharepoint.com"
$SharingCapability="ExternalUserSharingOnly"  # Disabled, ExistingExternalUserSharingOnly, ExternalUserSharingOnly, ExternalUserAndGuestSharing

#Get Credentials to connect
$Cred = Get-Credential

#Setup the Context
$Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($AdminSiteURL)
$Ctx.Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.Username, $Cred.Password)
  
#Get the tenant object 
$Tenant = New-Object Microsoft.Online.SharePoint.TenantAdministration.Tenant($Ctx)
  
#Set Sharing capability of the tenant
$Tenant.SharingCapability= [Microsoft.Online.SharePoint.TenantManagement.SharingCapabilities]::$SharingCapability
$Ctx.ExecuteQuery()

Write-host "Sharing Settings updated!"

Let us set External Sharing to allow guest users and anonymous links:

#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.SharePoint.Client.Runtime.dll"
Add-Type -Path "C:\Program Files\SharePoint Online Management Shell\Microsoft.Online.SharePoint.PowerShell\Microsoft.Online.SharePoint.Client.Tenant.dll"

#Parameters
$AdminSiteURL="https://crescent-admin.sharepoint.com"
$SharingCapability="ExternalUserAndGuestSharing"
$DaysToExpire = 7
$LinkType="View"  #Edit, View or None
$FolderLinkType="Edit" # View or Edit or None

#Get Credentials to connect
$Cred= Get-Credential

Try {
    #Setup the context
    $Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($AdminSiteURL)
    $Ctx.Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.Username, $Cred.Password)

    #Get the Tenant
    $Tenant= New-Object Microsoft.Online.SharePoint.TenantAdministration.Tenant($Ctx)
    $Ctx.Load($Tenant)
    $Ctx.ExecuteQuery()

    #Set Tenant Sharing Settings
    $Tenant.SharingCapability= [Microsoft.Online.SharePoint.TenantManagement.SharingCapabilities]::$SharingCapability
    $Tenant.RequireAnonymousLinksExpireInDays= $DaysToExpire
    $Tenant.FileAnonymousLinkType=[Microsoft.SharePoint.Client.AnonymousLinkType]::$LinkType
    $Tenant.FolderAnonymousLinkType=[Microsoft.SharePoint.Client.AnonymousLinkType]$FolderLinkType
    $Ctx.ExecuteQuery()

    Write-host "Tenant Sharing Settings Updated Successfully!'" -f Green
}
Catch {
    write-host -f Red "Error:" $_.Exception.Message
}

This results following settings in the SharePoint Online tenant.

enable external sharing in sharepoint online using powershell

Turning ON External sharing at the tenant level doesn’t automatically turn ON Sharing capabilities at all underlying site collections! We need to enable sharing at each individual SharePoint Online site collection. You can set the sharing settings for any site collection from the SharePoint Admin Center. To allow external sharing at the site collection level using the new SharePoint Online admin center, follow these steps:

Go to SharePoint Online Admin Center >> Select the desired Site collection from the list
Click on “Sharing” button >> Set the sharing settings appropriately, such as “New and existing external users”. Click on “Save” to commit your changes.

Please note, the site collection’s sharing setting must be less permissive than your tenant settings!

To activate external sharing for SharePoint Online site collection, use this PowerShell script.

#Variables for Admin Center & Site Collection URL
$AdminCenterURL = "https://crescent-admin.sharepoint.com/"
$SiteCollURL="https://crescent.sharepoint.com/Sites/Sales"

#Connect to SharePoint Online
Connect-SPOService -url $AdminCenterURL -Credential (Get-Credential)

#Enable external sharing for the site collection
Set-SPOSite -Identity $SiteCollURL -SharingCapability ExternalUserSharingOnly

#Other Options: Disabled, ExistingExternalUserSharingOnly, ExternalUserSharingOnly, ExternalUserAndGuestSharing

Enable External Users in SharePoint Online using PnP PowerShell

To enable external sharing in SharePoint Online site collection, use this PnP PowerShell:

#Parameters
$TenantAdminURL = "https://crescent-admin.sharepoint.com"
$SiteURL = "https://crescent.sharepoint.com/sites/marketing"

#Connect to Tenant Admin Site
Connect-PnPOnline -url $TenantAdminURL -Interactive

#Enable External Sharing for Existing AD Users (Including Guest users!)
Set-PnPTenantSite -Url $SiteURL -SharingCapability ExistingExternalUserSharingOnly

This script turns on external sharing in SharePoint Online and sets the sharing option as same as the above screenshot! Running this command will enable external user and guest sharing in an SPO site collection, and you can verify that in the 1st screenshot in this article. To get the list of all SharePoint Online Sites where sharing capability has been enabled:

Get-SPOSite | Where {$_.SharingCapability -ne "Disabled"}

Here is another post to disable external sharing: SharePoint Online: PowerShell to Disable External Sharing

Salaudeen Rajack

Salaudeen Rajack is a SharePoint Architect with Two decades of SharePoint Experience. He loves sharing his knowledge and experiences with the SharePoint community, through his real-world articles!

SharePoint Diary

Salaudeen Rajack

Leave a Reply Cancel reply

Switch between Document Libraries with Document Library Dropdown Menu in SharePoint Online and OneDrive

Hide a Button in SharePoint Online List or document library Toolbar

SharePoint Online: Switch Navigation to Horizontal or Vertical

SharePoint Online: How to Enable Global Navigation using App Bar?

How to Connect to Exchange Online using PowerShell?

How to Copy Permissions from One Folder to Another in SharePoint Online using PowerShell?

Microsoft Teams: How to Enable Guest User Access?

How to Copy User Permissions in SharePoint Online using PowerShell?

How to Bulk Invite Guest Users to Azure AD?

SharePoint Online: How to Change the Author in Modern Page?