SharePoint Online: PowerShell to Grant Site Permissions to User
Requirement: Grant permissions to a SharePoint Online site using PowerShell
How to Grant Access to a SharePoint Online Site?
When working with SharePoint Online, a common task is to add users to the site. This can be done in a few simple steps, which we will walk you through below. In SharePoint Online modern sites, the default granularity options for accessing SharePoint content are as follows:
- Full Control, which is granted to Owners
- Edit, which is granted to Members
- Read, which is granted to Visitors (guests).
Follow these steps to provide access to any SharePoint Online site:
- Navigate to your SharePoint Online site, click on “Settings” gear, and then click on the “Site Permissions” link in the settings menu.
- Click on the “Share Site” Button on the permissions pane.
- Type the user name and select the user to grant access.
- Select the permission level, such as “Read”. Set the option “Send Email” to send out an email to the user or not. Optionally, you can add a message.
- Click on Add to complete.
In the Group connected sites, You’ll see “Invite People” under the site permissions page with options to “Add members to group” and “Share site only”.
SharePoint Online: PowerShell to Set Site Permissions
Let’s use PowerShell to grant access to SharePoint Online. The below PowerShell script adds users to the site with “Contribute” permissions directly.
#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"
#Variables for Processing
$SiteURL = "https://crescent.sharepoint.com/Sites/warehouse"
$UserAccount = "[email protected]"
$PermissionLevel = "Contribute"
#Setup Credentials to connect
$Cred = Get-Credential
Try {
#Setup the context
$Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
$Ctx.Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.UserName,$Cred.Password)
#Get the Web
$Web = $Ctx.Web
$Ctx.Load($Web)
$Ctx.ExecuteQuery()
#Ensure the user
$User=$web.EnsureUser($UserAccount)
$Ctx.Load($User)
$Ctx.ExecuteQuery()
#Get the Permission Level
$RoleDefinition = $web.RoleDefinitions.GetByName($PermissionLevel)
$RoleAssignment = New-Object Microsoft.SharePoint.Client.RoleDefinitionBindingCollection($Ctx)
$RoleAssignment.Add($RoleDefinition)
#Assign Role Assignment to User
$Permissions = $Web.RoleAssignments.Add($User,$RoleAssignment)
$Web.Update()
$Ctx.ExecuteQuery()
Write-host -f Green "User '$UserAccount' has been Granted with Access '$PermissionLevel'!"
}
Catch {
write-host -f Red "Error:" $_.Exception.Message
}
PnP PowerShell to Grant Permission to User
We can provide permissions to the site directly without adding users to existing site groups. Here is the PnP PowerShell to add a user to a site in SharePoint Online:
#Parameters
$SiteURL = "https://crescent.sharepoint.com/sites/Warehouse"
$UserAccount = "[email protected]"
$PermissionLevel = "Contribute"
#Connect to PnP Online
Connect-PnPOnline -Url $SiteURL -Interactive
#grant access to sharepoint online site with powershell
Set-PnPWebPermission -User $UserAccount -AddRole $PermissionLevel
This PowerShell adds permissions to SharePoint Online site.
To assign permission at a list or library level, user: How to Grant Permission to List or Library in SharePoint Online using PowerShell?
