SharePoint Online: PowerShell to Grant Site Permissions to User

Requirement: Grant permissions to a SharePoint Online site using PowerShell

How to Grant Access to a SharePoint Online Site?

When working with SharePoint Online, a common task is to add users to the site. This can be done in a few simple steps, which we will walk you through below. In SharePoint Online modern sites, the default granularity options for accessing SharePoint content are as follows:

  • Full Control, which is granted to Owners
  • Edit, which is granted to Members
  • Read, which is granted to Visitors (guests).

Follow these steps to provide access to any SharePoint Online site:

  1. Navigate to your SharePoint Online site, click on “Settings” gear, and then click on the “Site Permissions” link in the settings menu. 1.add user to site sharepoint online
  2. Click on the “Share Site” Button on the permissions pane.provide permission to sharepoint online
  3. Type the user name and select the user to grant access.grant access to user in sharepoint onine
  4. Select the permission level, such as “Read”. Set the option “Send Email” to send out an email to the user or not. Optionally, you can add a message. Grant Site Permissions in sharepoint online
  5. Click on Add to complete.

In the Group connected sites, You’ll see “Invite People” under the site permissions page with options to “Add members to group” and “Share site only”.

grant access to group connected site in sharepoint online

SharePoint Online: PowerShell to Set Site Permissions

Let’s use PowerShell to grant access to SharePoint Online. The below PowerShell script adds users to the site with “Contribute” permissions directly.

#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"
#Variables for Processing
$SiteURL = ""
$UserAccount = "[email protected]"
$PermissionLevel = "Contribute"

#Setup Credentials to connect
$Cred = Get-Credential

Try {
    #Setup the context
    $Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
    $Ctx.Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.UserName,$Cred.Password)
    #Get the Web
    $Web = $Ctx.Web

    #Ensure the user

    #Get the Permission Level  
    $RoleDefinition = $web.RoleDefinitions.GetByName($PermissionLevel) 
    $RoleAssignment = New-Object Microsoft.SharePoint.Client.RoleDefinitionBindingCollection($Ctx)
    #Assign Role Assignment to User
    $Permissions = $Web.RoleAssignments.Add($User,$RoleAssignment) 
    Write-host  -f Green "User '$UserAccount' has been Granted with Access '$PermissionLevel'!"
Catch {
    write-host -f Red "Error:" $_.Exception.Message

PnP PowerShell to Grant Permission to User

We can provide permissions to the site directly without adding users to existing site groups. Here is the PnP PowerShell to add a user to a site in SharePoint Online:

$SiteURL = "" 
$UserAccount = "[email protected]"
$PermissionLevel = "Contribute"

#Connect to PnP Online
Connect-PnPOnline -Url $SiteURL -Interactive    

#grant access to sharepoint online site with powershell
Set-PnPWebPermission -User $UserAccount -AddRole $PermissionLevel

This PowerShell adds permissions to SharePoint Online site.

To assign permission at a list or library level, user: How to Grant Permission to List or Library in SharePoint Online using PowerShell?

How to provide access to external users in SharePoint Online?

Assuming external sharing is enabled in your environment, To share a SharePoint site with an external user: Login to your SharePoint Online site >> Click on the “Share” button from the top-right section of the page. In the Share site pane, Enter the Emails of External users and click on the “Share” button at the bottom.
More info: Grant access to external users in SharePoint Online

How to restrict access to a folder in SharePoint online?

To limit access to a folder in SharePoint Online, follow these steps: Go to the document library, where the target folder is located. Click on “Manage access” from the context menu of the folder >> Click on the “Advanced” link >> Click on the “Stop Inhering Permissions”. To restrict access to the folder in SharePoint Online, select all the users in the folder permissions page and click on “Remove User Permissions”.
More info: Restrict access to a folder in SharePoint Online

How to give permission to document the library in SharePoint Online?

To grant permissions to a list or document library, Go to the settings page of the document library, click on “Permissions for this list/document library” and then stop inheriting permissions from its parent first. Now, click on the “Grant Permissions” button and enter names or email addresses to share the document library.
More info: Share a document library in SharePoint Online

How to remove unique permissions in SharePoint Online?

To reset permission inheritance for a list or library, browse to the list or library >> Click on Settings >> List / Library Settings. Click on the “Permissions For This List” and Click on Delete Unique Permissions.
More info: Reset SharePoint Online permissions to Default

Salaudeen Rajack

Salaudeen Rajack - SharePoint Expert with Two decades of SharePoint Experience. Love to Share my knowledge and experience with the SharePoint community, through real-time articles!

Leave a Reply

Your email address will not be published.