Skip to main content

Enhancing Access Control and Security with SharePoint Custom Permissions

The foundation for an organization's ability to successfully store, organize, and exchange information is SharePoint, Microsoft's feature-rich collaboration platform. Access to features and content is controlled via a permissions system that is essential to SharePoint's functionality. While SharePoint has default permission levels, businesses frequently need more granular access control. In-depth examination of SharePoint custom permissions is done in this blog post, along with an examination of their value and range of uses for improving security and access control.

Here are several scenarios where I successfully achieved the desired results by implementing custom permissions:

How To Hide Site Contents In SharePoint Online:

we needed to create a special permission. To do this, we copied all the permissions from the "Contribute" permission level, except for one called "View application pages." By doing this, users can do almost everything that "Contribute" allows, but they won't be able to see the site content or other application pages.

How to Set Permissions to add but not delete in SharePoint:

In this situation, our goal is to let users add and edit items without allowing them to delete. To make this happen, we designed a custom permission level. We took all the permissions from the "Contribute" permission level, except for two: "Delete Item" and "Delete Version." As a result, users can now add and edit items, but they no longer have the ability to delete them.

Conclusion

For businesses looking to maximize access control, data security, and governance inside their SharePoint environment, custom permissions in SharePoint are important. Organizations strengthen data security, uphold compliance standards, improve workflows, and promote safe collaboration while maintaining control over access rights by tailoring permissions to fit particular requirements. When properly utilized, SharePoint custom permissions improve the overall governance and security of SharePoint by ensuring that only the appropriate users have access to the appropriate content and functionalities. Utilize custom permissions to their fullest extent to maximize SharePoint's access control features.

Please refer: How to create custom permission level in SharePoint online

Comments

Post a Comment

Popular posts from this blog

SPFx Interview Questions With Answers

In this article, we are going to discuss interview questions related to the SPFx (SharePoint Framework Development ). It will help you to prepare for the interview and in getting clarity on the core concepts of SPFx development. What is SPFx? SPFx, short for SharePoint Framework,  SPFx  allows us for client-side SharePoint development, we can easily connect with SharePoint data and it also supports for open source tools. What is the major difference between SPFx web part and the SharePoint app? Both the development model supports client-side development but the major difference between these two is that the SharePoint app(add-in) runs on the iframe. What you can build with SPFx? Using SPFx framework we can customize the SharePoint pages. We can build things mentioned below using the SharePoint Framework(SPFx). Web parts, Extensions, Adaptive Card, Library Component How many types of extensions we can create using SPFx? SPFx has three extension types: Application Customizers: Using the

How to register an app in SharePoint

In this article, we are going to learn how to register an app/add-in in SharePoint online. If you have created a Sharepoint provider-hosted add-in or other SharePoint solution and to access the SharePoint site or list using the app/add-in you need to register the add-in on SharePoint and to grant permission. Register app in SharePoint 1. Login into SharePoint and Navigate to register an app page. Use the URL mentioned below:          [Sitecollection URL]/_layouts/15/appregnew.aspx 2.  Once you navigate to the Register app page, a form will open. You need to fill all the fields on the form. Client Id and Client Secret  generated when we click on the generate button available next to the fields.  Title : Name of the add-in which you want to give. App Domain : Where your domain is hosted, for the local environment you can place             "www.localhost.com". Do not include HTTP or HTTPS in App Domain. Redirect URL :  Insert the redirect URL, for t

Permission XML for SharePoint Add-in

In this article, we will be discussing the permission XMLs, which are used to provide permission to SharePoint add-in. Permission XML for the SharePoint app. You can set the App only permission, by setting "true" or "false" in  AllowAppOnlyPolicy=“true” in these permission XMLs.   If add-in granted permission to tenant scope, It includes all children in scope. Before granting access to the app, need to register an app. Follow this link for step by step guide to  How to register an app/add-in in SharePoint   Providing access to add-in at tenant level: To provide access at tenant level user must have the tenant admin level permission. To grant this permission tenant admin can use this URL   https://tenantName-admin.sharepoint.com/_layouts/appinv.aspx Search the App Id (Client ID) and it will fetch all the information which you provide at time of registration of app.   Assign full control at tenant level : <AppPermissionRequests AllowAppOnlyPolicy="true&quo