Share via

Security Considerations - enabling "File request" in SharePoint

Manoj 0 Reputation points
2024-05-13T08:43:10.64+00:00

What would be the Security Considerations for enabling "File request" feature in SharePoint?

We have already enabled anonymous links option in Sharepoint online for the tenant and sharing settings are most permissive, still I'd like to understand what should be considered before enabling this in a tenant.

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
3,971 questions
SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
9,872 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Haoyan Xue_MSFT 20,906 Reputation points Microsoft Vendor
    2024-05-14T02:27:22.35+00:00

    Hi @Manoj ,

    Thank you for posting in this comunity.

    Steps to Enable Request Files for SharePoint Online:

    1. Check if you have enabled Anyone links at the tenant level for SharePoint sites.
    2. Ensure folder permissions are set to View, edit and upload. Screenshot for folder permissions settings.
    3. Check CoreRequestFilesLinkEnabled is set correctly via SharePoint Online Management Shell.
      • Run Get-SPOTenant.
      • Check if CoreRequestFilesLinkEnabled is set to True. If it isn't set to True, run Set-SPOTenant -CoreRequestFIlesLinkEnabled $True.
      • If this is set to True, Request files link on the core partition for all SharePoint sites is enabled (not including OneDrive sites). If this value isn't set, Request files will only show for OneDrive with Anyone links enabled.
    4. You can also set the RequestFilesLink Expiration by using Set-SPOTenant -CoreRequestFilesLinkExpirationInDays (Optional).

    Reference:https://learn.microsoft.com/en-us/sharepoint/enable-file-requests#enable-or-disable-request-files-for-sharepoint

    With Anyone Link enabled, external users can access files via an anonymous link. Remember to strike a balance between collaboration and security. Adapt to the needs of the organization at each stage.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.