Share via

Exports users having access

Rising Flight 6,456 Reputation points
2026-03-30T07:10:59.7166667+00:00

Hi All,

I have a SharePoint site lets say : https://contoso.sharepoint.com/sites/mk1

I would like to retrieve a list of all users who have access to this site, including both internal (domain) users and guest/external users.

Additionally, is it possible to identify which users have been granted access via sharing links (e.g., anonymous or specific-user links)? Please guide me how to fetch this information.

Microsoft 365 and Office | SharePoint | For business | Other
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Nam-D 3,865 Reputation points Microsoft External Staff Moderator
    2026-03-30T14:46:25.54+00:00

    Hello @Rising Flight

    Regarding the concern about the export permission on the SharePoint site, I would like to inform you that I will need additional time to continue my review and testing.

    At the moment, I am reviewing the script in detail and actively testing it in order to validate the behavior and identify any potential gaps or limitations related to export permissions. I want to ensure that the results I provide are accurate and based on thorough testing across the relevant scenarios, rather than preliminary findings.

    I am continuing this work on my side and will share an update once the testing is completed and I have clearer observations to report within 48 hours. Thank you for your patience and understanding while I complete this review.

    Please let me know if there is any urgent requirement or additional context that I should take into consideration during my testing.

    Was this answer helpful?

  2. AI answer

    2026-03-30T07:11:15.9766667+00:00

    To get all users (internal and guest) who can access a SharePoint site and to understand access via sharing links, use Data access governance reports and the site-level sharing report.

    1. Run a site permissions snapshot report for users
      • Use the Site permissions for users snapshot report (part of SharePoint Advanced Management) to list all sites a user can access and whether access is at site level or only to specific items.
      • Trigger the report with PowerShell for one or more users: 
             Start-SPODataAccessGovernanceInsight \
       -ReportEntity PermissionsReport \
       -ReportType Snapshot \
       -Workload SharePoint \
       -Name "UserSharePointReport" \
       -UserEmailList "******@contoso.com","******@contoso.com"
        Note: -UserEmailList expects user principal names.
      • After generation, download the site permissions for users report. For each user it shows:
        • Site URL, Site Name, Site Template
        • Whether the site is shared with the user (Is site shared)
        • Counts of items with direct and indirect access
        • User principal name, display name, and more.
      • Filter the CSV by Site URL = https://contoso.sharepoint.com/sites/mk1 to see all users who have any access to that site (site-level or item-level).
    2. Understand who can access via sharing links
      • To see sharing-link activity at scale, use Sharing links activity reports (Data access governance activity reports). These show sites with the highest number of:
        • "Anyone" links (anonymous links)
        • "People in the organization" links
        • "Specific people" links shared externally
      • Run these reports to identify whether the mk1 site is heavily using anonymous or specific-people links and to assess oversharing risk.
    3. Get per-item sharing details in the site
      • At the site level, use the file and folder sharing report for that site. The CSV contains one row per user/item combination for direct access and one row per user/link combination for link-based access.
      • Columns include:
        • Resource Path – item URL within the site
        • Item Type – web, folder, file, etc.
        • Permission – permission level on the item
        • User Name, User E-mail
        • User or Group Type – Member (internal), Guest (external), SharePoint group, Security group, Microsoft 365 group
        • User Name = SharingLink when the row represents a link
        • Link Type – Anonymous, Organization, Specific People
        • AccessViaLinkID – shows which link granted access
      • Use this report to:
        • List all internal and guest users with direct access to items in the mk1 site.
        • Identify which users are accessing items via Anonymous, Organization, or Specific people links.
    4. Consider broad groups like “Everyone except external users”
      • Microsoft 365 automatically creates a security group Everyone except external users and grants it Member access in SharePoint team sites by default.
      • This means all internal users in the directory may have edit access unless this default is changed. External guests are not part of this group.
      • When reviewing access, account for this group as it implies broad internal access even if individual users are not listed explicitly.

    By combining:

    • The site permissions for users snapshot report (filtered to the mk1 site),
    • The file and folder sharing report for that site, and
    • The sharing links activity reports,

    it is possible to enumerate all users (internal and guest) who can access the site or its content and see who is granted access via anonymous or specific-people sharing links.

    References:

    AI-generated content may be incorrect. Read our transparency notes for more information.

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.