Configuring Default Sharing Links in SharePoint: Ensuring 'Specific People' Access
Introduction
Updating the default sharing link from the User Interface at both the site level and tenant level to Specific People (only the people the user specifies) might not work always as expected. This issue could be due to the outdated setting DefaultSharingLinkType being updated behind the scenes.
I tested this on a Team site by updating the default sharing setting from the SharePoint Admin Centre to “People you choose”. However, the default sharing link for new sharing links did not reflect this setting.
Site
Default Sharing link
Upon investigating the browser network trace, I noticed that the DefaultSharingLinkType setting was being set instead of the new DefaultShareLinkScope setting.
The new setting DefaultShareLinkScope can only be set via PowerShell.
The mapping between the two settings is as follows:
| DefaultSharingLinkType | DefaultShareLinkScope | Description |
|---|---|---|
| None | Uninitialized | Respect the organization default sharing link type |
| Direct | SpecificPeople | Sets the default sharing link for this site to the Specific people link |
| Internal | Organization | Sets the default sharing link for this site to the organization link or company shareable link |
| AnonymousAccess | Anyone | Sets the default sharing link for this site to an Anonymous Access or Anyone link |
To update the default sharing link using PowerShell, use the following commands:
set-pnptenantsite -url https://reshmeeauckloo.sharepoint.com/teams/company1 -DefaultShareLinkScope SpecificPeople
#read the tenant site settings
get-pnptenantsite -url https://reshmeeauckloo.sharepoint.com/teams/company1 | select DefaultShareLinkScope,DefaultSharingLinkType
After running the script, the default sharing link is set correctly to People you choose.
People with Existing Access
People with Existing Access is a more restrictive site-level setting. The DefaultLinkToExistingAccess setting is still valid, and changes to People with Existing Access from the UI can easily be tested. It overrides the DefaultShareLinkScope setting and is set as default when configured. This is the preferred default sharing link setting to avoid unnecessary sharing links being created.
Tenant
Similarly, at the tenant level, the deprecated DefaultSharingLinkType setting is being set from the UI and might not set the default sharing link at the SharePoint or OneDrive for each file.
From the network trace, the payload sent to update the deprecated DefaultSharingLinkType setting instead of the newer settings was observed.
The new tenant level settings are CoreDefaultShareLinkScope and OneDriveDefaultShareLinkScope
set-pnptenant -CoreDefaultShareLinkScope SpecificPeople -OneDriveDefaultShareLinkScope SpecificPeople
After updating the tenant level settings for CoreDefaultShareLinkScope and OneDriveDefaultShareLinkScope to SpecificPeople, the default sharing link within OneDrive and SharePoint site is People you choose
Conclusion
Until Microsoft updates these settings update, you might need to rely on PowerShell to set the new default sharing link and default sharing role settings at both the site and tenant levels to ensure reliable outcome.