Share via

Sharepoint Site Custom permissions

Keevan Cochrane 0 Reputation points
2026-03-10T15:15:23.2166667+00:00

Hi all,

I’m experiencing a Microsoft Teams / SharePoint external sharing issue.

Scenario

  • Microsoft 365 tenant with external sharing enabled at:
    • Org level
    • SharePoint site level

What’s happening

  • When users attempts to share:
    • External users cannot be added
  • No obvious error messages are shown.

    Permissions detail

    The affected users:
    • Are members of the Team
    • Have a custom SharePoint permission level (not Full Control / Edit)
    • The custom permission is derived from Contribute, with the following excluded:
      • Manage Personal Views
      • Add Personal Views
      • Delete Personal Views
    On some folders:
    • The Teams UI shows the user as an Owner
    • Advanced SharePoint permissions show the correct custom permission level
    • Inheritance is enabled where expected

What I’ve already checked

External sharing enabled at tenant and site level , External users not blocked by policy , Affected user can edit files internally without issue , Permissions look correct in SharePoint “Advanced permissions”

What I’m trying to understand

  1. Does external sharing require specific SharePoint permissions (e.g. “Share” / “Manage Access”), even if Edit is granted?
  2. Could Teams showing a user as Owner conflict with underlying SharePoint custom permissions?
  3. Are there known issues where one user is blocked from sharing externally due to:
    • Legacy permission inheritance
      • Cached role assignments
        • Sharing policies applied per-user rather than per-site?
        1. Is Contribute vs Edit relevant for external sharing behaviour?

If anyone has run into this or can confirm the minimum required SharePoint permissions for external sharing in Teams, that would be massively appreciated.

Thanks in advance

Microsoft Teams | Microsoft Teams for business | Other
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ian-Ng 10,515 Reputation points Microsoft External Staff Moderator
    2026-03-10T18:21:47.1366667+00:00

    Hi @Keevan Cochrane,

    Welcome to the Microsoft Q&A forum.

    I understand that you are trying to enable members of your Team or SharePoint site to share files and folders with external users directly from the interface but are encountering a silent failure despite having sharing enabled at the tenant and site levels.

    The behavior you’re describing where sharing works internally but fails for external guests is usually a result of the underlying SharePoint security engine overriding the modern Teams interface. Here is a breakdown of why this is happening and how to address it.

    The core of the issue is that external sharing is technically an admin action. SharePoint requires the "Manage Permissions" right to invite a guest to a resource.

    • Your custom level is derived from "Contribute," which by design excludes the "Manage Permissions" right. Without this, a user can edit existing content but cannot grant access to a new identity outside your directory.
    • SharePoint’s Access Control List (ACL) is a source of truth. Even if the Teams UI labels a user as an "Owner," SharePoint only respects the specific permission level assigned to them in the site's advanced settings. If permissions were manually customized, it overrides the standard group sync that would normally grant a Team Owner full site rights.

    Regarding your concerns, I would like to clarify as follow:

    • Does sharing require specific permissions? Yes, the "Manage Permissions" right is the baseline for external invites. This is why the default "Edit" level works while "Contribute" fails.
    • Teams owner vs. SharePoint permissions: The SharePoint ACL will always win. Manual customization overrides the default Microsoft 365 Group roles.
    • Known issues (inheritance/lockdown): Broken inheritance on specific folders is a common culprit. Additionally, the Limited-access user permission lockdown mode site feature often blocks external sharing for users who do not have Full Control.
    • Contribute vs. edit: Edit includes the authority to manage permissions for files and folders and Contribute does not.

    Kindly follow these steps below and update me on the outcome

    • Modify the custom level: You can update your custom permission level to include the Manage Permissions right. This allows users to share externally without giving them Full Control of the site.
    • Check site-level features: Ensure that Limited-access user permission lockdown mode is deactivated in the Site Collection Features.
    • Enable access requests: In the site sharing settings, ensure "Allow access requests" is toggled ON. This allows users with restricted permissions to trigger a sharing request that a Site Owner can then approve, rather than the process simply failing.

    To help narrow this down, I suggest the following:

    • Test via SharePoint Web: Ask the user to attempt the share directly from the SharePoint web interface rather than through the Teams desktop app. This helps determine if the issue is a UI bug or a backend policy.
    • User comparison: Compare the settings of the affected user against a "known-good" user who can share successfully. This is the fastest way to identify if the block is user-specific (Security Groups) or site-specific.

    Hopefully, this clarifies the disconnect between the two platforms and helps you get your external collaboration back on track.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.