By 
This post “Enable or Set Item Level Permissions in SharePoint List or Document Library” will teach us how to set item level permissions in SharePoint list or document library in three ways 1) using the out-of-the box list advanced settings page 2) PnP PowerShell, and 3) using the unique manage permission level at the item level.
SharePoint Online, a powerful collaboration and document management platform by Microsoft, allows organizations to efficiently manage and share information within their teams. One crucial feature of SharePoint Online is the ability to control access to individual items within a list or document library through item level permissions. Item level permissions enable organizations to fine-tune who can view, edit, or delete specific items, enhancing security and data confidentiality. In this comprehensive guide, we will delve into the intricacies of setting item level permissions in SharePoint Online lists and document libraries.
Before getting into the article, let us understand what is Item Level permission in SharePoint.
Enable Item Level Permissions in SharePoint: Understanding of Item Level Permission in SharePoint Online
Item level permissions in SharePoint Online refer to the capability to control access to individual items (such as files, documents, or list items) within a SharePoint list or document library. Unlike traditional permissions at the list or library level, which apply uniformly to all items, item level permissions allow organizations to grant or restrict access at a granular level.
With item level permissions, administrators can specify who can view, edit, or delete a particular item, providing a higher degree of control and security. This feature is particularly useful when organizations need to share sensitive information while maintaining confidentiality and compliance with privacy regulations.
Approach 1: Using the Unique Manage Permissions Levels
We can manage item-level permissions using the Unique Permissions Level object in SharePoint Online.
Prerequisites
Before diving into setting item level permissions, ensure you have the appropriate permissions as a site owner or administrator. You must also have a SharePoint Online list or document library with existing items that require unique access control.
Step-by-Step Guide to Setting Item Level Permissions
Follow the below steps to set item-level permission in the SharePoint Online list or document library:
- Navigate to the SharePoint Site: Begin by accessing the SharePoint Online site where the target list or document library is located. You need appropriate permissions to access and modify settings for the specific site.
- Access the List or Document Library: Locate and click on the target list or document library where you want to configure item level permissions.
- Choose the Item for Which You Want to Set Permissions: Identify the specific item within the list or library for which you want to set unique permissions. Click on the item to select it.
- Open the Item Menu: Once you have selected the item, access the item menu. Depending on your SharePoint view, the menu might be represented by three dots (‘…’) or by right-clicking on the item.
- Select ‘Manage Permissions’: From the item menu, select the option that says ‘Manage Permissions.’ This will open the permissions management interface for the selected item.
- Configure Unique Permissions: Within the permissions management interface, you can add users or groups and assign appropriate permissions to the selected item. SharePoint offers several permission levels such as ‘Read,’ ‘Contribute,’ ‘Edit,’ and ‘Full Control.’ Choose the appropriate level based on the access you wish to grant.
- Add Users or Groups: To grant permissions to specific individuals or groups, click on ‘Grant Permissions.’ Enter the names or email addresses of the users or groups, and SharePoint will validate and allow you to assign the chosen permission level.
- Review and Save: Carefully review the permissions you’ve set for the item. Ensure they align with your security and access requirements. Click ‘Save’ or ‘Apply’ to finalize the changes.
Best Practices for Item Level Permissions
While setting up the item-level permission in SharePoint Online, we can follow the below best practices:
- Plan Carefully: Devise a thorough access control strategy and plan item level permissions before implementation to ensure a consistent and secure environment.
- Regularly Review Permissions: Conduct periodic reviews of item level permissions to ensure they align with organizational changes and security policies.
- Document Permissions: Maintain documentation that outlines the permissions assigned to each item, aiding in auditing and compliance efforts.
- Leverage SharePoint Groups: Assign permissions to SharePoint groups instead of individual users for easier management and scalability.
- Train Users: Educate users on the importance of item level permissions and responsible access to sensitive data.
By effectively implementing item level permissions in SharePoint Online, organizations can maximize collaboration, safeguard sensitive information, and maintain compliance with privacy regulations. Understanding the steps involved and adhering to best practices ensures a secure and efficient SharePoint environment for your team.
Note:
- A well-structured permissions strategy is crucial for ensuring the right balance between collaboration and data security within your organization. Happy SharePoint administering!
Approach 2: Using the Out-of-the box List Advanced Settings Page
To set item-level permission in the SharePoint List or Document Library using the out-of-the box list advanced settings page, follow the below steps:
Enable Item Level Permissions in SharePoint list step by step
Go to the list setting page -> Click on Advanced Settings
Item-Level Permissions: By default settings will be as below:
- Read all items
- Create and edit all items
Change the above Item-Level Permissions settings as below:
- Read items that were created by the user.
- Create items and edit items that were created by the user.
Notes:
- Item level permission setting is not available both in the Document Library and Issue Tracking list, so you need to ensure your list is not a type of these two. Using the PowerShell script also we can enable item-level permission for the list, refer to the below PowerShell script.
- Check the permission level of the user on the site and list level. The Item-level permissions configuration is available to those users who have at least design level permission at the site and list level.
Approach 2: Using the PnP Power Shell script
To configure the item level permission in SharePoint Online List or Document Library using the PnP PowerShell, use the below script (refer to the below section).
Set Item Level Permissions in SharePoint list using PnP PowerShell -SharePoint List Item level permissions missing
Using the below PnP PowerShell script we can set item-level permissions in the SharePoint Online list:
####The below script is used to enable the item-level permission configuration in the SharePoint Online list#############
cls
$PSshell = Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorVariable err -ErrorAction SilentlyContinue
if($PSshell -eq $null)
{
Add-PSSnapin "Microsoft.SharePoint.PowerShell"
}
$fileName = "LogEnableItemLevelPermissioninSPOList"
#'yyyyMMddhhmm yyyyMMdd
$enddate = (Get-Date).tostring("yyyyMMddhhmmss")
#$filename = $enddate + '_VMReport.doc'
$logFileName = $fileName +"_"+ $enddate+"_Log.txt"
$invocation = (Get-Variable MyInvocation).Value
$directoryPath = Split-Path $invocation.MyCommand.Path
$directoryPathForLog=$directoryPath+"\"+"LogFiles"
if(!(Test-Path -path $directoryPathForLog))
{
New-Item -ItemType directory -Path $directoryPathForLog
#Write-Host "Please Provide Proper Log Path" -ForegroundColor Red
}
#$logPath = $directoryPath + "\" + $logFileName
$logPath = $directoryPathForLog + "\" + $logFileName
$isLogFileCreated = $False
function Write-Log([string]$logMsg)
{
if(!$isLogFileCreated){
Write-Host "Creating Log File..."
if(!(Test-Path -path $directoryPath))
{
Write-Host "Please Provide Proper Log Path" -ForegroundColor Red
}
else
{
$script:isLogFileCreated = $True
Write-Host "Log File ($logFileName) Created..."
[string]$logMessage = [System.String]::Format("[$(Get-Date)] - {0}", $logMsg)
Add-Content -Path $logPath -Value $logMessage
}
}
else
{
[string]$logMessage = [System.String]::Format("[$(Get-Date)] - {0}", $logMsg)
Add-Content -Path $logPath -Value $logMessage
}
}
#Paramaters area
$siteURL="https://globalsharepoint2020.sharepoint.com/" #Your Site URL should be here.
$userName = "YourSPOUser@YourSPOTenant.sharepoint.com" #Your user name should be here.
$passWord = "YourSPOPassword" #Your password should be here.
$encPassWord = convertto-securestring -String $passWord -AsPlainText -Force
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $userName, $encPassWord
$listName="Employee" #Your list name should be here.
#Paramaters area - Ends
try
{
Connect-PnPOnline -Url $siteURL -Credentials $cred
#Get the List
$objList = Get-PnPList $listName -Includes ReadSecurity
#Set List Item-Security
$objList.ReadSecurity = 2 #This indicates - Read items that were created by the user.
$objList.WriteSecurity = 2 #This indicates - Create items and edit items that were created by the user.
$objList.Update()
Invoke-PnPQuery
}
catch
{
$ErrorMessage = $_.Exception.Message +"in setting item-level permission in SPO list!:"
Write-Host $ErrorMessage -BackgroundColor Red
Write-Log $ErrorMessage
}
Note:
- With the administrator account above PnP PowerShell script should be executed.
- Using this article, we can learn how to set item-level permission in the SharePoint list using Power Automate: Power Automate[Detailed]: set item level permissions in SharePoint online step by step with HTTP request.
Summary: Enable Item Level Permissions in SharePoint List
Thus, in this article, we have learned the following with respect to item-level permissions in the SharePoint Online List or Document Library:
- What is item-level permission in SharePoint Online?
- How to enable item-level permissions in a SharePoint list or document library
- How to set item-level permission in SharePoint Online List or Document Library using three methods: Using unique Manage Permissions, the Out-of-the-Box List Advanced Settings page, and the PnP PowerShell script
- How to use item-level permissions in a SharePoint list
- Item-Level Permissions default settings.
See Also: SharePoint Online Tutorials
You may also like the following SharePoint Online tutorials:
- In 2 steps convert a classic SharePoint page to modern using PnP
- Office 365: Retrieve hub sites and associated sites using PnP Powershell
- Create a modern team site using PnP PowerShell in SharePoint
- In 4 steps access SharePoint online data using postman tool
- SharePoint admin center: Learn SharePoint online administration in an hour – step by step
- SharePoint REST API: GET vs POST vs PUT vs DELETE vs PATCH
- Office 365: Understanding the hub site in SharePoint online
- User permissions and permission levels in SharePoint Server
Download SharePoint Online & Office 365 Administration eBook
Buy the premium version of SharePoint Online & Office 365 administration eBook from here:
Get the free demo PDF eBook from here:
Send download link to:
About Post Author
