Microsoft 365 security

SharePoint Online’s Shared With column: Explained and demystified

SharePoint Online allows you to modify the document library by adding additional fields to expand the view for the library. One of these is called “Shared With.” If you wonder what it shows, look no further: here is a detailed explanation.

Using the Shared With field functionality, do you think you will be able to see which users can access a document? Well, no, not everyone.

export-shared-02

The Shared With field in SharePoint Online is closely related to the document-sharing functionality. From what we gathered, Shared With field is populated when an email address is explicitly provided during sharing (except for ‘People with existing access’, for whom Shared With is not populated).

If the resulting sharing link (for anonymous links or organization links) is used by a third user, it will not show up in the Shared With column. If you just use the copy link functionality and send the link via, e.g., Slack, then again, this user will not show up in the Shared With field. However, in both of these cases, they will still show up in the Permission details for the created link.

Shared With field

shared with field

From the screenshot above, it is clear that Adele used the organization sharing link, but she is nowhere to be found in the Sharing With field. So, if your want to see which internal users were sent a link to a document through the built-in mail functionality, then yes, Shared With is what you are looking for. If you are trying to identify all the users who have used the sharing link and can access the document, then no, this field does not provide enough information. And, of course, there is a problem since anonymous and organizational links can be freely shared. This means that a document could potentially be shared with anybody, but this will not be reflected in the Shared With field.

Moreover, for external users, there is an additional condition for them to show up in this field. They will be present there when they have an associated external account in your organization’s Azure Active Directory.

For reference, here is a handy table that shows how Shared With is populated when you specify an email address in the share functionality.

shared with column

The Shared With field will also be populated when you grant permissions on the advanced permissions page. However, if you remove the permissions for a user or group with whom you previously shared a document, the user or group will still be displayed in the Shared With column.

2024 deep dive into the Shared With column

In 2024, I revisited this topic and found out that originally, Microsoft stated that this was by design, as evidenced by this GitHub commit. Then, they admitted that it was a known issue. Then, in 2023 they basically gave up on the column with plans to stop any updates to its content. And if we take a closer look at it today, you will find that they simply recommend hiding the column. The point is that not even Microsoft can be trusted to know and update all permission information.

The final word on Shared With field and Shared with column

In conclusion, the Shared With field was probably populated through an event receiver when a user makes an effort to share a file, but it does not in any way reflect which users actually have access to the file, especially now that Microsoft has given up on this column.

Security is crucial. With all the sharing options, your Microsoft 365 environment can easily become vulnerable. Syskit Point can easily detect external users throughout an environment. It can pinpoint externally shared content down to individual items. It will help you to stop the wrong people from getting access to your highly sensitive information and ensure your environment maintains its compliance with your organization’s governance policies.

Subscribe to our Newsletter

Related Posts