[GH-ISSUE #4675] [Feature Request]: Option to configure the view/edit permissions in the CIPP standard "Using the Set Default Sharing Link Settings"

kerem commented

2026-03-02 13:50:10 +03:00

Owner

Originally created by @MoreThanJustBV on GitHub (Sep 23, 2025).
Original GitHub issue: https://github.com/KelvinTegelaar/CIPP/issues/4675

Originally assigned to: @PeterVive on GitHub.

Please confirm:

I have searched existing feature requests (open and closed) and found no duplicates.
**me or my organization is currently an active sponsor of the product at the $99,- level.

Problem Statement

Currently, when you activate the CIPP standard "Using the Set Default Sharing Link Settings", you will be able to configure the Default Sharing Link Type. But it will also configure the permissions to "View".

Putting the permissions to view, will also have an effect when people send a file to each other through the Teams chat.
For them it is very annoying that doing so breaks the option to work together in one file, shared in the chat.

It would be great if we can configure the permission level ourselves.

Benefits for MSPs

It will give more flexibility to MSP's and their customers, to configure the default sharing link, but with the permissions which will fit best in the situation.

Value or Importance

We will get rid of complains from our customers.

PowerShell Commands (Optional)

No response

Originally created by @MoreThanJustBV on GitHub (Sep 23, 2025). Original GitHub issue: https://github.com/KelvinTegelaar/CIPP/issues/4675 Originally assigned to: @PeterVive on GitHub. ### Please confirm: - [x] **I have searched existing feature requests** (open and closed) and found no duplicates. - [x] **me or my organization is currently an active sponsor of the product at the $99,- level. ### Problem Statement Currently, when you activate the CIPP standard "Using the Set Default Sharing Link Settings", you will be able to configure the Default Sharing Link Type. But it will also configure the permissions to "View". Putting the permissions to view, will also have an effect when people send a file to each other through the Teams chat. For them it is very annoying that doing so breaks the option to work together in one file, shared in the chat. It would be great if we can configure the permission level ourselves. ### Benefits for MSPs It will give more flexibility to MSP's and their customers, to configure the default sharing link, but with the permissions which will fit best in the situation. ### Value or Importance We will get rid of complains from our customers. ### PowerShell Commands (Optional) _No response_

kerem

2026-03-02 13:50:10 +03:00

closed this issue
added the
enhancement

no-priority

no-activity

not-assigned
labels

kerem commented

2026-03-02 13:50:11 +03:00

Author

Owner

@github-actions[bot] commented on GitHub (Oct 3, 2025):

This issue is stale because it has been open 10 days with no activity. We will close this issue soon. If you want this feature implemented you can contribute it. See: https://docs.cipp.app/dev-documentation/contributing-to-the-code . Please notify the team if you are working on this yourself.

@github-actions[bot] commented on GitHub (Oct 3, 2025): This issue is stale because it has been open 10 days with no activity. We will close this issue soon. If you want this feature implemented you can contribute it. See: https://docs.cipp.app/dev-documentation/contributing-to-the-code . Please notify the team if you are working on this yourself.

kerem commented

2026-03-02 13:50:11 +03:00

Author

Owner

@PeterVive commented on GitHub (Oct 4, 2025):

I would like to work on this please!

@PeterVive commented on GitHub (Oct 4, 2025): I would like to work on this please!

kerem commented

2026-03-02 13:50:11 +03:00

Author

Owner

@github-actions[bot] commented on GitHub (Oct 4, 2025):

Great! I assigned you (@PeterVive) to the issue. Have fun working on it!

@github-actions[bot] commented on GitHub (Oct 4, 2025): Great! I assigned you (@PeterVive) to the issue. Have fun working on it!

kerem commented

2026-03-02 13:50:11 +03:00

Author

Owner

@PeterVive commented on GitHub (Oct 4, 2025):

Well it would be easy to implement. However not sure if it should be done - atleast not in this standard.

This is the ExecutiveText for the standard:
"Configures SharePoint default sharing links to implement the principle of least privilege for document sharing. This security measure reduces the risk of accidental data modification while maintaining collaboration functionality, requiring users to explicitly select Edit permissions when necessary. The sharing type setting controls whether links are restricted to specific recipients or available to the entire organization. This reduces the risk of accidental data exposure through link sharing."

This means if we just added a way to change it to something other than "View", this standard wouldn't necessarily report correctly - and wouldn't fit the CIS tags it has etc.

Someone can probably weigh in here.

@PeterVive commented on GitHub (Oct 4, 2025): Well it would be easy to implement. However not sure if it should be done - atleast not in this standard. This is the ExecutiveText for the standard: "Configures SharePoint default sharing links to implement the principle of least privilege for document sharing. This security measure reduces the risk of accidental data modification while maintaining collaboration functionality, requiring users to explicitly select Edit permissions when necessary. The sharing type setting controls whether links are restricted to specific recipients or available to the entire organization. This reduces the risk of accidental data exposure through link sharing." This means if we just added a way to change it to something other than "View", this standard wouldn't necessarily report correctly - and wouldn't fit the CIS tags it has etc. Someone can probably weigh in here.

kerem commented

2026-03-02 13:50:11 +03:00

Author

Owner

@kris6673 commented on GitHub (Oct 6, 2025):

Agreed, it's easy to implement, but it could make the current CIS tag null and void. Also, defaulting to edit goes against the principle of least privilege, potentially resulting in more permissive links being sent out. I'd air on the side of "should not be implemented".

@kris6673 commented on GitHub (Oct 6, 2025): Agreed, it's easy to implement, but it could make the current CIS tag null and void. Also, defaulting to edit goes against the principle of least privilege, potentially resulting in more permissive links being sent out. I'd air on the side of "should not be implemented".

kerem commented

2026-03-02 13:50:11 +03:00

Author

Owner

@github-actions[bot] commented on GitHub (Oct 16, 2025):

This issue is stale because it has been open 10 days with no activity. We will close this issue soon. If you want this feature implemented you can contribute it. See: https://docs.cipp.app/dev-documentation/contributing-to-the-code . Please notify the team if you are working on this yourself.

@github-actions[bot] commented on GitHub (Oct 16, 2025): This issue is stale because it has been open 10 days with no activity. We will close this issue soon. If you want this feature implemented you can contribute it. See: https://docs.cipp.app/dev-documentation/contributing-to-the-code . Please notify the team if you are working on this yourself.

kerem commented

2026-03-02 13:50:12 +03:00

Author

Owner

@KelvinTegelaar commented on GitHub (Oct 17, 2025):

As agreed, should not be implemented. :)

@KelvinTegelaar commented on GitHub (Oct 17, 2025): As agreed, should not be implemented. :)

Rows
Columns

[GH-ISSUE #4675] [Feature Request]: Option to configure the view/edit permissions in the CIPP standard "Using the Set Default Sharing Link Settings" #2171

Please confirm:

Problem Statement

Benefits for MSPs

Value or Importance

PowerShell Commands (Optional)