Groups and Permissions

A SharePoint group is a collection of users who all have the same set of permissions, or permission level.

SharePoint groups can simplify the task of assigning and managing site access. Rather than track site or content access one person at a time, you can use groups to conveniently assign the same permission level to many people at once.

Assigning permission levels to SharePoint groups instead of individuals lets you:

  • Streamline site maintenance for yourself and successive site owners.
  • Ensure that people performing similar tasks have the same level of access.
  • Ensure that people have only the access they need, not more.

By default, the following SharePoint groups should be used and assigned the permissions below:

Group Name Permission LevelDescription
Owner Full Control Full permissions to the Site and all subsites.
Member Contribute View, add, update, and delete list items and documents.
Visitor Read View pages and items in existing lists and document libraries and download documents.

Additional information

Team SharePoint site permissions:

  • Team sites are where a group of people will collaborate and "work together" to discuss, share files, plan projects/tasks, manage lists, share calendars/planner, etc.
  • By default, only members of a team will have access to the team's SharePoint site.  If you want to share any document libraries, folders, files, lists, with others you will need to use the Share option or adjust the permissions (break permission inheritance) for the content you want to share.
  • Everyone who is part of the Team will be designated as either an owner or member.  When sharing content (files, libraries, lists) with others who are not part of the team, you can specify the type of access for the content you are sharing and specify if they can edit or view only.

Communication site permissions:

  • Communication sites are used to "show and share" content and information with others across campus.  Usually the final form/policy/content that was discussed/created within a team site is put on a communication site after it is completed.
  • Communication sites usually have a few owners (people who can control the design, content, layout, news, associated site navigation/search) of the site and many visitors (people who can view the information).
  • Communication site visitors should use AD (Active Directory) groups within your organization or the "Everyone except external users" group to ensure that the content will be visible to everyone.

Hub sites:

  • Hub sites are use to join team and communication sites together with a common/shared navigation, search, and design.
  • Hub sites usually associated with a communication site that will provide information/content for the higher level organization that all the team/communication sites under it fall under (ie. Administrative areas such as Academic Affairs, Admin & Finance, CITS, ORD or departments within a school)
  • Hub site owners can pick which sites can be associated with that hub and determine what links will appear in the cross-site global navigation.  They can also manage/adjust how news and site activity from associated team and communication sites are rolled-up and displayed on the hub's communication site.  Note: Even if a team site link is added to the hub's cross-site navigation, only members of that team will be able to access that team's site.