Audit SharePoint Online external sharing and anonymous links with Microsoft Graph
Audit external sharing in SharePoint to ensure compliance This workflow audits your SharePoint Online environment for external sharing risks by identifying files and folders that are shared with anonymous links or ext...
Template notes
Audit external sharing in SharePoint to ensure compliance
This workflow audits your SharePoint Online environment for external sharing risks by identifying files and folders that are shared with anonymous links or external/guest users. It is designed to traverse SharePoint recursively, giving you full visibility into sharing across all sites, document libraries, folders and files.
What it does
Scans all SharePoint sites in the tenant. Traverses SharePoint recursively through every folder and file, starting at the root of each drive. Fetches permissions for every item (files and folders). Detects and flags:
Anonymous sharing links (anyone links) External or guest users, identified by:
SharePoint guest login markers (ext, urn:spo:guest) Email domains not matching your internal tenant domains Outputs only items that are externally shared, including detailed metadata and permission evidence.
How it works
In the Set Variables node you define your internal tenantDomains, used to distinguish internal users from external ones.