sharepoint

SharePoint Shared Links Not Working

Resolution Checklist

  • 1 Verify link expiration and sharing policies
  • 2 Check tenant-level and site-level sharing restrictions
  • 3 Reset broken inheritance and individual permissions
  • 4 Clear cached sharing tokens on the local client
  • 5 Audit and configure guest user access policies

SharePoint Shared Links Not Working

This article provides a diagnostic checklist and troubleshooting guide to resolve SharePoint Shared Links Not Working (such as external users receiving “Access Denied” or “This link has expired” errors, anonymous access links failing, or link creation being greyed out).

Root Causes / Meaning

Shared links rely on SharePoint’s permission inheritance structure and external sharing policies. Failures are usually caused by:

  1. Link Expiration Policies: Tenant-level or site-level policies enforce automatic expiration (e.g., anonymous links expire after 30 days).
  2. External Sharing Restrictions: The tenant or site-level settings are configured to restrict external sharing to specific domains, or disabled entirely (SharingCapability set to Disabled).
  3. Broken Permission Inheritance: A parent folder or file has unique permissions, which block a generated shared link from resolving correctly.
  4. Recipient Identity Mismatch: A user opens a link shared with a specific email address (e.g., user@domain.com) while logged into another Microsoft Account (e.g., a personal @outlook.com account).
  5. Local Authentication Cache: Outdated tokens in Microsoft Office apps or local browser cookies prevent authentication when attempting to follow links.

Initial Checklist

Before proceeding to advanced fixes, perform these basic checks:

  1. Verify Link Expiration: Check the link properties to ensure it has not passed its expiration date.
  2. Test in Private/Incognito Window: Open the shared link in a private browser window. If it prompts for login or works anonymously as expected, the issue is browser cache/credential conflict.
  3. Verify Recipient Email: Confirm the recipient is attempting to log in with the exact email address the invite was sent to.

Platform-Specific Resolving Steps

Windows Users

Step 1: Clear Cached SharePoint Credentials

To resolve authentication conflicts when opening shared links:

  1. Close all Office apps and browser windows.
  2. Open Credential Manager (search for it in the Start menu).
  3. Under Windows Credentials, look for credentials starting with MicrosoftOffice16_Data:orgid or OneDriveCachedCredential.
  4. Select them and click Remove.
  5. Restart OneDrive and sign back in.
:: Kill OneDrive and Microsoft Office sync engines
taskkill /f /im OneDrive.exe
taskkill /f /im MSOSYNC.EXE /im CSISYNCCLIENT.EXE

Step 2: Configure Site Collection Sharing Capabilities via PowerShell

If you are an administrator, verify the site sharing capability hasn’t been locked down:

# Connect to SharePoint Online
Connect-SPOService -Url "https://yourtenant-admin.sharepoint.com"

# Check current sharing capabilities of the site
Get-SPOSite -Identity "https://yourtenant.sharepoint.com/sites/Projects" | Select-Object SharingCapability

# Set sharing capability to allow external sharing of authenticated users
Set-SPOSite -Identity "https://yourtenant.sharepoint.com/sites/Projects" -SharingCapability ExternalUserAndGuestSharing

macOS Users

Step 1: Remove Cached Credentials from Keychain Access

If sharing tokens or OneDrive credentials conflict on macOS:

  1. Open Keychain Access via Spotlight.
  2. Search for OneDrive and Office.
  3. Select and delete the application passwords and credentials related to your tenant (e.g., Microsoft Office Identities Cash 3).
  4. Restart your Mac.
# Force kill the OneDrive and browser clients to clear active token hooks
killall OneDrive
killall "Safari" "Google Chrome" "Microsoft Edge" 2>/dev/null

Step 2: Diagnostic Check via curl

Verify that the link redirects and resolves to the target site metadata instead of a 403 Forbidden. Run a curl query on the link:

# Analyze the redirect behavior and HTTP response of the sharing link
curl -IL "https://yourtenant.sharepoint.com/:f:/g/personal/user_domain_com/Ek3..."

Actionable Command Blocks

Reset Sharing Link Permissions on a Specific Item (PowerShell / Windows)

If a specific file or folder link is broken, you can break/reset inheritance or clean individual link access via PnP PowerShell:

# Install PnP PowerShell module
# Install-Module PnP.PowerShell -Scope CurrentUser

# Connect to the SharePoint site
Connect-PnPOnline -Url "https://yourtenant.sharepoint.com/sites/Projects" -Interactive

# Retrieve sharing links for a specific file path
$Item = Get-PnPListItem -List "Shared Documents" -Query "<Query><Where><Eq><FieldRef Name='FileLeafRef'/><Value Type='Text'>ProjectPlan.docx</Value></Eq></Where></Query>"

# Reset permissions to inherit from parent folder (deletes all unique sharing links)
Reset-PnPListItemPermission -List "Shared Documents" -Identity $Item.Id

Summary Checklist

  • Tested the shared link in a private/incognito browser window.
  • Confirmed the link has not expired in the file sharing settings.
  • Verified that the site sharing capability is set to allow the target share type (Anonymous, Guest, or Tenant-only).
  • Cleared Windows Credential Manager or macOS Keychain Access of cached Microsoft login tokens.
  • Reset permission inheritance on the specific file/folder if unique access list became corrupted.