Back to Blog
July 17, 2025 SharePoint Online PowerShell

Get Site Permissions in SharePoint Using Powershell

Get Site Permissions in SharePoint Using Powershell

In today's article, we will explore how to perform an audit of access permissions for a SharePoint site.

This is a relatively easy process when dealing with a limited number of sites via the end-user environment. However, if you are managing a large volume of sites, you will need automated procedures—specifically using PowerShell.


Method 1: Using the End-User Environment

To check site-level permissions through the standard interface, follow these steps:

  1. Access Site Permissions: Navigate to your chosen site, click the gear icon in the top right, and select Site permissions

    Note: The user must have Administrator rights to have a full overview of permission management for the site.

  2. Advanced Settings: From the permissions panel, select Advanced permission settings

On the next page, as you can see, the SharePoint groups, Active Directory groups, and individual users with access are displayed, along with their specific permission levels. Crucially, the standard interface does not offer an "Export to Excel" option for this data. 


Method 2: Automation via PowerShell (PnP PowerShell)

To view all permissions and export them to an Excel-friendly format (CSV), you can execute the following PowerShell script. 

# --- Variables---
$siteUrl = "https://mytenant.sharepoint.com/sites/ARC"
$clinetId = "00000000-0000-0000-0000-00000000000"

1. Connect to SharePoint Online


Connect-PnPOnline -Url $siteUrl -Interactive -ClientId $clinetId


2. Get Site Web and Role Assignments


Το HasUniqueRoleAssignments εδώ δείχνει αν το Subsite κληρονομεί από το Parent Site


$site = Get-PnPWeb -Includes RoleAssignments, HasUniqueRoleAssignments


Write-Host "n--- Αναφορά Δικαιωμάτων Site: $($site.Title) ---" -ForegroundColor Cyan Write-Host "URL: $($siteUrl)" Write-Host "Unique Permissions (Διακοπή κληρονομικότητας από το Parent): $($site.HasUniqueRoleAssignments)" -ForegroundColor Yellow Write-Host "--------------------------------------------------n"


3. Analyze Permissions


$sitePermissions = foreach ($roleAssignment in $site.RoleAssignments) {
# Φόρτωση των λεπτομερειών του μέλους και των επιπέδων πρόσβασης
Get-PnPProperty -ClientObject $roleAssignment -Property Member, RoleDefinitionBindings


$member = $roleAssignment.Member
$permissionLevels = ($roleAssignment.RoleDefinitionBindings | Select-Object -ExpandProperty Name) -join ", "

[PSCustomObject]@{
    "User/Group"      = $member.Title
    "Principal Type"  = $member.PrincipalType
    "Access Level"    = $permissionLevels
    "Login Name"      = $member.LoginName
}



}


Show Results


$sitePermissions | Format-Table -AutoSize


Export  CSV


$sitePermissions | Export-Csv -Path "C:\SitePermissionsReport.csv" -NoTypeInformation -Encoding UTF8


and now you can find the exported file in local disk