SharePoint 2013: A look at Requesting Site Access

Tags: SharePoint 2013

Introduction

In this small post I’m going to show you a really nice new feature to SharePoint 2013. It’s the Access Request and Invitations feature that allows you to easier manage access requests to your sites. Access Requests has been in the product for quite some time but required that your admins checked their e-mails once in a while. Using the new Share feature in SharePoint 2010 this process is so much easier. This has somewhat been blogged by the SharePoint team, but I would like to share my view of it.

Note: this is written for the SharePoint 2013 Preview. Change things will….

For this article, assume that we have a public site enabled with Azure Access Control Services federated authentication so end-users can sign in with Google Id, Live ID (or whatever they call it today…) etc. If we do not have anonymous users enabled all users without access will be prompted with the polite message “Sorry, this site hasn’t been shared with you”.

Sorry, this site hasn’t been shared with you

Nothing more than that. So how do I share it then…

Enabling Access Requests

First of all you need to enable Access Requests, and this is no magic feature or button in Central Admin, it is actually enabled the same way as it has been in previous versions. To enable for users, with no access to the site, to request access to the site you need to enable Outgoing e-mail settings. This is done in Central Administration under System Settings > Configure outgoing e-mail settings. Note that this is a per farm configuration!

Configure outgoing E-mail Settings

Requesting Access

Once this is enabled your users will instead see this screen:

Let us know why you need access to this site

Nice huh. Now if you want access to the site you’ll just jot down a reason and click Send Request. The site administrator will be notified by e-mail and your request will be saved in the site. If you get back to the site after a couple of weeks without getting any access you can see your request history and that it is pending.

Pending approval

Access Request administration

The site administrators can at any time click on Site Settings (the cog wheel) > Shared With to see the current Sharing status. If there are pending access requests, they will see a notification and can click on View Requests to deal with them.

Shared With

The administrations will see all pending access requests in a list where they can see who wants access to which site and by clicking the ellipsis (the … ) they can see status of a specific request.

Access Requests

They can use this dialog to Approve or Decline the request or to initiate a communication with the person doing the request. For instance if we write a message to the requestor it will show up on the access denied page like this:

Communication

If the site administrator declines the request this will also be noted on the access denied page:

Declined!

The end-user can still continue to hassle the site owner (or bribe, whichever works best) until he get’s an approval, which results in an e-mail to the requestor. The site owner can when approving a request specify what Permissions to give to the user either through a group or by setting a Permission Level directly on the user (discouraged!).

Site owners can also go to Site Settings and choose Access requests and invitations.

Users and Permissions

If you want to disable this feature for your Site Collection you need to go to Site Settings > Site Permissions and then click Access Request Settings in the ribbon (Note: this is only available if it’s enabled at a farm level, that is outgoing e-mail is configured). From there you can turn off the access requests, for instance if you don’t want annoying users requesting access to your über cool site!

Access request settings

Sharing history

Note: in the SharePoint 2013 Preview build, the History feature does not work, unless you use something like Internet Explorer Developer toolbar to unhide the History web part :-). It’s just a small opacity bug…

The site owners can check the sharing history on the sharing admin page, by clicking on the Show History link.

Sharing History

This list will show all approved or accepted requests and who did the actual approval/denial.

Internals

Some quick notes about the Access Requests internals. It is all stored in a hidden list (hey, it’s SharePoint) called “Access Requests”. This list has three views/pages:

  • Guest user invitations (Access Requests/pendinginv.aspx)
  • History (Access Requests/oldreq.aspx)
  • Pending Requests (Access Requests/pendingreq.aspx)

Good to know if you want to leverage/improve the functionality of access requests in your applications. This list has unique permissions with only Site Owners with Full Control.

Summary

SharePoint 2013 has with this simple feature made it so much easier to create and manage community sites; internal or external. It’s these little things that make a huge difference!

5 Comments

  • Asif said

    Hello...

    i am very new to Share Point...i have installed share point 2013...how can i configure my browser to access share point?

    how can i give "Primary/Secondary Administrator Account" to create a web app in share point 2013?

  • Jari said

    Hi,

    Do you know if there is way to list all site that user can request access meaning listing every site where "Allow Access request" is enabled? By default user won't find these sites using search. I'm thinkin how users will find a site where he doesn't have any permissions? Is the only way that he haves a direct link or some custom solution?

    Thanks!

  • Eliot said

    Here is an example of the problem as far as I can tell:

    • Joe is setup with full control to our marketing site, a sub-site which lives under our top level site collection site. (We have 1 site collection and everything lives under this umbrella.)
    • Joe can manage permissions and access to the PM site directly within SharePoint.
    • However, Joe is setup to receive access requests from this site, yet, he is unable to get to the Access%20Requests/pendingreq.aspx page as provided in the request emails that are sent from this site.
    o Joe get access denied when he clicks the link to approve or deny the request as provided in the email.
    o Again, the link in the email points to this .aspx page: Access%20Requests/pendingreq.aspx
    • If I add Joe to the site collection administrators group, the problem is resolved.
    • Unfortunately, this fix doesn’t work for us because as a site collection admin, Joe has access to everything throughout our environment.

    Is there any way around this problem? We need people to be able to receive and process these requests as they come in from SharePoint, yet, we cannot add every individual sub-site owner to the site collection administrators group.

  • Simran Sachdeva said

    Unfortunately, i also have same kind of scenario in which i have followed the recommended article by Microsoft mentioned in the above comment. Now users with admin access are able to access the pending request page but they are unable to grant any permissions to the user. They get "request approval failed" error when they click on approve button.

Comments have been disabled for this content.

About Wictor...

Wictor Wilén is the Nordic Digital Workplace Lead working at Avanade. Wictor has achieved the Microsoft Certified Architect (MCA) - SharePoint 2010, Microsoft Certified Solutions Master (MCSM) - SharePoint  and Microsoft Certified Master (MCM) - SharePoint 2010 certifications. He has also been awarded Microsoft Most Valuable Professional (MVP) for seven consecutive years.

And a word from our sponsors...