In this small post I’m going to show you a really nice new feature to SharePoint 2013. It’s the Access Request and Invitations feature that allows you to easier manage access requests to your sites. Access Requests has been in the product for quite some time but required that your admins checked their e-mails once in a while. Using the new Share feature in SharePoint 2010 this process is so much easier. This has somewhat been blogged by the SharePoint team, but I would like to share my view of it.
Note: this is written for the SharePoint 2013 Preview. Change things will….
For this article, assume that we have a public site enabled with Azure Access Control Services federated authentication so end-users can sign in with Google Id, Live ID (or whatever they call it today…) etc. If we do not have anonymous users enabled all users without access will be prompted with the polite message “Sorry, this site hasn’t been shared with you”.
Nothing more than that. So how do I share it then…
Enabling Access Requests
First of all you need to enable Access Requests, and this is no magic feature or button in Central Admin, it is actually enabled the same way as it has been in previous versions. To enable for users, with no access to the site, to request access to the site you need to enable Outgoing e-mail settings. This is done in Central Administration under System Settings > Configure outgoing e-mail settings. Note that this is a per farm configuration!
Once this is enabled your users will instead see this screen:
Nice huh. Now if you want access to the site you’ll just jot down a reason and click Send Request. The site administrator will be notified by e-mail and your request will be saved in the site. If you get back to the site after a couple of weeks without getting any access you can see your request history and that it is pending.
Access Request administration
The site administrators can at any time click on Site Settings (the cog wheel) > Shared With to see the current Sharing status. If there are pending access requests, they will see a notification and can click on View Requests to deal with them.
The administrations will see all pending access requests in a list where they can see who wants access to which site and by clicking the ellipsis (the … ) they can see status of a specific request.
They can use this dialog to Approve or Decline the request or to initiate a communication with the person doing the request. For instance if we write a message to the requestor it will show up on the access denied page like this:
If the site administrator declines the request this will also be noted on the access denied page:
The end-user can still continue to hassle the site owner (or bribe, whichever works best) until he get’s an approval, which results in an e-mail to the requestor. The site owner can when approving a request specify what Permissions to give to the user either through a group or by setting a Permission Level directly on the user (discouraged!).
Site owners can also go to Site Settings and choose Access requests and invitations.
If you want to disable this feature for your Site Collection you need to go to Site Settings > Site Permissions and then click Access Request Settings in the ribbon (Note: this is only available if it’s enabled at a farm level, that is outgoing e-mail is configured). From there you can turn off the access requests, for instance if you don’t want annoying users requesting access to your über cool site!
Note: in the SharePoint 2013 Preview build, the History feature does not work, unless you use something like Internet Explorer Developer toolbar to unhide the History web part :-). It’s just a small opacity bug…
The site owners can check the sharing history on the sharing admin page, by clicking on the Show History link.
This list will show all approved or accepted requests and who did the actual approval/denial.
Some quick notes about the Access Requests internals. It is all stored in a hidden list (hey, it’s SharePoint) called “Access Requests”. This list has three views/pages:
- Guest user invitations (Access Requests/pendinginv.aspx)
- History (Access Requests/oldreq.aspx)
- Pending Requests (Access Requests/pendingreq.aspx)
Good to know if you want to leverage/improve the functionality of access requests in your applications. This list has unique permissions with only Site Owners with Full Control.
SharePoint 2013 has with this simple feature made it so much easier to create and manage community sites; internal or external. It’s these little things that make a huge difference!