SharePoint Online CDN features announced in preview

Tags: SharePoint Online

Today, Mr Vesa, announced the availability of the (long awaited) CDN features for SharePoint Online. The SharePoint Online CDN features allows you to turn one or more libraries in your SharePoint tenant into a repository for assets that you want to store in a CDN for performance reasons and geo-distribution reasons.

SPO Public CDN

How to set things up

I'm not going to rehash everything that is outlined in the announcement post, but rather highlight a few important things.

To get started and turn one of your libraries into a CDN enabled library you need to install the latest SharePoint Online PowerShell cmdlets to get access to some new and updated PowerShell cmdlets. Once you have that all you need to do is first enable it on your tenant and then add libraries for cdnization:

$creds = Get-Credential
Connect-SPOService -Url -Credential $creds
Set-SPOTenant -PublicCdnEnabled $true

Once this is done then you choose what libraries to use as the source for your CDN. You can point directly to a library or a subfolder in a library.

New-SPOPublicCdnOrigin -Url

When you do this you get a big and yellow warning stating that everything you add in this folder from now on will be pushed to the CDN, and that CDN is publicly available and not governed by all the nice policies we have in Office 365. So, don't put your annual report drafts in there!

Note, it might take a few minutes until it is all ready for usage after adding or changing the origins. 15-20 minutes is not uncommon.

You can always retrieve all your CDN origins by using the following command:


This command will list the ID of each CDN origin as well as the origin. The ID is very important, because you need that when you construct the URL to the CDN. It's probably one or more Guids in that ID…

How to access the files in the CDN

To get access to the files in the CDN you need to construct a path using the ID for the CDN origin like this:

For instance

Yes, it's a bit long but that's how it is.

If you now try to access an image or script in this CDN by just typing the URL in the browser, you will get an error stating "Invalid referer". This is by design and you need to add a HTTP Header to see the image/script, the Referer header with the value of the URL of your tenant (see announcement blog). In cases where you embed the image in a page or load the script from a page, this is done automatically for you by the browser. An even easier way is to just create a page and insert a Picture from Address, and paste your CDN Url.


There's a couple of caveats to the CDN as of now. One thing I had hoped was that you could use image renditions in combination with this, which would have been AWESOME. Nope, you can't. Vesa, can you add that to the todo list?

[Update 2016-09-29] The image renditions are partly supported, you can now use width, height and cropMode (fit for instance) as query string parameters for the image. But not RenditionId - once that can be done this feature is rock solid!

[Update 2016-09-29] CORS support has been enabled! Thanks you to the product group for fast and quick turnaround for these kind of features!

Another quite important thing is that the CDN isn't CORS enabled. They do a check for the referer, see above, so that the request are coming from the correct tenant. But if you try to use jQuery or some other mechanism to load scripts or assets from the CDN location you get

No 'Access-Control-Allow-Origin' header is present on the 
requested resource. Origin '' is
therefore not allowed access.
The response had HTTP status code 406.

I wish they added the possibility to allow CORS requests from the tenant, just as they only allow request refering from the tenant.


I think this feature is awesome and I have already upgraded a few tenants and customers to use this new feature for some embedded resources. Oh, did I say this is free of charge and a part of your Office 365 subscription. Free beer is good beer, despite in preview!


  • René said

    Hi Wictor,

    I just commented on the Office dev center, but wanted to share my thoughts with you too:

    It is indeed possible to download the files from the public CDN. I just tried it with some font files (WOFF, EOT, TTF) and I can see them downloading.
    BUT: The browser blocks them because of a missing CORS header, as you mentioned. The files are served from which is a different domain then

    So only with added CORS headers, it will be fully functional to use fonts, right?

    Those headers should be added as well for the add-in domains, like That way we can use them together with /_layouts/15/defaultcss.ashx to load the correct fonts inside an add-in from the parent. Thats the problem we want to solve.

  • Victor Magidson (MSFT) said

    Thanks for the good summary and suggestions, Wictor.

    Note, that image renditions are supported. The section was added into Vesa's post - find it right above the FAQ.
    Just add ?height=XX&width=YY to the URL, and the rendition will be cached to CDN along with the original image. No perf penalty for using as many of the sizes as you'd need.

  • Max fiske said

    Hi Wictor,

    I havent seen any documentation regarding the cache control, maybe i have missed something fundamental. So what are are the acutal benifts of hosting code in a tenant vs lets say verizon. The control of the cache is basically the foundation of the boost in major performance I would say.Furthermore, what are your thoughts on hosting dynamic vs static content with this, lets say new "feature", Public CDN? Best regards

  • Claire said

    Hi Wictor,
    Thanks for the detailed post !
    The CORS issue is still present if you try to get a file from your localhost.
    I currently have the problem with SharePoint's prototype for Spfx/Angular2, there are issues with templateUrl with Angular, so I'm using the CDN url to load my template ... It works deployed on SharePoint online but doesn't work with a serve on localhost, on the default port given by the official example :(. Any idea how I could solve the issue ? Many thanks !

Comments have been disabled for this content.

About Wictor...

Wictor Wilén is the Nordic Digital Workplace Lead working at Avanade. Wictor has achieved the Microsoft Certified Architect (MCA) - SharePoint 2010, Microsoft Certified Solutions Master (MCSM) - SharePoint  and Microsoft Certified Master (MCM) - SharePoint 2010 certifications. He has also been awarded Microsoft Most Valuable Professional (MVP) for seven consecutive years.

And a word from our sponsors...