SharePoint provides Item-Level Permissions to control access at the list item or document level, rather than at the entire list or library level. This is particularly useful when:
✔ Users should only see or edit their own items.
✔ Sensitive data must be restricted to specific individuals.
✔ Custom workflows or approval processes require different access levels.
This guide covers:
🔹 Default item-level permissions
🔹 Customizing permissions per item
🔹 Best practices for managing item-level security
1. Default SharePoint Item-Level Permissions
By default, SharePoint inherits permissions from the list or library where an item is stored. However, SharePoint lists allow item-level permission settings to control:
✔ Who can view items
✔ Who can edit items
How to Configure Default Item-Level Permissions
1️⃣ Open your SharePoint list.
2️⃣ Click Settings (Gear Icon) > List Settings.
3️⃣ Under General Settings, click Advanced settings.
4️⃣ Locate the Item-Level Permissions section.
5️⃣ Choose from:
- Read access:
- ✅ “Read all items” (default) – All users can see every item.
- ✅ “Read items that were created by the user” – Users can only see their own items.
- Create and Edit access:
- ✅ “Create and edit all items” (default) – Users can edit all items.
- ✅ “Create items and edit items that were created by the user” – Users can only edit their own items.
6️⃣ Click OK to save changes.
Limitations:
- These settings only apply to SharePoint lists, not libraries.
- Site owners and admins can still see all items.
2. Breaking Permission Inheritance for Specific Items
For more granular control, you can break permission inheritance and apply unique permissions to individual list items or documents.
Steps to Assign Unique Permissions to an Item
1️⃣ Navigate to the SharePoint list or library.
2️⃣ Select the item or document you want to modify.
3️⃣ Click More options (⋮) > Manage access.
4️⃣ Click Advanced to open the Permissions page.
5️⃣ Click Stop Inheriting Permissions (top menu).
6️⃣ Select users or groups and assign new permissions (e.g., Read, Edit, Full Control).
7️⃣ Click OK to apply changes.
Best Use Cases:
✔ Restrict access to sensitive records in a list.
✔ Allow only specific users to edit an item while keeping it visible to others.
✔ Control permissions for approvals or confidential documents.
3. Managing Permissions for SharePoint Document Libraries
Unlike lists, SharePoint document libraries do not support item-level settings (e.g., “Users can only see their own documents”). However, you can still manually set unique permissions for each file or folder.
How to Restrict Access to Individual Documents:
1️⃣ Open the document library in SharePoint.
2️⃣ Select the document or folder.
3️⃣ Click Manage access > Advanced settings.
4️⃣ Click Stop Inheriting Permissions.
5️⃣ Remove existing users or groups, then add specific users with required permissions.
6️⃣ Click OK.
Tip: Use IRM (Information Rights Management) or DLP (Data Loss Prevention) for stronger security on document libraries.
4. Using Power Automate to Automate Item-Level Permissions
If you need automated permission changes, Power Automate (formerly Flow) can help.
Example Use Cases:
✔ Grant manager-only access to approved requests.
✔ Restrict completed tasks from being modified.
✔ Allow users to edit their own entries while keeping them hidden from others.
Basic Power Automate Flow for Item-Level Permissions:
1️⃣ Open Power Automate (https://flow.microsoft.com).
2️⃣ Click Create > Automated cloud flow.
3️⃣ Select a trigger (e.g., “When an item is created” in SharePoint).
4️⃣ Add an action: “Stop Inheriting Permissions”.
5️⃣ Add another action: “Grant Permissions to User” (use “Created By” dynamic value).
6️⃣ Save and test the flow.
Tip: Use HTTP requests in Power Automate for more advanced permission changes.
5. Best Practices for Managing Item-Level Permissions
✔ Use groups instead of individual user assignments – This simplifies permission management.
✔ Limit item-level permissions usage – Too many unique permissions can slow performance.
✔ Apply permissions through metadata & audience targeting – Instead of manual permissions, use views, filters, and metadata to control visibility.
✔ Regularly audit permissions – Use SharePoint Admin Center to check for misconfigurations.
✔ Educate users – Ensure they understand who can see/edit their items.
6. Conclusion
SharePoint Item-Level Permissions are a powerful way to control access to individual items or documents without modifying the entire site. By customizing list settings, breaking inheritance, and using automation tools, organizations can effectively manage security while maintaining collaboration.
🔹 Quick Summary:
✔ Use default item-level settings to restrict users to their own entries.
✔ Break inheritance to apply unique permissions to specific items.
✔ Manually set document permissions in libraries.
✔ Automate permission changes using Power Automate.
✔ Follow best practices to prevent performance issues.