Managing permissions can feel overwhelming at times, from giving various users access to your content to giving different people various levels of access. If a user does not have permission, they are not able to access any content.
With SharePoint, there are internal users and external users to consider.
Internal Users: Users inside your organization that have a full Office 365 User Subscription License. (USL) Internal users are users within your office.
External Users: Users you request into your SharePoint online sites to collaborate with one another. These users can have reading and contribution access, and access the site through live ID. External users are usually considered to be a team from another company that you will collaborate with.
Internal User permissions are handled in two different locations.
Admin Portal: From here you can manage the user licensing and the level of access they have to admin functions.
SharePoint: From within SharePoint you can manage a user’s access to that particular SharePoint location. You can be an administrator from a SharePoint site but just a standard user from the admin portal. Also, you can be an administrator from the admin portal but not necessarily have access to the SharePoint site.
Site Permissions Access
Permissions Within Sites: Permissions allow you to secure content within SharePoint online. You can modify permissions at numerous levels.
By default, content contained by a site collection receives the permissions settings from the parenting site.
If necessary, you can stop receiving permissions and add your own custom permission.
Things to Watch For:
Permissions are managed at the location of the content. The more places you break the receiving line, the more places you have to manage permissions.
When a page loads, the server processes the content and loads only what a user has access to see. The more content you have on a page with distinctive permissions the longer the page could take to load.
Plan your permissions proposal ahead of time so you can instrument it efficiently.
Who needs access?
What do they need to do?
How often does this change?
How can it be managed over time?
With these four questions, Permissions does not have to be so complicated.