The following table describes the user sharing and access request activities in SharePoint Online and OneDrive for Business. For sharing events, the Detail column under Results identifies the name of the user or group the item was shared with and whether that user or group is a member or guest in your organization.
| Friendly name |
Operation |
Description |
| Accepted access request |
AccessRequestAccepted |
An access request to a site, folder, or document was accepted and the requesting user has been granted access. |
| Accepted sharing invitation |
SharingInvitationAccepted |
User (member or guest) accepted a sharing invitation and was granted access to a resource. This event includes information about the user who was invited and the email address that was used to accept the invitation (they could be different). This activity is often accompanied by a second event that describes how the user was granted access to the resource, for example, adding the user to a group that has access to the resource. |
| Created a company shareable link |
CompanyLinkCreated |
User created a company-wide link to a resource. company-wide links can only be used by members in your organization. They can't be used by guests. |
| Created access request |
AccessRequestCreated |
User requests access to a site, folder, or document they don't have permissions to access. |
| Created an anonymous link |
AnonymousLinkCreated |
User created an anonymous link to a resource. Anyone with this link can access the resource without having to be authenticated. |
| Created sharing invitation |
SharingInvitationCreated |
User shared a resource in SharePoint Online or OneDrive for Business with a user who isn't in your organization's directory. |
| Denied access request |
AccessRequestDenied |
An access request to a site, folder, or document was denied. |
| Removed a company shareable link |
CompanyLinkRemoved |
User removed a company-wide link to a resource. The link can no longer be used to access the resource. |
| Removed an anonymous link |
AnonymousLinkRemoved |
User removed an anonymous link to a resource. The link can no longer be used to access the resource. |
| Shared file, folder, or site |
SharingSet |
User (member or guest) shared a file, folder, or site in SharePoint or OneDrive for Business with a user in your organization's directory. The value in the Detail column for this activity identifies the name of the user the resource was shared with and whether this user is a member or a guest. This activity is often accompanied by a second event that describes how the user was granted access to the resource; for example, adding the user to a group that has access to the resource. |
| Updated an anonymous link |
AnonymousLinkUpdated |
User updated an anonymous link to a resource. The updated field is included in the EventData property when you export the search results. |
| Used an anonymous link |
AnonymousLinkUsed |
An anonymous user accessed a resource by using an anonymous link. The user’s identity might be unknown, but you can get other details such as the user's IP address. |
| Unshared file, folder, or site |
SharingRevoked |
User (member or guest) unshared a file, folder, or site that was previously shared with another user. |
| Used a company shareable link |
CompanyLinkUsed |
User accessed a resource by using a company-wide link. |
| Withdrew sharing invitation |
SharingInvitationRevoked |
User withdrew a sharing invitation to a resource. |
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article