1. Home
  2. Training Library
  3. Microsoft 365
  4. Microsoft 365 Courses
  5. Configuring and Managing SharePoint Settings

SharePoint Building Blocks and Permission Levels

SharePoint Building Blocks and Permission Levels

SharePoint is a useful tool that provides a wide range of settings to manage files and ensure they are kept secure. This course will take you through how to manage and configure those settings and ultimately give you the knowledge to create SharePoint sites, manage their access down to a user level, and allow for external guest access.

Learning Objectives

  • Learn how to plan external sharing settings in SharePoint
  • Learn how to manage access configurations
  • Understand how SharePoint tenant and site settings can be managed effectively

Intended Audience

This course is intended for anyone who wants to implement SharePoint in their operations.


There are no prerequisites for this course.



SharePoint Online enables organizations to make a customized sites based on their use cases and is built upon 3 main building blocks. 

These building blocks can also be classified into different types of sites which organizations can create.

Each type of site or each building block is utilized for specific workplace patterns depending on the needs of the site creators.

The 3 main types of sites able to be made are: 

  • Team Sites
    • Which are created with a focus on Collaboration
  • Communication Sites
    • Which are created with a focus on Communication
  • And Hub Sites
    • Which are created with a focus on Connections

Each of these sites types are built specifically for one of 3 purposes:

  • Collaboration
  • Communication
  • And Connections

Lets quickly touch on the uses for the sites and then move into permissions.

A Team Site as mentioned is built specifically for collaborative purposes within an organization.

It includes Pages, a document library, lists for data management, and web parts which are all specifically focused on collaboration.

This is where users can share and work together.

When a Team Site is created it automatically creates a Microsoft 365 group alongside it.

Since a Team Site is built with collaboration in mind it is common for many users to contribute toward a team Site.

This is the opposite to another type of site, the communication site.

These sites are created specifically to broadcast information to large audiences.

Generally only a few members actually contribute to a communication site and its main purpose is to inform rather than interact. 

If it helps you remember than think of a communication site more as an internal newspaper.

While many people read the newspaper very few people actually create the newspaper.

So, if Team sites and communication sites are for nearly opposite purpose, does that put a hub site somewhere in the middle?

Well, Yes, sort of.

A hub sites main purpose is to connect.

Effectively, it connects multiple sites within an organization together into a larger “hub” which allows users to navigate all across their org's intranet.

Hosting both communication and team sites within a hub site is not uncommon as its main goal is to be the “connective tissue” of an organization's intranet.

An example of a hub site would be something like an HR page that directs users to information and portals regarding HR such as benefits or FAQ pages.

If you are familiar with SharePoint server administration, this may sound similar what is known as a Site Collection.

While similar, there are some main differences that you should be aware of.

Mainly, a Site collection is a collection of sites, with one top-level site and multiple subsites beneath it.

 Site collections maintain a hierarchy with its associated subsites similar to that of a parent-child relationship.

This allowed site collections to be configured and impose those configuration to subsites under the collection.

While Hub sites are the connective tissue of SharePoint in Microsoft 365, Site collections are the connective tissue within any SharePoint Server as Hub sites are not available in SharePoint Server configurations.

Site collections, due to their hierarchical nature were restrictive and made things like reorganization of business policies or general changes to an environment difficult.

The main strength of Hub sites in Microsoft 365 is that it is built to adapt to changes.

Creating relationships with links rather than the hierarchy of it’s predecessor, the design is specifically made to dynamically adapt to changes as needed.

Let’s now jump to permissions levels to gain an understanding of how basic SharePoint permissions function.

These permission levels play a large part in restriction of access to content within a SharePoint Site.

Depending on the type of site, permission levels may vary but the Default permissions levels in order of least to most access are:

  • View Only
  • Limited Access
  • Read
  • Contribute
  • Edit
  • Design
  • And Full Control

The first level is View only which allows users to view information.

The view only is specific to only being able to view information without the ability to. 

The next level is Limited access and is exactly what it sounds like.

This level provides a user with access to a specific resource that was shared to them without requiring broader access.

For example, they could access a library, a folder, or even as specific as a single file shared to them without gaining that broad access.

A step up from there is the read level.

This includes all limited access permissions alongside the ability to download documents and view pages.

The Contribute level adds on that allowing users to edit items within that site.

This is the first permission level which allows users to make changes within a SharePoint site.

They can delete items and manage personal information and views but cannot edits the page itself.

The Edit level enables users to manage lists stored in a SharePoint site.

The Design level allows users to design and edit the site with respects to permissions and customizing pages or items on the site.

And finally, full control grants full control of the site to any user with that level.

Each of these different permissions can be set for individual items and locations

For example, you can set these permissions for:

  • Individual Items
  • Folders
  • Library’s
  • Child Sites
  • And Parent Sites

And for added control, organizations can enable expiration dates on certain permissions restricting access after a certain date.

All of these features can be assigned to both guest and regular users making permissions levels a powerful tool for managing access to sensitive data.


Now that we have an understanding of how permissions levels can help organizations control access within their environment let's talk specifically about external access with external sharing features within SharePoint.

About the Author
Learning Paths

Lee has spent most of his professional career learning as much as he could about PC hardware and software while working as a PC technician with Microsoft. Once covid hit, he moved into a customer training role with the goal to get as many people prepared for remote work as possible using Microsoft 365. Being both Microsoft 365 certified and a self-proclaimed Microsoft Teams expert, Lee continues to expand his knowledge by working through the wide range of Microsoft certifications.