Overview
Access Link (also referred to as External Link) Trusted Shares require an assigned Sharing Policy. Every time a Trusted Share is created using an Access Link, the share inherits the configuration defined in that policy — including permissions, login requirements, collaboration settings, and auto-approval behavior.
This article explains how to create a dedicated Sharing Policy for Access Link Trusted Shares and how to choose the right auto-approval setting for your organization.
Prerequisites
Admin access to the eSHARE Admin Console
An existing Sharing Policy that can be duplicated as a starting point
Confirmation that no other Sharing Policy in your tenant is already assigned the Access Link module (only one policy can hold this assignment)
Procedure
Step 1: Duplicate an existing Sharing Policy
In the Admin Console, locate a Sharing Policy that most closely matches the configuration you want for Access Link shares and duplicate it. Rename the copy to clearly identify its purpose (for example, Access Link Policy).
Step 2: Assign the Access Link module
Open the duplicated policy and navigate to Sharing Modules Assignment. Assign Access Link only. Do not assign OneDrive or SharePoint to this policy.
Note: The Access Link module can be assigned to only one Sharing Policy at a time. If it is already assigned elsewhere, you must remove it from that policy first.
.png?sv=2022-11-02&spr=https&st=2026-05-19T15%3A41%3A22Z&se=2026-05-19T15%3A53%3A22Z&sr=c&sp=r&sig=VdQHAcGpTCYP7xCwdANhc%2FdXqPf1ExxRjUCN2kBk4mU%3D)
Step 3: Configure policy options
Within the policy, configure the remaining options as required for your Access Link shares, including:
Permissions — what recipients can do with the share
Login — whether recipients must authenticate before accessing the share
Collaboration — co-authoring and related settings
Step 4: Choose an Access Link auto-approval setting
The auto-approval setting controls whether the share owner must approve recipients before they can access the share. Choose one of the following based on your workflow:
Setting | Behavior | Use when |
|---|---|---|
None | The owner reviews and approves each recipient after the link is created. | You want visibility into who is accessing the share before granting access. |
Same Organization as Share Creator | Recipients in the creator's organization access the share without owner approval. External recipients still require approval. | Internal recipients should have seamless access; external recipients should be gated. |
All | All intended recipients access the share without owner approval. | Recipients are pre-vetted and no per-recipient approval step is needed. |
.png?sv=2022-11-02&spr=https&st=2026-05-19T15%3A41%3A22Z&se=2026-05-19T15%3A53%3A22Z&sr=c&sp=r&sig=VdQHAcGpTCYP7xCwdANhc%2FdXqPf1ExxRjUCN2kBk4mU%3D)
Step 5: Save and validate
Save the policy. Create a test Access Link Trusted Share and confirm that the permissions, login, collaboration, and auto-approval behaviors match expectations.
Notes
Only one Sharing Policy in the tenant can have the Access Link module assigned. Plan accordingly if you maintain multiple environments or use cases.
Changing the auto-approval setting affects new shares created after the change. Existing shares continue to follow the policy as it was configured when they were created (verify this against your platform behavior before publishing).