Microsoft has introduced native user-centric permission reporting in the SharePoint Admin Center. For the first time in 25 years, administrators can generate reports showing all sites a specific user can access directly from the admin center.
Feature: Site permissions for users report
Scope: Lists all SharePoint and OneDrive sites accessible by specified users
Granularity: Shows site-level vs. item-level access, direct vs. inherited permissions
License required: SharePoint Advanced Management ($3/user/month) or Microsoft 365 Copilot license
Limitations: Maximum 5 reports, 30-day refresh cycle, up to 48-hour data delay
The report is part of Microsoft's Data Access Governance snapshot reports, designed to help organizations audit permissions before Copilot deployments or during employee departures. Administrators can specify up to several users per report and download results as CSV files containing detailed permission breakdowns including Microsoft Entra group memberships and sharing link counts.
While this marks significant progress for native tooling, the 30-day refresh limitation and SAM licensing requirement may keep third-party tools relevant for organizations needing daily permission auditing.
Sources: Microsoft Learn - User Report · Data Access Governance Overview
