How can the "Request Files" feature on OneDrive be useful into your organization and why does this feature improve your security?
This new feature of OneDrive rolled out during last December and can be really useful to create a target folder and allow external people of your organization to deposit some files safely (for your organization).
How can this feature be better than sharing a folder with each other?
Without the "Request files" feature, to allow someone else to deposit/drop/upload something on your OneDrive, you have to share a folder. Sharing a folder with the native feature means:
- Allow user(s) to see the content of this folder
- Allow user(s) to edit the content of this folder (if you want them to be able to drop files)
- The recipients have to have at least a Live ID account
If you share this same folder with several users to let them upload files, all of them will have the exact same rights and will be able to access the content of the each other... is this really what you want? 🧐
One solution consists in creating each time a shared folder to avoid this kind of use case...
Now, you have an alternative since December 2019 to allow someone to drop files on your OneDrive (this feature is not available on SharePoint sites); you can create a "Request files"! 😮
Before explaining to you the benefits of this feature, I will show you how to use it.
The external sharing for Anyone has to be enabled on your Tenant.
To enable it, go to your Microsoft 365 Central Admin ⟩ SharePoint ⟩ from the left navigation, under Policies, click on Sharing link.
Note: to allow OneDrive at the most permissive sharing, SharePoint has to be set up at the same level too.
Once configured, click on Save.
Note: for more security and to avoid infinite external sharing links, set up a link expiration in day is recommended.
For more information about external sharing, find below the link of Microsoft docs:
Create a file request
Here, the steps to create a Request files:
- From your OneDrive, create or use an existing folder
- Select the folder for which you want to perform a Request files
- From the
Command Baror the
Contextual Menu(click on ellipsis), click on Request Files
Note: multiple selection is not supported
- A modal dialog appears; specify a description of what kind of files is expected (for a projet, a procedure, etc.) and click Next
- Your Request files is ready now; you can use and share the provided link (via mail for example) and/or share it directly by specifying the mail addresses of the recipients
Warning: if you specify recipient(s), the behavior will not be the same for the user that performs the upload (see Upload files as recipient part)
You will find the procedure and more on the following Microsoft support:
Upload files as recipient
As a recipient, if the invitation was sent directly via OneDrive, you should receive an email like this one:
- Click on the button Upload Files or use the link that was shared to you; that will open your favorite browser at this page:
- Select file(s) to be uploaded; the next behavior changes in accordance with the invitation with recipient(s) (left screenshot) or with no recipient specified (right screenshot)
- Click on Upload
Result from the requester side
As a requester, each time someone uploads file(s) via the link Request Files, an email is sent for notification.
Note: even if several files were uploaded, only the first one is mentioned into the mail
Here, the request folder with the uploaded files:
Some notes about the behavior of the uploaded files:
- If the Request files link has no recipient, each file is identified by a prefix which was inserted into the file name like:
- If the Request files link has no recipient, the
Activityare identified by Guest Contributor
- If the request files link has recipient(s), each file is identified by a prefix which was inserted into the file name like:
Full Name_File name.ext
- If the request files link has recipient(s), the
Activityare identified by an user name who uploaded the files
- The people who have the link can not see the content of the folder and can not edit, download or delete something
- A specific activity is dedicated to the dropped files
- Each document has a prefix to identify easily who were uploading the files
- The user profile is "anonymous" (wihout Live ID or Office 365 account) and if the shared link had no recipient specified,
Modified Byare identified by Guest Contributor
- Like a sharing link, the Request files link expires automatically in accordance with the expiration option defined on the Tenant
- A better user experience to drop some files easily and safety
Point to consider
Although this feature brings a lot of benefits, there are a few things to consider:
- Anyone who knows that the link can upload files into your OneDrive without having himself a OneDrive account
- Even if the recipient has a OneDrive account and is connected to his account, he can change the first name and last name
- The prerequisites impact the sharing behavior of the whole Tenant
- Once a request files was created, the permissions inheritance stopped. If the link is deleted, it is necessary to consider restoring the permissions inheritance
Hoping this post will help you 😉