Get All Expired Anyone Links in SharePoint Online Using PowerShell

When users share files and folders in SharePoint, a shareable link is created which has permissions to the item. One of the primary link types is the Anyone Link. These links grant access to anyone with the link, without requiring authentication. You can set an expiry date for anyone links to limit external access over time automatically. After generating & setting expiration for anyone links, it is crucial to monitor these links for the following reasons.

• Security: Expired links can still be accessed if someone has cached them. Identifying and revoking expired links helps ensure unauthorized access isn’t granted.
• Compliance: Organizations with data governance policies might need to track expired links to demonstrate control over sensitive information.
• Content Management: Knowing which links are expired helps clean up shared resources and streamline access management.
• Access Needs: Sometimes, an expired link may need to be reshared for ongoing access to data. In such cases, you can create a new link to ensure continued access.

However, manually navigating through each site to find anonymously shared links can be troublesome.

In this blog, we will show you various methods to list all expired anonymous links, making it easier to manage sharing and access in SharePoint Online.

Here are the methods to get all expired anonymous links in SharePoint Online:

View expired anyone links via SharePoint admin center: Login to the SharePoint admin center -> Active sites -> Select the respective site -> Document library -> Select the document -> More option(…) -> Manage access -> Links. This will display the links created for the document. Expired links will have an expiry symbol next to them, which you can hover over to see the expiration date. However, this method requires checking each document across all sites, which can be time-consuming and complex.

Search the audit log: You can search the audit log by applying the necessary filters to view anonymous link creation and access. While this method allows you to get the access details, it cannot retrieve links created more than 180 days ago.

Retrieve expired anyone links using PowerShell: The Search-UnifiedAuditLog cmdlet in PowerShell allows you to track anonymous link creation in SPO. However, like the audit log search, it only provides data for the past 180 days.

To address this gap, our custom PowerShell script offers a solution by exporting expired anonymous links from SharePoint Online into a CSV file.

Download Script: FindExpiredAnyoneLinks.ps1

1. Exports all expired anyone links in your SPO environment.
2. Exports expired anyone links for a list of sites.
3. Automatically installs the PnP PowerShell module (if not installed already) upon your confirmation.
4. The script can be executed with an MFA-enabled account too.
5. Exports report results as a CSV file.
6. The script is scheduler friendly.
7. The script uses modern authentication to connect SharePoint Online.
8. It can be executed with certificate-based authentication (CBA) too.

The script exports expired anonymous links in SharePoint Online with the following attributes.

• Site Name
• Library
• File Name
• File URL
• Access Type
• File Type
• Link Expired Date
• Days Since Expired
• Link Created Date
• Last Modified On
• Shared Link

The exported report on anonymous link expiration looks like the screenshot below.

1. Download the script.
2. Start the Windows PowerShell.
3. Select any of the methods provided to execute the script.

Method 1: You can run the script with MFA and non-MFA accounts.

When you run this script, you will be asked to enter your tenant name. The script will then export a list of all expired anonymous links for all documents across all SharePoint sites within that tenant.

Important: While running the script, you’ll need to authorize for each site regardless of whether MFA is enabled. For example, if you have 25 sites, you will need to authorize access for each of the 25 sites individually. Additionally, if you’re not an owner of certain sites, you might encounter an unauthorized error and won’t be able to retrieve the expired link data. To avoid these issues, use the second method, which lets you gather data from all sites without repeated authorization prompts or access errors.

Method 2: Run the script using Certificate-based authentication.

You also have the option to run the script using certificate-based authentication. When you want to run the script unattended, you can choose this method.

To use certificates, you must register an app in Microsoft Entra and connect to SPO using certificate.

Note: Depending on your requirements, you can create a self-signed certificate. The script is scheduler friendly. You can schedule the script using the Task scheduler or Azure Automation.

The script includes customizable filtering options designed to meet your specific needs. Here is a specific scenario where the script excels.

By default, the script generates a report for all expired anonymous links across all site collections. However, generating a report for a list of site collections enables a more targeted analysis. To do this, you can input the site collection details via a CSV file and generate a report for the associated subsites.

Use the –ImportCsv parameter to pass the CSV file and retrieve reports for expired anyone links in SharePoint Online. For example,

The file must follow the format below: Site names separated by a new line with SiteUrl as header. Not including this header will result in errors when running the script.

The resulting report will display a list of all expired anyone links within the specified sites in SharePoint Online.

Monitoring SharePoint site activities is crucial for organizational compliance and security. While PowerShell scripts offer direct control, they can be time-consuming and complex, limiting detailed insights. AdminDroid steps in as a comprehensive solution, offering crystal-clear insights with its extensive suite of SharePoint Online reports:

Anonymous Link Reports

• Anonymous links created with expiry date
• Anonymous links removed
• Anonymous links updated
• Anonymous links accessed

People in <your organization> Link Reports

• Company links created
• Company links removed
• Access using links

SharePoint Online Site Reports

• All SharePoint sites
• External sharing enabled sites
• Sharing policy setting changes at site/tenant level

File Auditing Activities

• Files uploaded or downloaded from SharePoint sites
• Malware-detected files
• Files shared with anonymous access

External Sharing Activities

• Files shared to external users
• Site invitations shared to external users
• Guest user expiration changes

Moreover, AdminDroid’s SharePoint Online auditing tool ensures you stay on top of your site’s activities, enhancing security and administration with ease. By providing real-time insights and detailed reports, it empowers you to make informed decisions and swiftly address potential issues. This comprehensive approach enhances your SharePoint Online management and ensures robust site security.

Ready to take your Office 365 management to the next level? AdminDroid is your all-in-one solution! With more than 1800 detailed reports and over 30 interactive dashboards, AdminDroid makes monitoring SharePoint Online, Microsoft Teams, Exchange Online, Microsoft Entra ID, OneDrive for Business, etc effortless. Its intuitive design gives you a comprehensive snapshot of your Microsoft 365 environment.

Take advantage of a 15-day free trial to experience the AdminDroid difference. Download AdminDroid today and start optimizing your Microsoft 365 environment!

We hope this blog has been helpful in guiding you through the PowerShell script to find all expired anonymous links in SharePoint Online. Thanks for reading! To further enhance SharePoint security, follow best practices for sharing links, files, and folders in SharePoint Online. If you have any questions or need further assistance, please leave a comment below.