Showing results for 
Search instead for 
Did you mean: 
Kudo Kingpin
Kudo Kingpin

Disable "Create share link" action or the entiore "OneDrive for Business connector"

We are trying to figure out how to disable/block OneDrive for business connector completely or the "Create Share link" actions. Is it possible? On the photo below, you can see that at some M365 tenant it was possible to block this action somehow. The only issue is that the user who took this photo is not my colleague and they have no idea how it was set up. Basically, we are trying to disable this feature in our organization:



From what I can see we can't block OOB connectors such as OneDrive for Business:



Sharing capabilities are disabled at the Tenant level

- Sharing capabilities and anonymous links are completely disabled on the Tenant level and on OneDrive sites level. SharingCapability : Disabled


Any help will be greatly appreciated!

Super User
Super User


Have you verified that the link that is created actually works as expected?  

If I have answered your question, please mark your post as Solved.
If you like my response, please give it a Thumbs Up.


hi @ScottShearer. Well, the expected behaviour for the link is not to work. The problem is that:

- While the tenant has the most restrictive policies possible, I can create the link and it works. The generated link contains a pre-authenticated WJT token which is good for one hour. It meas tenants affected by this issue cannot prevent users from creating these links.

- The produced link can be opened from an unmanaged device without a credentials priompt.

Super User
Super User

@DenisMolodtsov I have seen your other post also I was able to reproduce the issue on my tenant as well

Community Champion
Community Champion

Hi @DenisMolodtsov,


it's just a shot in the dark, but anyway: can you filter/block already created links in the already existing emails instead of preventing their creation? 

Contact me if you are interested in custom Power Automate development.

@VictorIvanidze wrote:

Hi @DenisMolodtsov,


it's just a shot in the dark, but anyway: can you filter/block already created links in the already existing emails instead of preventing their creation? 

Do you know where would I find a repository of these pre-authenticated links? Do you think it might be possible via API? 


When I go to the file's Manage Access, the panel says that there are no links giving access. But I know for a fact that there are "preauthenticated" links. These links just don't show up here for some reason:




@jinivthakkar wrote:

@DenisMolodtsov I have seen your other post also I was able to reproduce the issue on my tenant as well

Thank you for checking! I am glad a few other people were able to verify this issue independently. 

Super User
Super User

@DenisMolodtsov get sharing report


To run the report (OneDrive)

  1. From the Microsoft 365 app launcher, select the OneDrive tile.
  2. On the Settings menu, click OneDrive settings.
  3. Click More settings, and then click Run sharing report.
  4. Choose a location to save the report, and then click Save.

Link -


If this post helps answer your question, please click on “Accept as Solution” to help other members find it more quickly. If you thought this post was helpful, please give it a Thumbs Up.

Thank you for the suggestion. Unfortunately, this report does not list any of these "pre-authenticated" links. This is despite the fact that I can see that these links are working:


Shared links reportpng.png

Super User
Super User

@DamoBird365 Hi Damien, can you please help on this ?

Hi @DenisMolodtsov 


I've not got time to test the scenarios at the moment but have you explored here:




Not sure if flow honours these settings (you would hope) but you could implement a security group in AAD and then choose the type of sharing that you allow (authenitcated guests or anyone).


I saw a discussion about OneDrive sharing here and one suggestion is DLP - for which I don't have the necessary experience of I am afraid.


If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

P.S. take a look at my new blog here and like & subscribe to my YouTube Channel thanks 😉

Super User
Super User

@DamoBird365 thanks Damien, even I have very less experience in DLP but I had tried creating a DLP but even then it did not block the anonymous link creation(may be I did not create DLP correctly)


Thank you,  @DamoBird365. I want to add more information for the context.


Least permissive policy

External sharing settings are not applicable when we choose the "least permissive" sharing policies. Notice how the "More external sharing settings" is greyed out:



We can verify that it is impossible to generate the anonymous links via the user interface: 





Blocking sharing altogether <- this suggestion is about blocking sharing altogether. This is not quite what we are trying to do. We merely want Power Automate/OneDrive to respect the tenant settings that prohibit Anonymous links. Looks like the Power Automate OneDrive for business connector somehow bypasses all restrictions and just creates these "pre-authenticated links" that work no matter what. 



Blocking OneDrive for business connector and DLP

The DLP policies don't allow blocking certain connectors like Teams, Outlook, SharePoint and OneDrive for business:



Pre-authenticated links vs Anonymous links

As one Microsoft representative pointed out, the Anonymous links is not the same as "pre-authenticated" links. The latter work only for 1 hour and contain a JWT token that will let you download a document using. However, it does not make sense to have the least permissive sharing policy while you can easily bypass it by using Power Automate "Share a file" action.



Replication steps

- Make sure the tenant has the "Least permissive" sharing policy

- Create a flow with a single "Create share link" ation

- Run the flow

- Try opening the resulting string from a different browser/computer/device :




Note that there was at least one person who was not able to reproduce this issue. He is a Tenant admin and he has no idea what he did to fix this issue. 


Helpful resources

Power Automate News & Announcements

Power Automate News & Announcements

Keep up to date with current events and community announcements in the Power Automate community.

Community Calls Conversations

Community Calls Conversations

A great place where you can stay up to date with community calls and interact with the speakers.

Power Automate Community Blog

Power Automate Community Blog

Check out the latest Community Blog from the community!

Users online (5,460)