It is crucial for any organization to manage data access and to the ensure security of relevant search results is crucial for any organization. SharePoint, a powerful collaboration platform, offers Restricted SharePoint Search that helps administrators control which sites are included in organization-wide searches and Copilot experiences. This feature allows you to create a curated the allowed list of up to 100 SharePoint sites, ensuring that only the most relevant and secure sites are searchable.
This guide will walk you through the steps to create and manage a curated allowed list in SharePoint, from identifying and reviewing sites to applying the list using PowerShell scripts.
What is Restricted SharePoint Search?
Restricted SharePoint Search is a setting that helps SharePoint administrators maintain a curated list of SharePoint sites (known as the “allowed list”) that have been reviewed for permissions and data governance.
It reduces the risk of exposing sensitive or irrelevant information. Only trusted sites are included in search results.
Provide more relevant search results by focusing on important and frequently used sites.
It is easy to manage and update the list centrally—also, consistency in search experience across the organization.
What is the Curated allowed list?
A curated allowed list in SharePoint is a carefully selected and managed list of up to 100 SharePoint sites that are permitted to appear in organization-wide search results and Copilot experiences. Administrators create this list with the most relevant, secure, and necessary sites included. The process involves reviewing site permissions, assessing site activity, and working with stakeholders to finalize the list. The curated allowed list helps enhance search relevance, improve security, and support data governance.
What is an Allowed List?
An allowed list (also known as an allowlist) is a list of entities (such as users, devices, IP addresses, or websites) that have been granted permission to access a particular service or resource. In SharePoint, an allowed list refers to the specific SharePoint sites permitted to be included in search results and Copilot experiences.
Steps to guide to Curate the Allowed List for the Restricted SharePoint Search
STEP 1: Navigate to the SharePoint admin center. Under the Sites section, select "Active sites" in the left panel.
Here you will see a SharePoint list of the active SharePoint sites of your organization.
Focus on two types of sites:
Known sites: The sites are already recognized as safe and necessary for organization-wide search. Examples include your company’s intranet site, departmental, and project sites.
Top active and shared sites: These are frequently accessed and shared within your organization. You can identify these by looking at the Site usage reports in the SharePoint Admin Center, which show metrics like the number of views, unique viewers, and shared documents.
For each site on your initial list, click on the site name to open its details page. Go to the Permissions tab to see who has access to the site. Review the permissions with the site admins and stakeholders to ensure they are correctly configured. This might involve:
Removing unnecessary permissions.
Adding or adjusting permissions for key users or groups.
Ensuring that sensitive information is protected and only accessible to authorized users.
STEP 2: After reviewing permissions, compile a list of sites that meet your criteria. Click "All sites" in the top right for a drop-down list. Select any of the options.
STEP 3: Move the columns from right to left and select "Customize Columns". This will help you to display the columns for easy analysis.
For example, Select the Site name, URL, page views, Page visit, and Files. Click Apply.
The result:
To sort the SharePoint sites by page views for the last 7 days, again click "Customize Columns" and select the "Last activity (UTC)".
Then click Apply.
The Last Activity (UTC) column is added. Click the arrow next to it, and select Filter by Last activity (UTC) => Last 7 days.
The Last activity column will display the activity of the SharePoint site in the last 7 days.
STEP 4: To save the custom view, click "All sites => Save view as".
A dialog box will appear. Enter the name of your custom view. Click save.
You can see the saved custom view in the list. See the below image.
Manage Curated Allowed List using PowerShell Script
STEP 1: If not, then connect to SharePoint online. Open the SharePoint Online Management Shell. Connect your SharePoint online environment using:
Connect-SPOService -Url https://yourcompany-admin.sharepoint.comSTEP 2: Enable Restricted SharePoint Search using:
Set-SPOTenantRestrictedSearchMode -Mode EnabledSTEP 3: Add sites to the allowed list by providing their URLs.
# Define the list of allowed sites
$allowedSites = @(
"https://yourcompany.sharepoint.com/sites/site1",
"https://yourcompany.sharepoint.com/sites/site2",
"https://yourcompany.sharepoint.com/sites/site3"
)
# Add sites to the allowed list
Add-SPOTenantRestrictedSearchAllowedList -SitesList $allowedSitesSTEP 4: To verify the allowed list:
Get-SPOTenantRestrictedSearchAllowedListSTEP 5: Remove sites from the allowed list, use the following command:
# Define the list of sites to remove
$sitesToRemove = @(
"https://yourcompany.sharepoint.com/sites/site1",
"https://yourcompany.sharepoint.com/sites/site2"
)
# Remove sites from the allowed list
Remove-SPOTenantRestrictedSearchAllowedList -SitesList $sitesToRemoveSTEP 6: To view the current list of allowed sites, use:
Get-SPOTenantRestrictedSearchAllowedListConclusion
Creating a curated allowed list for Restricted SharePoint Search is a crucial step in enhancing your organization’s data security, search relevance, and overall user experience. By carefully selecting and managing the sites included in this list, you ensure that only the most relevant and secure content is accessible through organization-wide searches and Copilot experiences.
Comments