You click a file in SharePoint or OneDrive, but you see a 403 Access Denied message even though you are the owner. This error occurs when the file has specific sharing permissions that override your ownership rights. The root cause is often a combination of site-level sharing limits, folder-level unique permissions, or a policy that blocks direct access to the file. This article explains why this happens and provides clear steps to regain access to your file.
Key Takeaways: Fixing 403 Access Denied for Files You Own
- Check sharing policy inheritance: Ensure the file does not have broken inheritance that blocks owner access.
- Review site-level external sharing: If the file is shared externally, the site policy may block your own access.
- Use the Check Permissions tool: Verify which permissions apply to your account for that specific file.
Why a File Owner Sees 403 Access Denied
The 403 Access Denied error occurs when the SharePoint or OneDrive permission system evaluates a request and finds no effective access for the user, even if that user is listed as the file owner. This typically happens in three scenarios:
Unique Permissions on the File or Parent Folder
When a file or its parent folder has unique permissions (broken inheritance), the owner might be removed from the permission list. For example, if a user with Contribute permissions breaks inheritance on a folder and removes all other users, the file owner may lose access if they were not explicitly added back.
Site-Level Sharing Restrictions
SharePoint site admins can set a sharing policy that limits access to specific security groups. Even if you own the file, the site policy may block your account if it does not meet the policy requirements. This is common in sites with external sharing disabled or limited to specific domains.
Permission Inheritance from a Parent Site or Hub
If the file resides in a site that inherits permissions from a parent site or hub, and the parent site blocks your account, the file-level ownership does not override. The block propagates down, causing a 403 error.
Steps to Regain Access to a File You Own
- Open the file location in SharePoint or OneDrive
Navigate to the library or folder where the file is stored. Use the browser, not the sync client, to see permission details. - Check permission inheritance on the file
Select the file, click the three dots (More), and choose Manage access. If the page shows Unique permissions, the file does not inherit permissions from its parent. Click Advanced settings to see the full permission list. - Add your account directly to the file permissions
In the Advanced permissions page, click Grant permissions. Add your email address and assign at least Read access. Click Share to apply. This overrides any missing inheritance. - Check the parent folder for broken inheritance
Navigate to the folder containing the file. Repeat the Manage access check. If the folder has unique permissions, you may need to add your account there as well. Folders with broken inheritance can block access to files within them. - Review site-level sharing settings
Go to the SharePoint admin center > Active sites > select your site > Policies > Sharing. Ensure the external sharing level is not set to Anyone (if you use external sharing) or that your domain is not blocked. Change the setting if needed. - Use the Check Permissions tool
In the site permissions page (Site settings > Site permissions > Check Permissions), enter your email address. The tool shows exactly which permissions you have and where they come from. If it shows No access, you need to be added explicitly. - Contact the site owner or admin
If you cannot change permissions yourself, ask the site owner to add you to the file or folder. Provide the file URL and explain that you are the owner but see a 403 error. The admin can verify inheritance and policy settings.
If SharePoint Still Shows 403 After the Main Fix
File is in a locked or archived library
Some libraries have a policy that locks files after a certain period. Owners can still see the file but cannot edit or download it. Check the library settings for a retention policy. If the file is in an archive library, you may need to restore it from the archive.
Browser cache or authentication token expired
A stale authentication token can cause a 403 error even after permissions are fixed. Open a private browsing window (Ctrl+Shift+N in Chrome, Ctrl+Shift+P in Firefox) and navigate to the file URL. If it works, clear your browser cache and cookies, then sign out and back into Microsoft 365.
File is shared externally and the external user policy blocks you
If you shared the file with an external user, the external sharing policy might block your own access if the policy is set to Only people in your organization. In this case, the file becomes accessible only to internal users, but the policy may incorrectly block the owner. Remove the external sharing and reshare the file using a direct link with your account added.
| Item | Broken Inheritance | Site Policy Block |
|---|---|---|
| Cause | User removed owner from file or folder permissions | Site admin set a policy that excludes the owner |
| Symptoms | 403 only on that file or folder | 403 on multiple files or across the site |
| Fix | Add owner directly to file permissions | Change site sharing policy or add owner to allowed group |
To fix a 403 error on a file you own, check permission inheritance first. Add yourself directly to the file permissions if inheritance is broken. If the error affects multiple files, review the site sharing policy. Use the Check Permissions tool to confirm that the fix worked. For persistent issues, clear your browser cache and reauthenticate.