When users click a link to a SharePoint site or page, they sometimes see the error message: “Sorry, you do not have access to this page.” This error can appear even when the user is a member of the Microsoft 365 group associated with the site. The root cause is often a broken permission inheritance, a missing site-level permission, or a sharing policy that blocks access. This article explains why the error occurs and shows site owners exactly which settings to check to restore access.
Key Takeaways: What Site Owners Must Verify First
- Site Permissions > Advanced Permissions Settings: Check if permission inheritance has been broken and if unique permissions are missing for the user.
- SharePoint admin center > Policies > Sharing: Verify that external sharing settings allow the user’s domain or guest access type.
- Microsoft 365 Group membership: Confirm the user is listed in the group and that the group has been granted access to the site.
Why the “Sorry, You Do Not Have Access” Error Occurs
SharePoint sites use permission inheritance by default. A team site inherits permissions from the associated Microsoft 365 group. A communication site inherits from the site collection. When a site owner breaks inheritance, each item or page can have unique permissions. If those unique permissions do not include the user, the error appears.
Another common cause is a sharing policy that blocks external users or specific domains. The SharePoint admin center controls these policies at the tenant level. Even if a user is added correctly at the site level, a tenant policy can override that access.
A third cause is a stale browser cache or an incorrect URL. The user might have a cached version of the page that points to a deleted or renamed site. Clearing the browser cache or using a direct link to the site home page often resolves this.
Steps to Diagnose and Fix Access Issues
- Check Microsoft 365 Group Membership
Go to the Microsoft 365 admin center. Select Teams & groups then Active teams & groups. Find the group that owns the site. Open the group and select Members. Verify the user is listed. If not, add them by selecting Add members and entering their email address. - Verify Site Permissions Inheritance
On the SharePoint site, select Settings (gear icon) then Site permissions. Select Advanced permissions settings. Look at the Permissions tab. If you see the message “This library inherits permissions from its parent,” inheritance is intact. If not, inheritance has been broken. To restore inheritance, select Delete unique permissions from the ribbon. Confirm the action. This will reapply permissions from the parent site or group. - Review Unique Permissions on Specific Items
If you cannot restore inheritance because other items require unique permissions, navigate to the specific page or document library that shows the error. Select the item, then select the ellipsis (…) and choose Manage access. Check the Direct access list. If the user is missing, select Add people and enter their email. Grant the appropriate permission level, such as Read or Contribute. - Check Tenant Sharing Policies
Open the SharePoint admin center. Expand Policies and select Sharing. Under External sharing, look at the level set for SharePoint and OneDrive. If the user is external, the policy must allow sharing with authenticated users or anyone. If the policy is set to “Only people in your organization,” external users cannot access the site. Change the policy if needed. - Clear Browser Cache and Try a Direct URL
Ask the user to clear their browser cache. In Chrome, go to Settings > Privacy and security > Clear browsing data. Select Cached images and files and confirm. Then open a new tab and enter the direct URL of the site home page, such as https://yourtenant.sharepoint.com/sites/sitename. - Check Site Collection Admin Access
In the SharePoint admin center, select Active sites. Find the site and select it. In the panel, look under Site admins. Ensure at least one site collection admin is listed. If you are not an admin, contact your global admin to add you.
If SharePoint Still Shows the Access Error After the Main Fix
User Is in the Group but Still Gets the Error
This usually means the Microsoft 365 group was not granted access to the site. In a modern team site, the group is automatically added. But if someone removed the group from site permissions, users in the group lose access. Go to Site permissions > Advanced permissions settings. Check if the group name appears in the list. If not, select Grant permissions and enter the group name. Assign the Members group the Edit level and the Visitors group the Read level.
Error Only Appears on One Page or Document
That item likely has unique permissions. Follow the steps in “Review Unique Permissions on Specific Items” above. If the page is a modern page in a communication site, check the page library permissions. Go to Site Pages library, select the page, and choose Manage access. Add the user or group with Read access.
Error Appears for All Users Including the Site Owner
This indicates a broken site collection or a policy issue. Verify the site is not in read-only mode or locked. In the SharePoint admin center, select Active sites and check the site status. If the status is “Locked,” unlock it. Also check if the site URL has changed. If the site was renamed, the old URL will not work. Provide the correct URL to users.
Team Site vs Communication Site: Permission Differences
| Item | Team Site | Communication Site |
|---|---|---|
| Default permission source | Microsoft 365 group (Owners, Members, Visitors) | Site collection (Site admins, Visitors, Members) |
| Inheritance behavior | Inherits from the group by default | Inherits from site collection by default |
| Adding external users | Add to the Microsoft 365 group or site directly | Add to site permissions directly |
| Common error cause | Group removed from site permissions | Broken inheritance on a page or library |
Site owners of team sites should focus on group membership and site permission inheritance. Communication site owners should check unique permissions on individual pages or document libraries first.
After verifying group membership, inheritance, and tenant policies, the access error should resolve for most users. If the problem persists, use the SharePoint admin center to run a site permissions report. This report shows every user and their permission level on the site. Compare the report with the expected access to find missing entries. As an advanced tip, set up a SharePoint permissions audit using PowerShell to automate this check monthly.