Overview
After completing major SharePoint modernization work for Cross Catholic Outreach, MSPowerhouse was asked to solve another important business challenge: how to securely share SharePoint data with external users while giving internal administrators better control, visibility, and auditability. Cross Catholic needed a secure internal application that would allow administrators to manage access to SharePoint sites and document libraries for both internal Microsoft 365 users and external guests. The goal was not simply to "share a folder." The organization needed a controlled access management platform that could support external partners, contractors, and company contacts while reducing manual SharePoint permission work.
Challenge
- External users sometimes did not receive or accept Azure AD invitations.
- Administrators lacked a single dashboard to see who had access to what.
- Access grants were difficult to audit after the fact.
- Duplicate permissions and outdated access were hard to identify.
- Managing access across multiple sites, libraries, companies, and users became increasingly difficult.
- External sharing created compliance concerns because the organization needed better visibility and control.
Solution
MSPowerhouse designed and built a custom internal SharePoint Access Manager application that allowed administrators to manage SharePoint access from one centralized dashboard.
The application allowed administrators to discover SharePoint sites and libraries, manage companies, create and manage external users, grant access to one or more libraries, revoke access, resend invitations, and view a full audit history of access activity.
The solution used Microsoft 365 and Azure AD as the security foundation, while Microsoft Graph API handled user, invitation, email, and permission-related operations. SharePoint lists were used as the structured data layer for companies, external users, access grants, and audit logs.
Technical Execution
- Next.js and React front-end application.
- Azure AD authentication.
- Microsoft Graph API integration.
- SharePoint Online site and library discovery.
- SharePoint lists for structured application data.
- External guest user creation and invitation workflows.
- Email notifications through Microsoft 365.
- Access grant and revocation services.
- Audit logging for all major permission events.
- Role-aware administrative dashboard.
- Error handling for partial failures during bulk access operations.
Outcome
Cross Catholic received a secure internal application for managing external SharePoint access across users, companies, sites, and document libraries. The organization gained: A centralized dashboard for SharePoint access management. Better control over external sharing. Reduced manual permission administration. Faster access grants for internal and external users. Improved email communication for external guests. Clear audit history for compliance and troubleshooting. A more scalable process for sharing data securely with partners and external users.
Impact
This project helped Cross Catholic move from manual external sharing to a governed access management process. Instead of relying on scattered emails, manual invitations, and direct SharePoint permission changes, administrators could manage the full access lifecycle from one application. The solution improved security, reduced administrative effort, and gave the organization confidence that external users could access the right SharePoint libraries without unnecessary exposure or uncontrolled permission growth.


