Microsoft SharePoint roles and permissions
Cloud Commander will be decommissioned and stop functioning on May 13, 2026. You can use the product until that date.
Review and update workflows to remove any dependencies before the product is decommissioned.
Support, bug fixes, and security patches will be available until April 13, 2026.
| Role | Permission | Description |
|---|---|---|
| Microsoft OneDrive for Business Reader Can read all Microsoft OneDrive Command Blocks. |
command.category.read | Can read all corresponding Command Block categories |
| command.cmdonedrive.read | Can read all Microsoft OneDrive for Business Command Blocks and jobs | |
| command.jobs.read | Can read related Command Block jobs | |
| command.read | Can read all related Command Blocks | |
| organization.readbasic | Can read all basic organization properties (list) | |
| user.read | Can read all properties of a user (details) | |
| user.readbasic | Can read all basic user properties (list) | |
| Microsoft OneDrive for Business Writer
Can read and execute all Microsoft OneDrive Command Blocks. |
command.category.read | Can read all corresponding Command Block categories |
| command.cmdonedrive.read | Can read all Microsoft OneDrive for Business Command Blocks and jobs | |
| command.cmdonedrive.write | Can write all Microsoft OneDrive for Business Command Blocks and jobs | |
| command.jobs.read | Can read related Command Block jobs | |
| command.read | Can read all related Command Blocks | |
| organization.readbasic | Can read all basic organization properties (list) | |
| user.read | Can read all properties of a user (details) | |
| user.readbasic | Can read all basic user properties (list) | |
| Microsoft SharePoint Online Reader Can read all Microsoft SharePoint Online Command Blocks. |
command.category.read | Can read all corresponding Command Block categories |
| command.cmdsharepointonline.read | Can read all Microsoft SharePoint Online Command Blocks and jobs | |
| command.jobs.read | Can read related Command Block jobs | |
| command.read | Can read all related Command Blocks | |
| organization.readbasic | Can read all basic organization properties (list) | |
| report.accesstoken.read | Can read Power BI report access token (list) | |
| report.read | Can read Power BI reports (list) | |
| user.read | Can read all properties of a user (details) | |
| user.readbasic | Can read all basic user properties (list) | |
| Microsoft SharePoint Online Writer
Can read and execute all Microsoft SharePoint Online Command Blocks. |
command.category.read | Can read all corresponding Command Block categories |
| command.cmdsharepointonline.read | Can read all Microsoft SharePoint Online Command Blocks and jobs | |
| command.cmdsharepointonline.write | Can write all Microsoft Share Point Online Command Blocks and jobs | |
| command.jobs.read | Can read related Command Block jobs | |
| command.read | Can read all related Command Blocks | |
| organization.readbasic | Can read all basic organization properties (list) | |
| report.accesstoken.read | Can read Power BI report access token (list) | |
| report.read | Can read Power BI reports (list) | |
| user.read | Can read all properties of a user (details) | |
| user.readbasic | Can read all basic user properties (list) | |
| Microsoft Windows 365 Reader
Can read all Microsoft Windows 365 Command Blocks. |
command.category.read | Can read all corresponding Command Block categories |
| command.jobs.read | Can read related Command Block jobs | |
| command.read | Can read all related Command Blocks | |
| command.windows365.read | Can read all Microsoft Windows 365 Command Blocks and jobs | |
| organization.readbasic | Can read all basic organization properties (list) | |
| user.read | Can read all properties of a user (details) | |
| user.readbasic | Can read all basic user properties (list) | |
| Microsoft Windows 365 Writer
Can write all Microsoft Windows 365 Command Blocks. |
command.category.read | Can read all corresponding Command Block categories |
| command.jobs.read | Can read related Command Block jobs | |
| command.read | Can read all related Command Blocks | |
| command.windows365.read | Can read all Microsoft Windows 365 Command Blocks and jobs | |
| command.windows365.write | Can write all Microsoft Windows 365 Command Blocks and jobs | |
| organization.readbasic | Can read all basic organization properties (list) | |
| user.read | Can read all properties of a user (details) | |
| user.readbasic | Can read all basic user properties (list) |
Related articles
Updated: Jan 09, 2026