Read time 6 minutes

Summary: Before migrating to SharePoint Online, it’s crucial to grasp permission concepts. SharePoint offers fine-grained permissions, permission levels, groups, users, and securable objects. Understanding these elements simplifies migration planning. Default permission levels and user permissions further enhance control.

Before starting the migration, you should understand the basic concept of SharePoint Online permissions.

  • Permissions – Permissions grant users specific rights related to actions. SharePoint administrators assign these permissions at either the site or site content levels. If a user possesses the permission to view a file, their capability is restricted solely to viewing the file, with no ability to create or edit it.
  • Fine-grained permissions – When the administrator grants permissions at a highly detailed level to a securable object within the context of fine-grained permissions, such as assigning a permission to an individual file within a vast library, list, or site, it provides the user with extensive control over SharePoint data, enabling enhanced customization capabilities.
  • Permission level – Permission levels encompass the assortment of permissions allocated to users for various operational tasks. An illustrative instance of a permission level is the “Read Permission,” which encompasses numerous privileges, such as the ability to open a file, peruse its contents, view its pages, and access different versions of the file. All of these privileges are essential for gaining access to the file.
  • SharePoint group – A SharePoint Group streamlines the process of granting permissions to an entire group, as opposed to manually assigning permissions to individual users. Each SharePoint Group inherently includes at least one default permission level for roles such as owners, visitors, members, and so forth, enhancing efficiency in managing access rights.
  • User – A user is a single SharePoint account of a person. It is better to assign Permission to the user through groups as it becomes difficult to monitor each user.
  • Securable object – A securable entity encompasses items such as files, documents, folders, lists, libraries, sites, and more, all subject to permission settings. Administrators have the capability to allocate permissions at the item, folder, or site level, offering a range of controls.

Getting complete information about these SharePoint Online permissions and then planning your migration method is beneficial.

Read Also: Learn How to Customize Permissions in SharePoint?

  1. Default Permissions Levels – Default Permissions levels are various permissions which authorize a user to perform multiple actions on the objects. Here is a brief list of default permissions levels –

    Permission Level

    Permission Included


    View Only

    View Items, View Versions, View Pages, Browse User Information

    User can view application pages and related items.

    Limited Access

    View Application pages, Browse User information, User Remote Interface

    User can access the shared resource


    View Items, Open Items, View Versions, View pages

    User can view pages, list items, and download documents


    Add Items, Edit Items, Delete Items, Edit Personal User Information, Add Personal Web parts, Remove Personal Web parts, Update personal web parts

    User can edit user information, delete version in lists and libraries.


    Manage Lists, Contribute Permissions

    User can manage lists.


    Add and Customize pages, Apply Style, Edit permissions

    User can Add, View, Update, Delete, Approve, and Customize items or pages

    Full Control

    All Permissions

    User has full control

    Note:A user has the ability to tailor permission settings for the initial five levels. If you wish to modify permission levels for Limited Access and Full Control, you can render specific permissions inaccessible for an entire web application.

  2. User permissions

    User permissions are further categorized into 3 categories – list permissions, site permissions, and personal permissions.

    1. List permissions
    2. Some of the prominent list permissions are:


      Permissions Included


      Manage Lists

      Edit, Design, Manage Hierarchy

      User can create and delete lists, add or remove columns or views of a list

      Override List Behaviors

      Design, Full Control

      User can check a document for another user and can read/edit their terms

      Add Items

      Edit, Design, Full Control

      User can add items lists, and add documents to libraries

      Delete Versions

      Contribute Edit, Design, Full Control

      User can delete previous versions of list items or documents

      Create Alerts

      Read, Edit, Design, Full Control

      User can create alerts

      View Application Pages

      Full Control

      User can view application pages and enumerate lists

    3. Site Permissions
    4. Site Permissions are applied to site items. Some important permissions of them are the following:


      Permissions Included


      Create Subsites

      Full Control

      User can create subsites, meeting workspace site, and document workspace site.

      Manage Web Site

      Full Control

      User can perform complete administrative tasks for the site

      Add and Customize Pages

      Design, Full Control

      User can add, modify, or delete HTML pages or the site

      Manage Alerts

      Full Control

      User can manage alerts for all users of the website



      User can open a website, list, or folder to access site items

      View Pages

      Read, Contribute, Edit, Design, Full Control

      User can view pages in a website

    5. Personal Permissions
    6. Personal permissions are attached to single objects and items in the SharePoint.


      Permissions Included


      Manage Personal Views

      Contribute, Edit, Full Control

      User can create, change, and delete personal views of lists

      Add/Remove Personal Web Parts

      Contribute, Edit, Full Control

      User can add/remove personal web parts on a web part page

      Update Personal Web Parts

      Contribute, Edit, Full Control

      User can update Web Parts

How to migrate SharePoint Permissions

Once you have acquired a comprehensive understanding of the diverse permissions available in SharePoint Online, the process of migrating these permissions becomes straightforward. However, owing to the absence of a well-defined manual procedure for permission migration, the aid of a specialized tool becomes necessary. This tool streamlines the intricacies associated with managing permission migration, enabling the direct transfer of permissions and their associated data.

  1. Using Kernel Migrator for Sharepoint, you can migrate complete sites, lists, and libraries from SharePoint 2010 to 2013, SharePoint 2010 to 2016, and SharePoint 2013 to 2016. After selecting the migration, you can check the Migrate Permissions option.
  2. check the Migrate Permissions option
    Note: If you have checked the Migrate Permissions, then you can also check the second option of Remap Users/Groups. It will help you to map SharePoint accounts.

  3. Click Add New Mapping button and add Source User Name and Destination User Name in the respective boxes. Then click OK. map SharePoint accounts
  4. Finally, you can see that the source and the destination are selected to migrate the permissions directly. permissions directly to see source and the destination


If you choose not to transfer SharePoint Online permissions alongside the data, you’ll have to allocate fresh permissions post-migration, a task demanding substantial time and effort from SharePoint administrators. To circumvent this scenario, consider utilizing the Kernel SharePoint Migrator. This versatile SharePoint migration tool facilitates both platform upgrades and downgrades and enables seamless data migration from the Windows file system to SharePoint, as well as from the public folder to SharePoint, and from the file system to Google Drive/OneDrive for business.

Kernel Migrator for SharePoint