Permissions required for external users to use Modern UI (SPFx) components

Applies to: SharePoint Online


Crow Canyon Modern UI applications are built using Crow Canyon SPFx web parts. SPFx is a web part model that provides full support for client-side and responsive SharePoint development. Crow Canyon NITRO platform has full support for Modern UI and you can build rich application using this framework.

If Modern UI sites are shared with external users, Crow Canyon SPFx web parts may show this error message: “Sorry something went wrong”. To fix this, grant read permissions for external users on “ClientSideAssets” document library in the App Catalog site for the tenant as described below.

Detailed Steps

1. Go to SharePoint App Catalog site for the tenant

2. Go to ClientSideAssets document library (URL will be like:

3. Go to Library Settings -> ‘Permissions for this document library’ and grant read permissions for the external users on this library (i.e. add all individual external users to ‘Site Visitors’ group)

If we would like to grant permissions to all users including all external users at once, we can do this using SharePoint Online Management Shell by following below steps.


  1. Open SharePoint Management Online Shell and run below command. It prompts for SharePoint Online tenant URL, enter URL (for example, and then it prompts for credentials. Enter SharePoint Admin or Global Admin credentials to connect to your tenant.
    • Connect-SPOService
  2. Once the connection is done, run below command
    • Set-SPOTenant -ShowAllUsersClaim $true
  3. Now, SharePoint allows resolving a new group named “All Users (membership)”. Grant “Read” permissions to this group on “Client Side Assets” library in App Catalog site as shown below.
  4. If we do not want to allow resolving this group in sites any longer, after performing above steps, run below command in SharePoint Online Management Shell to disable this group.
    • Set-SPOTenant -ShowAllUsersClaim $false

Note: If granting ‘Read’ permissions to “All Users (membership)” group does not work (i.e., if external users are still seeing errors in SPFx web parts), then grant ‘Read’ permissions to “All Users” group as well. If this still does not work, grant read permissions to each external user manually on this library.

Note: To grant the permissions to external users on this library, it is required that external user access is enabled on the App catalog site collection.

To enable external sharing for app catalog site, please ensure that external sharing is enabled in SharePoint Admin Center. Refer instructions from this article. Once this is done follow below step to enable external sharing for App catalog site.

Go to Admin Centers, select SharePoint, expand sites, click “Active Sites” in left panel.

Select the App Catalog site collection and click “Sharing” and select “New and existing guests” option and save the settings (see screenshot below). For more details, refer this article.

Leave a Reply