HOW TO: Allow anonymous users to add items to SharePoint list using client object model

This post is a contribution from Charls Tom Jacob, an engineer with the SharePoint Developer Support team.

This blog is based on a support ticket I handled recently. The requirement was to let anonymous users add items to a SharePoint list/library using client side object model(JavaScript).

Here are the steps needed to implement this.

1. Enable Anonymous access at the Web Application level

Go to SharePoint Central Administration => Application Management, select the Web Application => Authentication Providers, click on the zone, and select Enable anonymous access


2. Now, navigate to the corresponding web site, Site Action => Site Permissions => Anonymous Access.

Configure what anonymous users can access at the site level


3. Break the permission inheritance on the specific list in which you want to allow anonymous users to add items.

Navigate to the list/library settings for the list in which you want to allow Anonymous users to add items:

List Settings => Permissions for this list => Stop Inheriting Permissions, click OK => Anonymous Access

Select Add Items.


4. Enable “AddItem” operation for the client object model for the Web Application. You can run the following code as a console application (equivalent powershell script also should work).

// Allows AddItem operation using anonymous access

private static voidAllowAnonAccess(){

            Console.WriteLine(“Enabling Anonymous access….”);

            SPWebApplication webApp = SPWebApplication.Lookup(new Uri(webAppUrl));

            webApp.ClientCallableSettings.AnonymousRestrictedTypes.Remove(typeof(Microsoft.SharePoint.SPList), “GetItems”);

            webApp.ClientCallableSettings.AnonymousRestrictedTypes.Remove(typeof(Microsoft.SharePoint.SPList), “AddItem”);


            Console.WriteLine(“Enabled Anonymous access!”);  


// Revokes Add/Get Item operation using anonymous access

        private static voidRemoveAnonAccess(){

            Console.WriteLine(“Disabling Anonymous access….”);

            SPWebApplication webApp = SPWebApplication.Lookup(new Uri(webAppUrl));

            webApp.ClientCallableSettings.AnonymousRestrictedTypes.Add(typeof(Microsoft.SharePoint.SPList), “GetItems”);

            webApp.ClientCallableSettings.AnonymousRestrictedTypes.Add(typeof(Microsoft.SharePoint.SPList), “AddItem”);


            Console.WriteLine(“Disabled Anonymous access!”); 


Please do IISRESET after running this code

You can make use of the createListItem() and retrieveListItems() method discussed in the following articles to Add/Get items using the anonymous account:

How to: Retrieve List Items Using JavaScript

Creating a List Item Using ECMAScript (JavaScript, JScript)

Note: If you are using a custom layouts page to execute the JS Script, make sure it’s accessible to the anonymous users. Inherit the custom page from UnsecuredLayoutsPageBase with AllowAnonymousAccess set to true.

Anonymous layouts page:


Item created by the anonymous user:



Sample code for this is available for download.

Happy anonymous access!!

Comments (1)

  1. Shafaqat says:

    Access has been granted to anonymous users, now it is easy to hack the system, they can use services located in _vti/_bin folder to hack the web application and add their information, is it not a security issue?