When you share files via SharePoint Online or OneDrive, external users have historically been handled in different ways depending on how sharing was done.
Microsoft is now standardizing this behavior.
Going forward: All external users you share with will be created and managed as guest users in Microsoft Entra ID.
What does this mean in practice?
Better visibility
All external users are now centralized in Entra ID.
This makes it easier to:
- See which external users exist
- Monitor activity
- Improve security and control
Sharing may stop working in some cases
External users who accessed files using a one-time passcode may lose access.
To restore access, the content needs to be shared again, which will create a proper guest account in Entra ID.
Why is Microsoft making this change?
The goal is to move from access-based sharing to identity-based collaboration.
In simple terms:
- Before: sharing could happen without strong identity control
- Now: all access is tied to a managed identity
This provides a stronger foundation for:
- Security
- Governance
- Lifecycle management
What should you do?
At this stage, you don’t need to redesign everything.
A good starting point is to:
- Review who can invite external users
- Understand your current sharing settings
- Get visibility into existing external users
Final note
This change does not restrict collaboration—it makes it more visible and controllable.
For many organizations, this is the first step toward a more structured approach to external access.
