Revoke guest access to SharePoint Online and OneDrive after a defined period of time

News Informatique

Revoke guest access to SharePoint Online and OneDrive after a defined period of time

Update 19/05/2021 : Microsoft has updated the rollout timeline. The roll out will begin at the end of May

You will soon be able to create a policy that automatically revokes access for external guests to SharePoint Online (SPO) sites and individual OneDrives after a defined period of time. 

When will this happen
Microsoft will gradually roll this out in late August and expect rollout to be complete at the end of October. at the end of May and complete by the end of June.

How this affects your organization

One of the strengths of SharePoint and OneDrive is that it facilitates sharing and collaborating among peers, not only within an organization but also with people outside the organization (guests).

In order to better manage sharing, tenant admins will be able to create a policy to revoke guest access to SPO sites and individual OneDrives after a defined period of time. With this policy, you can limit guest user access; thus guests who are no longer active partners will not retain indefinite access to documents and files.

  • This policy is not retroactive; it does not apply to guests who already have access to sites, documents and files.
  • The policy applies to a user’s access to a given SPO site or individual OneDrive. When the access period reaches your policy threshold, such as 10 days, then the guest loses access to all content in that site. Guest access expires on a site-by-site basis, determined by when the guest was granted access to each site, whether that is an SPO site or an individual OneDrive.
  • After a guest loses access to a site, any user with the ability to share content externally can re-invite the guest to each document or item as needed.

SharePoint site administrators can extend access at any time, up to the limit of the tenant policy. For example, if the tenant policy is 10 days, and today is the 10th of the month, the SharePoint site admin could extend access for an external guest to the 20th of the month. There is no limit on the number of time a site admin can extend access.

SharePoint site administrators will receive e-mail notifications advising of upcoming guest user access expirations.

What do you need to do?

If you plan to enable this feature, be sure to inform your SharePoint site administrators and users about the new process so that they are prepared to manage guest access as needed.

You can enable this policy, which applies to both SPO and OneDrive, in the SharePoint admin center.

Comments: 2

  1. Dakota says:

    Hey Thibault,

    I’m looking for this within my Tenant and the option is not there. Do you know if there are any prereqs that need to be done for the option to show? Maybe licensing?

    I suppose it’s also possible that Microsoft rolled back this feature.

    Dakota

    • Thibault CHATIRON says:

      Hi there,

      Thank you for your comment.

      I updated my post.

      Actually, Microsoft has updated the rollout timeline the 07/05. The roll out will begin at the end of May and will be complete by the end of June.

      So, be patient 😉

      Best regards,

      Thibault

Add your comment