Forum Widgets
Latest Discussions
OneDrive Sharing and Graph "/invite" Endpoint Now Creating Guest Users?
I have an application that integrates with OneDrive via the Graph API, and leverages OneDrive sharing features. Recently I got a new Microsoft E5 dev license, and I've noticed that the sharing workflows and API results are different on this license than on my previous license, and the enterprise licenses of my clients that use the application. All instances are using v1 of the API. On my new license, when I share a OneDrive file/folder using the "/invite" endpoint of the API, it adds the external email I'm sharing with as a Guest on my M365 tenant. It did not do this before. The initial result of the API call to the /invite endpoint is the same as it was previously: [{ 'roles': ['read'], 'grantedToIdentities': [{ 'user': { 'email': '<external email>' } }], 'invitation': { 'signInRequired': True }, 'link': { 'type': 'view', 'webUrl': '<link URL>' } }] However, if I share another file/folder with the same external email, the response is different: [{ 'id': '<permission ID>', 'roles': ['read'], 'grantedTo': { 'user': { 'email': '<external email>', 'displayName': '<external email (minus domain)>' } } }] As you can see, the response now contains "grantedTo" instead of "grantedToIdentity". The response also does not contain a link URL, and I need to perform an extra API call on the permissions of the shared item in order to find the link. This response format matches the responses I expect when I share with internal emails on my tenant, and I can see in the admin centre that the external email has been added as a Guest user. With my old license, and my clients' licenses, external recipients were not added as guests on the M365 tenant, and sharing multiple drive items with the same external user always returned the same format of API response (always including the link URL). Shared Item Access Workflow With my new license, when I use the link to access the shared item with my external email, I am now prompted to provide permissions to my account for the OneDrive tenant (email and tenant domain redacted here for privacy): I am also prompted to set up MFA: With the previous workflow, I just had to enter my email address, then verify the email with a code. I was not prompted to grant permissions or set up MFA. This seems needlessly complicated for sharing drive items with external users, particularly those that are not tech-savvy. Why is the sharing workflow so different on my new dev license? Can I adjust the settings on my tenant to prevent this, or is this how sharing will work going forward? If so, when can I expect this to change for my clients' license? I see no mention of this in the https://learn.microsoft.com/en-us/graph/api/driveitem-invite?view=graph-rest-1.0&tabs=http, and I can't find any mention of the change online. I've reviewed the sharing settings in the Sharepoint Admin Centre. However, these are identical to the settings on my old license. I've tried messing with the External Collaboration settings in Entra to prevent guest users from being created, but this prevents me from sharing with external users altogether. I can't find any other settings that may control this behaviour. Please help!
Trying to create Graph connector, can't see menu options
I am trying to follow this microsoft tutuorial to create a graph connector: https://github.com/microsoftgraph/msgraph-sample-github-connector-python I am a global admin in my own personal tenant (it is a paid subscription). The code in this repo creates a connection in azure, and I have no problem following the first part of it (the code successfully creates the connection, and I am able to create the schema for the connection. The problem I have is that I can't see the "Data Options" tab in my tenant. Here is what the instructor sees: here is what I see in my tenant: Once again, I was able to create the schema for the connector via code, so I know it is there:
