Forum Discussion
External users can't open documents in desktop application
- Sep 18, 2018
Hi all,
This behavior is expected (external users not getting the "Open in Office" option) whenever the external user is authenticating via the new one time passcode (OTP) method. You can see a better overview here: Documentation
There are two states an external user can be in today: If they are authenticating via OTP, then they do not have a real AAD account and thus cannot open in clients. This occurs when you share a file or folder with an external user who is not in your directory (i.e. they have never been shared to before).
Inviting a user to a site or a group or using the Azure B2B platform will create an account in AAD for the guest user. These users must have an MSA or AAD account to sign-in with to accept the invitation. They can use Office apps.
This is definitely something we're looking to improve and I definitely suggest you check out the "What's new in External Sharing & Collaboration with OneDrive & SharePoint" talk at Ignite next week ;)
Bottom line is, the users must authenticate using a MSA/Work account into your tenant and be listed as a guest in azuread in order to use the client, if they do not have to login by using anon link / specific people with code option, they will not be able to use the client.
I think what is happening is your tenants have been updated awhile back so the specific people option now uses the codes and you just now have invited people that haven't been invited to your tenant yet and seeing the side effect of that change?
Anyway, hopefully Microsoft has a fix to just allow client no matter what soon!
Hi all,
This behavior is expected (external users not getting the "Open in Office" option) whenever the external user is authenticating via the new one time passcode (OTP) method. You can see a better overview here: Documentation
There are two states an external user can be in today: If they are authenticating via OTP, then they do not have a real AAD account and thus cannot open in clients. This occurs when you share a file or folder with an external user who is not in your directory (i.e. they have never been shared to before).
Inviting a user to a site or a group or using the Azure B2B platform will create an account in AAD for the guest user. These users must have an MSA or AAD account to sign-in with to accept the invitation. They can use Office apps.
This is definitely something we're looking to improve and I definitely suggest you check out the "What's new in External Sharing & Collaboration with OneDrive & SharePoint" talk at Ignite next week ;)
- wpaulgJun 20, 2019Copper Contributor
StephenRiceJust ran into this problem with a client - looks like its been 9months... any progress on allowing external users to "open in word" from a sharepoint site?
- Jun 20, 2019External users can open using desktop Applications fine, you just have to not use anonymous sharing links. Invite them direct to the file and they should be able to use desktop.
- wpaulgJun 20, 2019Copper ContributorIt didn't seem to work that way, we invited external users to a site (not a document) with edit permissions using 'only users with the link' option. They could edit in word on line but not open in the desktop app until we added them to a O365 group so that they were upgraded from an external user to a guest. We don't want them to be group members however as that gives them access to the entire sharepoint site, not just the folder we wanted to share.
- Karen PiersonSep 18, 2018Copper Contributor
StephenRice Thank you very much for clearing up the confusion here! I really appreciate it. In 2 days I got more information from this group than MS support in 3 weeks, sadly.
I have to be honest that I’m pretty disappointed with this outcome, however. I can look into the Azure B2B solution but I'm not sure it will work for us. We are a B2B firm where our consultants work on multiple clients at one time, in multiple teams at one time, with a lot of crossover. Trying to manage who gets invited to sites/folders/docs, and having to explain why they need to create yet another account on yet another platform to clients over and over doesn’t seem feasible for us. We were told when we decided on SP that sharing externally would be very easy, just a few clicks and everything would work like we are able to access things. I’m frustrated this is not the case.
Alas, I won't be at Ignite, but I will be at SharePoint Fest in Chicago in December. It looks like I can live stream some things from Ignite so I will be sure to see about that session.
Thank you all for your help!
KP- StephenRiceSep 18, 2018Microsoft
Hi Karen,
Glad I was able to help! I'll pass this along to our support folks so we hopefully can solve this faster for other people who have the same types of questions.
And I totally understand your frustration. The whole reason we embarked on this "OTP" experience in the first place was to eliminate the "account overload" frustration that you're describing. Rest assured that our goal is make this experience even better in the future (including the ability to open in office applications).
I believe they are streaming or recording all sessions so you should have no problem catching it after the fact. If you have any other concerns after the talk, feel free to tag me again! Thanks!
Stephen Rice
OneDrive Program Manager II
- DeletedSep 18, 2018I will be there front and center :P. Be nice to meet after seeing you around in these forums this past year!
- StephenRiceSep 18, 2018Microsoft
Absolutely! I won't be giving that particular talk but I'll be around for the brief Q&A at the end. It's probably a bit below your level of expertise but we've also got a "Quick and Easy Sharing with OD & SP" session (that I am giving) that will cover a lot of sharing basics as well!
Stephen Rice
OneDrive Program Manager II
- DeletedSep 18, 2018Just swinging by to say hey. But then again you'll probably be at the OneDrive booths in the expo/community center where all the Microsoft booths will be often I assume?