Forum Discussion
Guest user invites other guest user
Hello,
I'm testing a scenario in SharePoint where I need guests to be able to invite other guests (not already existing in the directory).
Config applied:
Entra ID (external collab settings)
- “Anyone in the organization can invite guest users including guests and non-admins” is enabled
SharePoint online (tenant level)
- External sharing set to "new and existing guests" for both SharePoint and OneDrive
At site level
- Sharing set to “New and existing guests”
- Members with Edit permissions can share files and folders
No sensitivity label applied
Default sharing link type:
Set to “Specific people”
Test scenario
Internal user shares a file with Guest A - works
Guest A (with Edit permissions) tries to share the same file with:
Another existing guest - works
A new external email - fails
Error received:
“Your organization's policies don't allow you to share with these users. Please contact your IT department for help.”
1 Reply
Hi,
In my opitinion the issue isn’t with the SharePoint or Entra ID configuration itself, but with the boundary between SharePoint and Entra ID. While Entra ID allows guests to invite other guests at the directory (B2B) level, SharePoint does not delegate the creation of new guest objects during sharing. When a guest enters a new external email address, SharePoint would need to create a new guest user in Entra ID — and that operation is blocked when initiated by a guest. This results in the generic “organization’s policies” error.
Two practical workarounds I see:
- Pre‑onboard guests in Entra ID — an internal user or an automated process invites external users first; once they exist, guests can share files with them.
- Controlled self‑service — a form with a Power Automate / approval flow that creates the guest user in Entra ID and only then grants SharePoint access.
I think this is a SharePoint Online architectural limitation, not a missing configuration toggle
