Forum Discussion

Silver Contributor

May 07, 2017

Solved

Guest Users vs. External Users

At this point, I cannot see any difference between the two wordings: it appears to me that "Guest User" and "External User" have exactly the same meaning, with the former being only a more "modern" w...

onedrive

SharePoint Online

StephenRice
May 15, 2017
We use the terms interchangeably at Microsoft as well. External user is an older term from back when all "guests" in the directory authenticated outside of the home tenant. When we added support for managed guest users (i.e. the user authenticates inside the home tenant), the "external" piece stopped making sense and "guest user" was born.

And as with many of these types of things, we ended up using both names to refer to the same set of features. If there is a feature/scenario where this language does make a difference, we try to make sure it's clearly labeled to avoid confusion.

Thanks,

Stephen Rice

OneDrive Program Manager II

StephenRice

Microsoft

May 17, 2017

Almost got it!

In that first case, the user will always authenticate with Fabrikam, not Contoso. Here are the two flows:

Stephen (a member of Contoso) invites Salvatore (a member of Fabrikam) to a document in the Contoso tenant. Salvatore receives an invitation mail.
When Salvatore clicks on the link in the mail, he goes through the invitation acceptance process which results in the creation of an account in the Contoso tenant. This is really kind of a sub account though as Salvatore will always authenticatate at Fabrikam.
When he attempts to access content, he will land at Azure Active Directory which recognizes that though he is logging into Contoso, he authenticates with Fabrikam.

In the second case, Salvatore's user account is actually managed by Contoso (for example, Contoso admins could reset his password) and it is not tied in any way to his Fabrikam account. Thus, in the first case, Salvatore authenticates externally to the tenant while the second case has him authenticate internallyto the tenant.

Hopefully that made sense :)

Stephen Rice

OneDrive Program Manager II

David Slight

Iron Contributor

Jul 24, 2017

Stephen, I am having similar issues with users from this company called Microsoft! Fabrikam and Contoso and Live and Hotmail all work fine but Guest users with Pernille-Eskebo.com are struggling. Q: Does MSIT follow these rules and do Microsoft accounts act as normal guests or externals? NB: I really mean blue badge, not people with a "Microsoft Account", that's another whole ball of wax!

StephenRice
Microsoft
Jan 02, 2018
Hi Inigo Adin,

I've replied to your private message and we can work through this there. Thanks!

Stephen Rice

OneDrive Program Manager II
Inigo Adin
Copper Contributor
Dec 21, 2017
Dear Stephen,

I fear that it might be late to post into that conversation, but I try as we are struggling with a similar problem and we don't know how to progress.

We have external guests invited to some content created by our company in a sharepoint group. They have access to the files login with their own emails (which also have to be registered at microsoft.com). And they are able to view the file the first time, but when they try to access the second time their emails are not recognised.

Any suggestions on how we shoudl solve it?

Thanks a lot for your help

Inigo Adin
StephenRice
Microsoft
Jul 31, 2017
Oh don't even get me started on that thing! Makes discussions internally fun when you say things like "And then you need to sign in with your Microsoft account" :D

Can you send me a PM with the issues you are having though? Thanks!

Stephen Rice

OneDrive Program Manager II