User hover cards causing Team/Group Guest users SharePoint access issues.

Deleted
Not applicable

@Stephen Rice - tagged you but not sure who else I might tag to on SharePoint team :). 

 

Don't know if you guys have this on your radar or not, but there was a Teams post going on about guest access users not being able to see documents via the "Open in SharePoint" link. But I also think this might be affecting other area's in general possibly. 

 

Anyway, I setup a test tenant site and invited my main account as a guest and then try to access documents inside of SharePoint and the page will load, then a prompt will come up asking for login. The other tenant where this discussion is going on will redirect to access request pages. 

 

Culprit I believe is the new Hover Card feature. I did a Console as the page loads and you will see the last place it hits is file hover which I'm guessing is what is causing this fiasco. Anyone else having this issue with Guest users that wants to confirm their experience? Been able to reproduce similar results in 3 tenants now. 

Capture.JPG

 

*Temporary Fix* - If you are having this issue and have a Team/Group with Guest users accessing "Open in SharePoint"/SharePoint site as a guest, you can go to the Library Settings, and edit the default view and make sure you don't have "Modified by" or "Created By" columns showing in the view. This will allow them to use it temporarily. 

22 Replies
And it seems the "Modified by" People hover card is the one, the file hover cards seem OK. At least for now. Guessing that might be what "Live Persona Card" means.

Just a little more. Going to a homepage of a Site/Tenant I'm a guest of and was getting "Access denied page(request access). I quickly got in an edit of the home page and turned off "Comments" at the bottom of the page and the page now renders without getting denied message. This comment at the bottom has a People hover card on it. So definatley related. These hover cards load with the doc. lib "modified" columns so errors there towards end of the render.

 

Anyway, hate bugging @Mark Kashman but just wanted to let you know, this seems is probably affecting all guest access access to Most SharePoint Online pages, at least from Teams for sure :). 

Hey Chris,

 

Thanks for flagging this. I'm not sure what's going on but I'll forward this thread internally and we'll see if we can figure it out. Thanks!

 

Stephen Rice

OneDrive Program Manager II

I'm experiencing the same issue on my tenant.  I've tried removing all the content from Team Sites, but the issue prevails.

Yeah, you have to remove "comments" from pages, and "created by" "modified by" columns from list/libraries to get it to stop. Rather annoying. I sent support a request for update earlier today, no update.
Well my update to my ticket responded with "We need more of the same info I already Provided"....... at this point I keep going through a support loop. Reaching out to some folks hopefully we can get some escalation on this issue.

Just got the same problem when sharing a modern site externally. Comment added so I get notification of any updates - but let me know if you need any more evidence! 

We have the same issue with authentication prompts for external users using the Communications site template. As mentioned previously, disabling comments on pages and removing the modified by columns in document libraries prevents the prompts but it would be good if the issue was fixed so we can use these features.

Thanks for that, was this shared with a user that has been granted guest access to a Team previously thou and had their account in your Guest user list in the tenant prior to sharing that comm site?

No, brand new modern team site and brand new client who I shared with - they won't have had anything else shared with them. I turned off comments but they are still getting the prompt. 

One thing I did select (either when sharing or setting up - i can't recall) is that i said don't give the external user access to conversations etc - as I know they won't need to access that.
Your page must have people web part or another web part that has the hover card link somewhere that’s why comments alone didn’t work. It’s just most basic pages the comments will always trigger but having another item on the page that makes use of those could also trigger it.

Ok, after much frustration, I finally got the Teams/Skype group which had the ticket to just forward it to the SharePoint support group. They called me, and right away she picked up on the issue and it is a known issue and is currently being worked on. They should contact me when they bug is fixed. Happy that I got confirmation that dev's have it and have it to fix at this point and got passed the front level support wall :P.

Ah yes there is the Activity web part on there with documents showing the author :) I'll try removing that. Its not causing too many issues just now as only using for a few external users but good to know they have it in hand.

I have a similar issue that could be related to this error. A brand new Office 365 group shared with an external users shows a windows authentication box. The external user can access the content, but some rollup images in the news webpart are not shown.

 

The network trace show that the browser is trying to access the following url at the sharepoint.com rootsite:

<tenant-rootsite>/_api/sphomeservice/context?$expand=Token,Payload 403 (Forbidden)

 

The external user however does not have any access to the tenant rootsite collection.

Hi,

Any update on the ticket?

Thanks,
-Haniel
Nope. They said they will contact. I’ll reach out next week. Been over a month with this issue /sigh

It looks like i have the same issue i have crated a ticked also

I have the same issue where users are getting continuous prompt to login again in modern team site using guest access. I cannot remove all the user cards from the complete site. Waiting for the resolution