OTP vs Azure AD Account for External Access

%3CLINGO-SUB%20id%3D%22lingo-sub-1397952%22%20slang%3D%22en-US%22%3ERe%3A%20OTP%20vs%20Azure%20AD%20Account%20for%20External%20Access%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1397952%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F598305%22%20target%3D%22_blank%22%3E%40ckayidg%3C%2FA%3E%26nbsp%3BNo%2C%20your%20*.onmicrosoft.com%20accounts%20are%20created%20in%20your%20tenant%2C%20and%20are%20as%20such%20managed%20accounts.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1259689%22%20slang%3D%22en-US%22%3EOTP%20vs%20Azure%20AD%20Account%20for%20External%20Access%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1259689%22%20slang%3D%22en-US%22%3E%3CDIV%20class%3D%22_3xX726aBn29LDbsDtzr_6E%20_1Ap4F5maDtT1E1YuCiaO0r%20D3IL3FD0RFy_mkKLPwL4%22%3E%3CDIV%20class%3D%22_292iotee39Lmt0MkQZ2hPV%20RichTextJSON-root%22%3E%3CP%20class%3D%22_1qeIAgB0cPwnLhDF9XSiJM%22%3EI've%20been%20testing%20out%20OTP%20(One-Time%20Passcode)%20for%20guest%20access%2C%20but%20also%20have%20in%20place%20Azure%20AD%20accounts%20(domain%20is%20*.onmicrosoft.com)%20that%20allow%20a%20higher%20level%20of%20access%20(i.e.%2C%20they%20are%20considered%20members%20as%20opposed%20to%20guests).%20This%20testing%20is%20for%20access%20to%20Microsoft%20Teams.%3C%2FP%3E%3CP%20class%3D%22_1qeIAgB0cPwnLhDF9XSiJM%22%3E%26nbsp%3B%3C%2FP%3E%3CP%20class%3D%22_1qeIAgB0cPwnLhDF9XSiJM%22%3EOn%20this%20Microsoft%20Docs%20page%20(%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fb2b%2Fuser-properties%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20ugc%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fb2b%2Fuser-properties%3C%2FA%3E)%2C%20there%20is%20an%20announcement%20stating%3A%3C%2FP%3E%3CP%20class%3D%22_1qeIAgB0cPwnLhDF9XSiJM%22%3E%3CEM%3E%3CSTRONG%3EStarting%20March%2031%2C%202021%3C%2FSTRONG%3E%3C%2FEM%3E%2C%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CEM%3EMicrosoft%20will%20no%20longer%20support%20the%20redemption%20of%20invitations%20by%20creating%20unmanaged%20Azure%20AD%20accounts%20and%20tenants%20for%20B2B%20collaboration%20scenarios.%20In%20preparation%2C%20we%20encourage%20customers%20to%20opt%20into%3C%2FEM%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fb2b%2Fone-time-passcode%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20ugc%22%3E%3CEM%3Eemail%20one-time%20passcode%20authentication%3C%2FEM%3E%3C%2FA%3E%3CEM%3E.%20We%20welcome%20your%20feedback%20on%20this%20public%20preview%20feature%20and%20are%20excited%20to%20create%20even%20more%20ways%20to%20collaborate.%3C%2FEM%3E%3C%2FP%3E%3CP%20class%3D%22_1qeIAgB0cPwnLhDF9XSiJM%22%3E%26nbsp%3B%3C%2FP%3E%3CP%20class%3D%22_1qeIAgB0cPwnLhDF9XSiJM%22%3EI'm%20confused%20on%20how%20this%20will%20impact%20sharing%20with%20external%20users.%20Does%20this%20mean%20I%20will%20no%20longer%20be%20able%20to%20create%20*.onmicrosoft.com%20accounts%20for%20external%20access%20after%20this%20date%3F%3C%2FP%3E%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1259689%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EB2B%20collaboration%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Occasional Visitor

I've been testing out OTP (One-Time Passcode) for guest access, but also have in place Azure AD accounts (domain is *.onmicrosoft.com) that allow a higher level of access (i.e., they are considered members as opposed to guests). This testing is for access to Microsoft Teams.

 

On this Microsoft Docs page (https://docs.microsoft.com/en-us/azure/active-directory/b2b/user-properties), there is an announcement stating:

Starting March 31, 2021, Microsoft will no longer support the redemption of invitations by creating unmanaged Azure AD accounts and tenants for B2B collaboration scenarios. In preparation, we encourage customers to opt into email one-time passcode authentication. We welcome your feedback on this public preview feature and are excited to create even more ways to collaborate.

 

I'm confused on how this will impact sharing with external users. Does this mean I will no longer be able to create *.onmicrosoft.com accounts for external access after this date?

1 Reply

@ckayidg No, your *.onmicrosoft.com accounts are created in your tenant, and are as such managed accounts.