Home

Is there any way that can I block 3rd party accounts that are not 2 factored to my SharePoint site?

%3CLINGO-SUB%20id%3D%22lingo-sub-461856%22%20slang%3D%22en-US%22%3EIs%20there%20any%20way%20that%20can%20I%20block%203rd%20party%20accounts%20that%20are%20not%202%20factored%20to%20my%20SharePoint%20site%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-461856%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20are%20using%20SharePoint%20Online%20sites%20for%20collaboration%20with%203rd%20parties.%3C%2FP%3E%3CP%3EWe%20ensure%20that%20our%20company%20accounts%20(which%20are%20synced%20from%20on-prem%20AD%20to%20Azure%20AD)%20are%202%20factored%20for%20extra%20security.%3C%2FP%3E%3CP%3EWe%20invite%203rd%20party%20accounts%20in%20in%20order%20to%20collaborate.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20there%20any%20way%20that%20can%26nbsp%3BI%20block%203rd%20party%20accounts%20that%20are%20not%202%20factored%20to%20my%20SharePoint%20online%20site%3F%3C%2FP%3E%3CP%3EOr%2C%20what%20is%20the%20best%20way%20to%20approach%20this%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you%2C%3C%2FP%3E%3CP%3EOllie%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-461856%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EIdentity%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESecurity%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESharePoint%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-462124%22%20slang%3D%22en-US%22%3ERe%3A%20Is%20there%20any%20way%20that%20can%20I%20block%203rd%20party%20accounts%20that%20are%20not%202%20factored%20to%20my%20SharePoint%20si%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-462124%22%20slang%3D%22en-US%22%3E%3CP%3EYou%20can%20enforce%20a%20CA%20policy%20that%20requires%20MFA%20for%20guest%20users%2C%20if%20that's%20what%20you%20mean.%20Simply%20use%20the%20%22all%20guest%20users%22%20condition.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-464724%22%20slang%3D%22en-US%22%3ERe%3A%20Is%20there%20any%20way%20that%20can%20I%20block%203rd%20party%20accounts%20that%20are%20not%202%20factored%20to%20my%20SharePoint%20si%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-464724%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F58%22%20target%3D%22_blank%22%3E%40Vasil%20Michev%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECan%20this%20be%20done%20on%20a%20subsite%20by%20subsite%20basis%3F%3C%2FP%3E%3CBLOCKQUOTE%3E%3CHR%20%2F%3E%3CHR%20%2F%3E%3C%2FBLOCKQUOTE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-467029%22%20slang%3D%22en-US%22%3ERe%3A%20Is%20there%20any%20way%20that%20can%20I%20block%203rd%20party%20accounts%20that%20are%20not%202%20factored%20to%20my%20SharePoint%20si%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-467029%22%20slang%3D%22en-US%22%3E%3CP%3ENo%2C%20best%20you%20can%20do%20is%20by%20Site%20collection%2C%20but%20even%20that%20only%20covers%20some%20of%20the%20CA%20settings%2C%20not%20all.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Oliver McErlane
Contributor

Hi,

 

We are using SharePoint Online sites for collaboration with 3rd parties.

We ensure that our company accounts (which are synced from on-prem AD to Azure AD) are 2 factored for extra security.

We invite 3rd party accounts in in order to collaborate.

 

Is there any way that can I block 3rd party accounts that are not 2 factored to my SharePoint online site?

Or, what is the best way to approach this?

 

Thank you,

Ollie

3 Replies

You can enforce a CA policy that requires MFA for guest users, if that's what you mean. Simply use the "all guest users" condition.

No, best you can do is by Site collection, but even that only covers some of the CA settings, not all.