Dec 22 2022 08:24 AM - edited Dec 22 2022 08:43 AM
Hello there,
I have been noticing a few of my guest accounts created have different identity issuer assigned. Some says "Mail" and some says "ExternalAzureAD" or sometimes "XXX.onmicrosoft.com" I cannot find any information about "Mail" identity issuer though. Is this somehow connected with MSA(Microsoft) as the IDP service and not Azure AD? I read an article about different types of external identity issuer per Microsoft documentation, but not once Mail identity issuer was mentioned. Any help, guidance or information is greatly appreciated. Thanks and have a great day!
Dec 22 2022 09:11 AM
SolutionDec 22 2022 09:56 AM
Feb 08 2024 02:30 PM
Perhaps those users were created prior to this change?
To improve external sharing, in October 2021, Microsoft plans to turn on Email one-time passcode authentication for Azure AD by default for all tenants. Like the current ad-hoc sharing, the new mechanism features one-time passcodes. The big difference is that successful authentication results in the automatic creation of Azure AD guest accounts for external users.
https://office365itpros.com/2021/08/17/sharepoint-online-embraces-azure-b2b-collaboration-external-s...
I realize this is an old post, but I kept circling back to it in a search, so I figured I'd add detail for others.
Or perhaps the allowExternalIdToUseEmailOtp value was toggled (from Vasil's article).
Dec 22 2022 09:11 AM
Solution