External user access to the SharePoint Online library - howto

Frequent Contributor

Hi everyone, I'm documenting this so as I found the related articles (see end of this post) were challenging to follow and didn't quite cover my scenario.

My use case

As an external user I need to to read ALL files in <company intranet> or other SharePoint online Library, but not have access to the entire site.

 

Issues with Share button

SharePoint online sharing is usually simple, select the file OR folder, click Share button, select type of sharing, enter email address of external user.

BUT in this case the external user needs access to the ENTIRE library (all files and folders). If you go to the library e.g. https://<your365tenant>.sharepoint.com/sites/<sitename>/<libraryname> and click the SHARE Button in the top right of that page you aren't sharing the library but the entire site.

 

To give an external user access to an entire SharePoint online library requires the following:

  • URL of the library that needs to be shared
  • Email address of the external user

Then you need to 

  1. For the 365 tenant check Azure active directory, to see if the external user already has a Guest account (if you can't do the following steps, you can share just one file from the library with the user, have them view it, and this creates the Azure account, once they've done it).
    1. go here

      https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/UsersManagementMenuBlade/MsGraphUsers

    2. search for external user email address
    3. if the user doesn't exist then click the "new guest user"
      1. choose invite user
      2. the external user will get an email, they have to click the "Accept invitation" link at the bottom
    4. in Azure AD you'll see that their account now says "invitation accepted" = Yes
      1. I ask the user to let me know that they've been redirected to myapplications.microsoft.com
  2. Now that the account exists you can share the library with it
    1. Go to the library URL , click the cog, click Library settings link
    2. click "Permissions for this document library"
    3. click "Grant permissions"
    4. click "invite people", enter the external user's email address, it should then resolve to the first name lastname from Azure AD
      1. click "show options"
      2. select the options you need this user to have 
    5. click Share
  3. The user will get another email, that has a link to the library and they should have access.

Errors and Fixes

If the user get's an error like the following <User email> "can’t be found in the <your365tenant>.sharepoint.com directory error",
Then I found I could resolve it by doing the following:

 

I hope this helps, it took me a couple of days to test and find this. But only 2 mins to do for subsequent users.

 

 

References

 

0 Replies