SOLVED

MFA Requirements for external users

Brass Contributor

Good evening all,

 

Where can I check the default MFA rules for external guests? i.e, --
Can someone please explain to me the default MFA rules for guests accessing SharePoint data shared with them?


Scenario: the guest user was granted access to a specific folder on a SharePoint site via "People I choose" option. SharePoint sends the automated email sent to the recipient. SharePoint sends them this email -

 

2024-07-28_21-06-36.png

 

Upon the first click on the "Open" button in the email, they're prompted to sign in with their Microsoft Account and then authenticate themselves using MFA. This seems normal for the first time accessing. 

 

I am getting complaints that external users are having to use MFA EVERY time they try to access the files, and I am thinking it's due to the internal user not sharing the same way I am doing it. In any case, I would like somewhere to check from an Administrative perspective what exactly to expect when it comes to sharing internal items externally and when/if MFA should come into play. Thank you in advance! 

 

Morghan C.

3 Replies

@mdcastorena What is your SPO sharing setting for re-authentication?

 

wangjueliang_0-1722339325670.png

 

Hi @nhtkid - see below: 

 

2024-07-30_14-23-18.png

 

After everything was said and done, it ultimately seems to have been a user error. I am glad I now know where to check this in the future! Thank you. 

best response confirmed by mdcastorena (Brass Contributor)
Solution
Nice one. Good to know.

Since you mentioned about MFA, another place to check is your CAP that require guests to use MFA. In that particular CAP under the "Session" setting, it configures how often to re-authenticate.

Your case is more like an idividual thing since it's not affecting the mass.
1 best response

Accepted Solutions
best response confirmed by mdcastorena (Brass Contributor)
Solution
Nice one. Good to know.

Since you mentioned about MFA, another place to check is your CAP that require guests to use MFA. In that particular CAP under the "Session" setting, it configures how often to re-authenticate.

Your case is more like an idividual thing since it's not affecting the mass.

View solution in original post