External Guests - "Ad hoc Recipients" / Secure Links

cbarbier 1 Reputation point
2020-06-09T17:28:12.963+00:00

Hello,

If a user shares OneDrive for Business content with specific people (who do not have a Microsoft account), they are simply issued a link to access the specified content that requires an 8-digit code. I believe Microsoft calls this issuing a secure link to an ad hoc recipient. This strategy seems to circumvent any conditional access policies as well as MFA. Is there any way to force an external recipient like this to create a Microsoft Account before being able to access the shared content or deny the creation of secure links?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,389 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Leon Laude 85,646 Reputation points
    2020-06-09T17:30:05.997+00:00

    Hi,

    Q&A currently supports the products listed over here https://learn.microsoft.com/en-us/answers/products (more to be added later on).

    You can reach the experts in the dedicated OneDrive for Business forum over here:
    https://answers.microsoft.com/en-us/msoffice/forum/msoffice_onedrivefb

    (Please don't forget to accept helpful replies as answer)

    Best regards,
    Leon

    0 comments
  2. Jai Verma 461 Reputation points
    2020-06-09T17:56:25.613+00:00

    As long as user is added to the AAD, you can apply CA and force for MFA. As far as I know the feature which is currently in preview, gives you option to apply CA policy and MFA.

    Read here -https://learn.microsoft.com/en-us/sharepoint/sharepoint-azureb2b-integration-preview