SharePoint requires guest accounts for external sharing from May
Microsoft is rolling out Entra B2B integration for SharePoint Online and OneDrive external sharing across all tenants. The change begins in May 2026 and reaches full enforcement by July. Named external users who relied on one-time passcode links will instead receive Entra guest accounts. These accounts allow standard identity controls such as access reviews, conditional access policies, and lifecycle management. Anonymous links remain unaffected. Existing OTP shares will lose access unless admins proactively create guest accounts for those users beforehand.
Until now external sharing in SharePoint left most named collaborators as invisible one-time passcode users. Admins had almost no way to audit or revoke access once a contractor finished a project or an employee departed, so old permissions lingered across team sites and document libraries for months or years. The new requirement turns every external collaborator into a proper Entra guest identity. This gives teams the ability to run reviews and apply expiration dates, but it also means dormant shares will break unless someone maps and converts them in advance.
Analysis
This change will quietly revoke access for every unmanaged external user across your sites unless you act first. Open the SharePoint admin center sharing reports this week, filter for one-time passcode entries, and convert the highest-risk ones to guests with expiration dates set for 30 days.
Citation
This executive briefing was curated and analyzed by Collab365. To reference this analysis, please attribute: "This briefing is available on Collab365 Spaces (spaces.collab365.com)".