OFF304 - Office 365 External Sharing

Peter Carson  MVP

External sharing is all about publishing or collaborating with people outside of your organization. Users will find ways to do it with or without IT support (typically through email or shadow IT), so it’s important for IT to provide an easy way for them to do it effectively and securely. Microsoft is making great strides in exposing a consistent, simple sharing experience across many of their Office 365 products.

This sharing can take two main forms:
• Sharing anonymous links to view or edit documents or folders. Users just need the link, there is no need to sign in
• Inviting existing or new external users to documents, folders, sites, or Office 365 Groups

We’ll go over the user experience on both the sharing and receiving side. Flows are different for external users that already use Office 365 themselves, versus other business or consumer email users. From there we’ll look at some of the controls you can put in place as an administrator.
• What level of sharing is permitted across Office 365, or for particular sites
• Who is allowed to share
• Setting expiry dates on links
• Requiring one-time use verification codes, and re-verifications
• Only allowing certain email domains to be shared with, or blocking certain ones

Lastly, we’ll talk about how this experience can be customized. Microsoft publishes the REST API for Azure AD B2B that powers this, and you can take over much of the experience, including the invitation emails for external users. Self-registration and approvals are scenarios that can be built using this, and we’ll go over some customer examples.

 
Level: Intermediate - Platform: Cloud/Online