Generally, we can share SharePoint documents within the domain of the tenant i.e. the user within the organization domain, however, due to business needs, sometimes we might need to share the SharePoint documents to the external users (outside the organization), for that SharePoint tenant administrator used to enable the guest sharing policy, but there was no policy or configuration using which tenant administrator could control how long the guest users can access the SharePoint documents or contents.
Now with this new external sharing policy feature, the SharePoint tenant administrator can configure (in a number of days) how long guests can access SharePoint Online and OneDrive documents after sharing it.
The key points of "Manage how long guests can access SharePoint Online and OneDrive documents" feature status
Admins and end users can expire shares to external users.
- Featured ID: 43797
- Added to Roadmap: 11/8/2018
- Last Modified: 8/14/2020
- Tags: Worldwide (Standard Multi-Tenant), General Availability, OneDrive
Microsoft Update Number & Details
MC220791, Stay Informed, Published date: Aug 21, 2020
We will soon be able to create a policy that automatically revokes access for external guests to SharePoint Online (SPO) sites and individual OneDrives after a defined period of time.
This message is associated with Microsoft 365 Roadmap ID 43797.
When the "Manage how long guests can access SharePoint Online and OneDrive documents" feature will be available across tenant?
Microsoft will gradually roll this out in late August and expect the rollout to be complete at the end of October.
How will "Manage how long guests can access SharePoint Online and OneDrive documents" feature affect your organization?
One of the strengths of SharePoint and OneDrive is that it facilitates sharing and collaborating among peers, not only within an organization but also with people outside the organization (guests).
In order to better manage sharing, tenant admins will be able to create a policy to revoke guest access to SPO sites and individual OneDrives after a defined period of time. With this policy, you can limit guest user access; thus guests who are no longer active partners will not retain indefinite access to documents and files.
This policy is not retroactive; it does not apply to guests who already have access to sites, documents, and files.
The policy applies to a user’s access to a given SPO site or individual OneDrive. When the access period reaches your policy threshold, such as 10 days, then the guest loses access to all content in that site. Guest access expires on a site-by-site basis, determined by when the guest was granted access to each site, whether that is an SPO site or an individual OneDrive.
After a guest loses access to a site, any user with the ability to share content externally can re-invite the guest to each document or item as needed.
SharePoint site administrators can extend access at any time, up to the limit of the tenant policy. For example, if the tenant policy is 10 days, and today is the 10th of the month, the SharePoint site admin could extend access for an external guest to the 20th of the month. There is no limit on the number of times a site admin can extend access.
SharePoint site administrators will receive e-mail notifications advising of upcoming guest user access expirations.
What should we need to prepare for this change?
If you plan to enable this feature, be sure to inform your SharePoint site administrators and users about the new process so that they are prepared to manage guest access as needed.
You can enable this policy, which applies to both SPO and OneDrive, in the SharePoint admin center.
Practically verify what exactly this "Manage how long guests can access SharePoint Online and OneDrive documents" feature,
If we login to the SharePoint Online admin site URL, then navigate to the Policy -> Sharing -> More external sharing settings, we cannot see the checkbox "Guest access to a site or OneDrive will expire automatically after this many days".