Azure Portal Roles for External Sharing with Guest Users

This post is part of the Secure External Sharing Series.

In the earlier post, we have seen how you can block Azure Portal access for Guest Users aka External Users. On the flip side, if you wanted the Guest Users to access Azure Portal to perform specific role of inviting other guest users or if you wanted to delegate any user – internal to the organisation to be able to invite guest users from partner organisations, this blog post is for you. These permission roles need to be applied per user in Azure Active Directory.

This blog post is divide in to 2 sections:

First section is about giving user permission role to members (internal users) and should you choose to – even allow existing guest users to invite other guest users.

Second section is about restricting non-administrators from inviting external users – including from SharePoint Online. Only Azure Active Directory administrators will have permissions to invite guest users to the organisation.

Continue reading “Azure Portal Roles for External Sharing with Guest Users”

How to Block Azure Portal Access for External User

This post is part of the Secure External Sharing Series.

Now that we have enabled external sharing in Office 365 and SharePoint Online, it’s time to secure your organisation’s Azure Portal from users – such as external users from looking up information in Azure Portal they should not be looking at!

Quick recap of the terminology – External User in Office 365 Services, such as SharePoint Online is the same / equivalent to Guest Users in Azure Portal.

Continue reading “How to Block Azure Portal Access for External User”

Secure External Sharing in Microsoft 365 and Azure AD – Series

This post is part of the Secure External Sharing Series.

Now that we have enabled external sharing in Office 365 and SharePoint Online, it’s time to secure external sharing capabilities! There are couple of ways to secure external sharing and ensuring that external users can only access an inviting organisation’s content that they have been invited to and not have access to any other assets or content.

I have lined up few blog posts in a series format that will cover different areas across Microsoft 365 (aka Office 365) and Microsoft Azure – which, if not configured, can give your external users access to services and content that they should not be accessing.

Stay tuned – subscribe to RSS – for post updates or email newsletter (for regular updates and zero spam) to get updates as I post blog posts.