This document has been written for site owners who are sharing SharePoint content with external users (i.e., non-UW email addresses). It is meant to clarify the external user's experience and troubleshoot issues they may be having. The external user's experience differs depending on if you (the site owner) are sharing files and folders, or a SharePoint Online site. In most instances, sharing files and folders will prompt the user to enter a verification code. The verification code will be sent by Microsoft to the external user's email address. When sharing a site, however, the external user may be prompted to enter their email account username and password (i.e., credentials). In addition to the type of item that is being shared, the type of email account of the external user also determines their experience.
Types of external user accounts
Note: These accounts can also be registered with Microsoft, and by doing so, will be recognized by Microsoft and be referred to as a Microsoft account.
UW allows site owners to share items externally in two different ways:
Sharing files and folders will require a verification code, which will be provided by Microsoft via a subsequent email. When sharing sites, the user will be asked to log in with a Microsoft account. If the user does not have a Microsoft account, they can create one at that point. Once they log in with their Microsoft account, they will gain access to the site. They will not be required to log in on subsequent access.
Recipients of Shared Files and Folders will receive an email with a link to a file or folder. Clicking on the link will present the following dialog:
They will click on the Send Code button and Microsoft will send an email with a verification code for them to enter and press the Verify button to be directed to the folder or file.
If Anonymous sharing is enabled, you will have the sharing option "Anyone with the link".
The "Anyone with the link" option will send the recipient an email like the following:
Clicking on the button will automatically open the document. No verification code will be required.
When sharing sites, the user will be asked to log in with a Microsoft account. If the user does not have a Microsoft account, they can create one at that point. Once they log in with their Microsoft account, they will gain access to the site. They will not be required to log in on subsequent access. On the initial sign-in, the recipient will be prompted to enter credentials. The following Welcome page will be displayed and the recipient will select the type of account they will be using.
Which account to select:
Microsoft Account: By default, emails such as outlook.com, live.com, Hotmail.com …etc… are all Microsoft accounts. For commercial accounts such as gmail.com, yahoo.com…etc…, the user will need to register the account with Microsoft to become a Microsoft account. The Welcome page contains a link to "Create a Microsoft account". Once the account has been registered with Microsoft, it will be recognized with any SharePoint Online tenant.
Organization Account: A Work or School account that is an O365 account. On the initial sign-in, Microsoft Account users will be prompted to enter their Microsoft Account credentials. The initial sign-in will also store the recipient's email address as a Guest account in Azure Active Directory. Recipients with O365 account will not be prompted for credentials.
The most common reason external users are unable to access a shared SharePoint site is because they are not logged into the UW network via their UW Microsoft account. To correct this issue, have the user:
Alternatively, the user could open an "in-private" browser session, log into the correct account that the email was sent to, and then copy/paste the SharePoint site invite link into the browser URL field.
As a SharePoint site owner, you can verify that a user has signed in successfully by viewing the Users list in Microsoft Entra ID. A successful login will display the user's account/email address in the Entra ID Users list. To verify the Users list in Entra ID:
If the account does not appear in the users list in Entra ID, it is possible the user may have accepted the invite using another account. The unknown account will have the User type of Guest. You will need to find out from the user what other possible email addresses/Microsoft account name(s) they may have used to accept the invite at this point. Filtering the Users list in Entra ID by Guest may help you assist the user in determining the name of the account they may have used.
Note: All external user accounts, those without the @uw.edu domain, will have Guest in the user type.
Identities In the Identities column you will see one of three options:
If the Identity Issuer in the Identities column does not reflect the type of account that the user should have, the user can reset their account by leaving the UW organization and have the inviting party resend the invitation.
Note: Sharing a folder or document will not automatically add individuals to the User list in Entra ID.
Leaving the UW Organization is a way to reset an external user's account within Entra ID. There are two ways an external user can leave the UW Organization: For users whose account does appear as a in UW Entra ID, have the user:
After the user has selected the option to leave, it may take 15 minutes for the account to be removed from Entra ID. For individual's whose account does not appear in the UW Entra ID, have the user:
After the user has selected the option to leave, it may take 15 minutes for the account to be removed from Entra ID.
Note: Once the user has removed themselves from the UW Organization, verify that they do not exist in the Azure Users list. Also check, and remove, the user from the SharePoint site prior to sending another invite.
You may want to add your external user as a Guest in Entra ID prior to sending an invite to share. By adding a user as a Guest, you are inviting the user into the UW Organization. Depending on the type of account you invite, the user may need to register the account with Microsoft. To add a guest user:
In some cases, external organizations have blocked users from accessing UW SharePoint sites. If all guest users from a specific organization are unable to access the shared content, those users will need to work with their IT department to allow access. If there is a situation where only some users within an organization can access content, those who are having issues are most likely attempting to access with a different account. As stated above in the Site Sign-in Issues section, this typically occurs when the user has not logged into the UW network with their UW Microsoft-enabled account. As the site owner, you can follow the steps above in the Verify SharePoint Access to determine how successful users are logging in and share that information with those who cannot.