What's new in sharing in targeted release

In this article we'll discuss the latest sharing features in SharePoint Online and OneDrive. The features described here are part of the targeted release program and you may need to have targeted release turned on in your tenant in order to use them. (Note the availability dates in each section.)

New secure external sharing recipient experience

targeted release availability: October, 2017   

Standard release availability: By end of January 2018   

A new method of securely sharing files and folders with external users is being implemented. Previously, when securely sharing with users who were not in the organization's directory, these users were sent an invitation and had to log in using a Microsoft Account or a Work or School Account. They were then added to the directory as guests and given permissions to the file or folder.

Now, if you share with a user who is not in the directory, they are sent a one-time code that they can use to verify their identity. They are not required to log in using a Microsoft Account or a Work or School Account.

The procedures for sharing files and folders remain the same. They can be found in Share SharePoint files or folders in Office 365. The procedures for changing permissions and seeing who you've shared with also remain the same, though users who use the new external sharing experience appear underneath the link that was shared with them, not as a top-level user.

Guest accounts are still used for sharing sites, and you can always add guest users to your directory if you need to give them access to more than just a file or folder. Anonymous links remain available and are unchanged.

The following table shows the differences between sharing with external users with guest accounts and with ad-hoc external recipients.

Guest account

Ad-hoc external recipient

Can access shared files and folders

Yes

Yes

Verify access by…

Signing in to Office 365

Entering a time-sensitive and single-use code sent to the email address that the file or folder was share with

Actions are audited

Yes

Yes

Can have friendly name

Yes

Friendly name is the email address that the file or folder was share with

Can be Group members

Yes

No

Can use other Office 365 apps

Yes

No

Access controlled by AAD conditional access policies

Yes

No

 This update also introduces some changes to the way that external sharing is audited. When using the share dialog to share with "specific people" and the recipients are all external users then a secure link will be created and the specified email addresses will be secured, or added, to the link. This appears in audit logs in the following ways:

Note: If the UsertType property of a User object is "guest", the user is outside of your organization but may be an ad-hoc external recipient that does not have a Guest account

Note: Auditing operations related to sharing invitations can still appear in situations when SharePoint items other than files and folders are shared with external users (for example, when sharing a SharePoint site with external users).

Operation

Description

SecureLinkCreated

A link that only works for specific people was created. It is usually followed by a series of AddedToSecureLink operations which signify the users who were secured to the link. The value in the Detail column for this activity identifies the UniqueSharingId for this link which can be used to match against future AddedToSecureLink and RemovedFromSecureLink operations.

SecureLinkDeleted

A link that only works for specific people was deleted. It is usually preceded by a series of RemovedFromSecureLink operations which signify the users who used to be secured to the link. The value in the Detail column for this activity identifies the UniqueSharingId for this link which can be used to match against future AddedToSecureLink and RemovedFromSecureLink operations.

AddedToSecureLink

A link that only works for specific people was secured to a user. The value in the Detail column for this activity identifies the name or email of the user the link was secured to and whether this user is an external user. The value also has a UniqueSharingId column that identifies the link they were secured to.

RemovedFromSecureLink

A user was removed from a link that only works for specific people. The value in the Detail column for this activity identifies the name or email of the user the link was previously secured to and whether this user is an external user. The value also has a UniqueSharingId column that identifies the link they were secured to.

Expand your Office skills
Explore training
Get new features first
Join Office Insiders

Was this information helpful?

Thank you for your feedback!

Thank you for your feedback! It sounds like it might be helpful to connect you to one of our Office support agents.

×