SharePoint Online: How to Add External User using PowerShell?
Requirement: Add External User to SharePoint Online using PowerShell.
How to add an External User to SharePoint Online?
SharePoint Online provides an excellent solution when you have to share any site, list, library, or document with users outside your organization, such as vendors, clients, or partners. Before granting access to external users in SharePoint Online, we must ensure external sharing is enabled both at the tenant and site levels. Even though you allow external sharing at the tenant, external access is turned OFF in classic sites and communication sites to prevent sensitive information and avoid security risks. On group-connected SharePoint team sites, it’s “New and existing guests” at the site level. (More on enabling external user access to SharePoint Online: How to Enable External Sharing in SharePoint Online? Confirm it is not set to “Only people in your organization”).
If your Organization level external sharing setting is “Existing guests” in the SharePoint admin center, then you must add the external user to your Active Directory first! (or invite guest users to Organization’s Azure AD, in other words!). “New and existing guests” allows any authenticated external user.
Add External User to SharePoint Online Site
How to provide access to external users in SharePoint Online? Well, here are the steps to add external users to SharePoint Online:
- Login to your Modern or classic SharePoint Online site as site owner >> Click on the “Share” button from the top-right section of the page.
- In the Share site pane, Enter the Emails of External users, make sure the “Send Email” checkbox is ticked, Optionally enter any message to the user, and click on the “Share” button at the bottom. This triggers an Email to the external user with a link to accept the invitation.
A link to the site, document library, folder, or document will be emailed to the recipients. They can sign in with a Microsoft account or A work or school account in Azure AD from another organization. If they use non-Microsoft email accounts (such as Gmail), they’ll get prompted to create a Microsoft Account and password for the first time. External users are typically added to your Azure Active Directory as guests, and permissions and groups work the same way for them as they do for internal users.
SharePoint Online Add External User to Group
How to add an external user to the SharePoint group? To share a SharePoint site with an external user(s) by adding them to groups, follow these steps:
- Go to the site >> Click on Settings >> “Site Permissions”>> Advanced permission settings.
- On the Site Permissions page, click on the relevant group. You may not want an external user to have the “Full Control” permission level. So, select the “Members” group.
- Click on the “New” button in the toolbar >> “Add users”>> Type the name of the user or email and click share, to add external users to the SharePoint Online group.
If the user is added for your tenant for the first time, An invitation will be sent to the external user’s email address, inviting them to access the SharePoint site. Once they accept the invitation, they will be added to the site as an external user.
Once added, they become group members and inherit the permission level configured for the group. It’s a best practice to share the site alone instead of adding external users to Microsoft 365 groups. Because adding them as group owners also grants them access to other resources like Planner, Group Emails, Teams, etc.
Similar steps involved sharing a SharePoint document library, folder, or file with external users. Just hover over any existing document and click on the “Share” icon.
Add Guest user to SharePoint Online site using PowerShell
Use this PowerShell script to add an external user to the SharePoint Online site:
#Parameters
$AdminCenterURL="https://Crescent-admin.sharepoint.com"
#Setup Credentials to connect
Connect-SPOService -Url $AdminCenterURL -Credential (Get-Credential)
#add guest user to sharepoint online site
Add-SPOUser -Group "Marketing Visitors" -LoginName "[email protected]" -Site "https://Crescent.sharepoint.com/sites/Marketing"
SharePoint Online PowerShell to Add External User to Group
Let’s add an external user to the SharePoint Online group using PnP PowerShell:
#Set Config Parameters
$SiteURL = "https://crescent.sharepoint.com/sites/SalesPortal"
$GroupName = "Sales Portal Members"
$ExternalUserEmail = "[email protected]"
#Connect to PnP Online
Connect-PnPOnline -Url $SiteURL -Credentials (Get-Credential)
#PowerShell to Add External User to group
Add-PnPGroupMember -Identity $GroupName -EmailAddress $ExternalUserEmail -SendEmail
If you want to invite an external user to SharePoint Online using PowerShell CSOM, use: How to Share a SharePoint Online Site with External Users?
Conclusion
Adding external users to SharePoint Online is a straightforward process that can be done by any administrator of the site. By following the steps outlined in this guide, you can easily invite external users to access your SharePoint site, and set the appropriate permissions for them. For bulk user management and automation, You can use PowerShell to add external users to SharePoint Online. This allows you to share information and collaborate with external users, while still maintaining control over who has access to your organization’s data.