External Sharing Is Changing in Microsoft 365 — Are You Ready?

Starting July 1, 2025, Microsoft will invalidate all legacy external sharing links in SharePoint and OneDrive that were created before your organization enabled Microsoft Entra B2B integration. That means anyone who accessed your content using an old OTP (one-time passcode) link is going to see an error instead.

This isn’t just a security patch. It’s a shift in how Microsoft expects external collaboration to happen — and it’s up to us as IT pros to make sure we’re ready.

What Exactly Is Changing?

Once Entra B2B is enabled:

• All external access requires guest registration via Microsoft Entra.
• Anonymous sharing (Anyone links) will no longer work.
• Access is enforced through B2B Invitation Manager — you’ll have full tracking and lifecycle controls.
• Multi-factor authentication (MFA) may be required depending on your policies.

📌 Confirmed by Microsoft in MC1089315 and the Microsoft Learn Entra B2B integration FAQ.

This mirrors the principle I outlined in my Teams Shared Channels governance guide, where settings in both tenants must be properly configured for external collaboration. Same logic applies here: governance needs to catch up with the tech.

---

What Does This Mean for Your Organization?

This change affects:

• Old shared links with external partners.
• User expectations (especially in sales, marketing, or customer support).
• Governance and audit trails for external access.

If your organization uses SharePoint or OneDrive to share proposals, reports, or onboarding material externally — those recipients are about to lose access. You’ll need to:

1. Re-share the content using Entra guest invitations.
2. Review your access policies — make sure conditional access, MFA, and user lifecycles are configured properly.
3. Communicate with your end users — proactively.

External users will see this error:

---

Do We Need to Communicate This Internally?

Yes — and sooner rather than later, confused end-users is a really bad thing 🙂

And also you don’t want angry emails from a client who suddenly can’t open a file you shared three months ago.

Here’s a plan:

• Inform your end users (via Teams, email, or intranet) that older links will stop working on July 1, 2025.
• Train or remind users how to share properly with external partners using the new guest model.
• Consider a quick audit of frequently accessed shared files and links — especially those tied to ongoing projects.

If your team has been relying on anonymous links, this is a good time to pivot to structured, auditable guest collaboration — something I emphasized in my article on SMTP DANE and DNSSEC. Trust and identity are no longer “nice to have” — they’re the foundation.

Enable and verify Entra B2B integration (via SharePoint Admin or PowerShell).

Train users to invite external collaborators using the Invitation Manager, not the old Share -> Copy link approach.

Update governance docs and user guides to reflect the shift to guest-invitation-based sharing.

---

What You Should Do Right Now

1. Check if Entra B2B is already enabled in your tenant – look below for steps for this !!
2. Review your external sharing settings at the organization and site level.
3. Identify critical shared documents with external collaborators… audit steps below !
4. Prepare scripts or tools to assist users in re-sharing documents.
5. Update your internal documentation to reflect new sharing procedures.

To check step 1

Follow these steps:

• Go to the Azure Portal
• Navigate to Microsoft Entra ID (formerly Azure Active Directory)
• Click on External Identities
• Select Cross-tenant access settings
• Under the Default settings tab, review:
  • Inbound access: Look for “B2B collaboration” and ensure guest user access is configured
  • Outbound access: Confirm your users are allowed to collaborate with other tenants
• Scroll to Organizational settings to check if you’ve set up specific partner domains
• Optionally, go to Users > External users to confirm that guests are being added and invited via Entra B2B (instead of OTP links)

If these settings are already configured — you’re ahead of the curve. If not, now’s the time to enable it and get familiar with the B2B Invitation Manager.

Audit steps :

If your tenant has Microsoft Purview Audit (Standard or Premium):

1. Go to Microsoft Purview compliance portal.
2. Navigate to Audit > Search.
3. Use activities like:
   • Shared file, folder, or site
   • Anonymous link created
   • External user invited
4. Filter by date ranges (e.g., before Entra B2B was enabled).
5. Export the log to Excel or Power BI for deeper review.

OR go to Tony Redmonds awesome site office365itpros.com where he has posted scripts that can do this !!

---

Final Thoughts

This is more than just a settings tweak — it’s Microsoft enforcing better practices across the board. Yes, it might create a bit of friction at first, but it brings us closer to a more secure, traceable, and governed external collaboration model.

Some other sources:

Microsoft Learn – SharePoint & OneDrive integration with Entra B2B

• Once enabled, all external sharing operates through the Azure B2B Invitation Manager. Users access shared content via guest invitations instead of old one-time passcode or anonymous methods learn.microsoft.com+14learn.microsoft.com+14learn.microsoft.com+14.

Tony Redmond (Office365ITPros)

• After July 1, 2025, new sharing links are issued via Entra ID B2B Invitation Manager, while legacy OTP links stop working blog.interian.be+2office365itpros.com+2office365itpros.com+2.

Office365ITPros (2023)

• Highlights that SharePoint site sharing moved from legacy SharePoint Invitation Manager to Azure B2B Invitation Manager learn.microsoft.com+15office365itpros.com+15blog.admindroid.com+15.

Need help reviewing your sharing configuration or preparing user communication? Don’t hesitate to reach out.