External Access to SharePoint Tenant – Step-by-Step & Troubleshooting

This documentation describes how to grant external users access to a SharePoint site within your Microsoft 365 tenant, and how to resolve common issues such as the error message indicating a user has not yet been added to the tenant.

Prerequisites for External Access

1. Azure Active Directory B2B must be enabled.
2. External sharing in SharePoint and OneDrive must be activated.
3. Users must be invited as guest users in the tenant before they can gain access.

Step-by-Step: Granting Access to an External User

Step 1: Check Tenant Settings

• Go to Microsoft Entra Admin Center (Azure AD) (opens in a new tab).
• Navigate to External Identities > External collaboration settings.
• Ensure external invitations are allowed.

Step 2: Configure SharePoint Sharing Settings

• Go to SharePoint Admin Center (opens in a new tab).
• Under Policies > Sharing, make sure the external sharing level allows "New and existing guests".

Step 3: Invite Guest User

• In Microsoft Entra or Azure AD:
  • Go to Users > New guest user.
  • Enter the external user’s email and optional message.
  • Click Invite.

Step 4: Grant Access to SharePoint Site

• Navigate to the SharePoint site.
• Click Settings > Site Permissions > Invite people.
• Choose Add members to group or Share site only.
• Enter the external user’s email address.

🛠️ Troubleshooting

Error: "User not found in the directory"

• Ensure the user accepted the guest invitation.
• Check that the user was added to the correct tenant.
• Refresh directory sync or wait 15–30 minutes.

Error: "Access Denied"

• Verify the user has permissions to the SharePoint site.
• Ensure the external domain is not blocked under Azure AD > External Identities > Cross-tenant access settings.

✅ Summary

By completing these steps, your external users should have access to the appropriate SharePoint site, provided guest invitations are accepted and directory settings allow for external collaboration.