.png?width=190&height=95&name=Sittadel%20Header%20Logo%20(2).png)
Role Requirements
Procedure Scope: Administrators
Required Group Membership: Admin.Collaboration
Handbook Reference
Package: Collaboration Security
Domain: B2B Collaboration Management
Modifies: Allowed Inbound B2B Organizations, Allowed B2B Guest Invitation Domains, Allowed Document Collaboration Domains
When to Perform this Operation
As Needed: Proactive or in Response to User/Security
Technical Description and Importance
Managing allowed inbound B2B organizations and guest invitation domains ensures that SharePoint file, folder, and site sharing is restricted to approved external entities. By carefully controlling which organizations users can invite and collaborate with, this process helps maintain oversight over external data access and minimizes the risk of unauthorized sharing. Maintaining an updated list of allowed domains ensures that business collaborations remain seamless while supporting compliance with data governance policies. Routine management of these domains reduces exposure to potential security risks associated with external data sharing.
As of the May 2026 phased rollout plan, Microsoft has begun unifying SharePoint and OneDrive external sharing under the Microsoft Entra B2B Invitation Manager, retiring the legacy SharePoint One-Time Passcode (SPO OTP) workflow as part of the change announced here.
All new external sharing — whether at the file, folder, or site level — now generates a Microsoft Entra guest account for the recipient and is subject to External Collaboration Settings, Cross-Tenant Access Settings, and Conditional Access policies. As a result, allowed sharing domains must be defined consistently across the SharePoint Admin Center, Entra ID External Collaboration Settings, and the applicable Cross-Tenant Access Settings entry to ensure external collaboration functions as intended.
Management Options
- Add a Domain for Inbound B2B
- Add a Domain for Document Collaboration
- Remove a Domain from Inbound B2B
- Remove a Domain from Document Collaboration
Add a Domain for Inbound B2B:
Purpose
Add a domain to the list of approved external organizations for inbound B2B collaboration and guest access.
Use Case
A new business partner requires access to SharePoint sites, and their domain needs to be added to the approved list.
Add a Domain for Document Collaboration:
Purpose
Adds a domain to the SharePoint allowed collaboration list, enabling users to share files and folders with external partners.
Use Case
A new partner organization requires access to SharePoint libraries for a joint project.
Remove a Domain from Inbound B2B:
Purpose
Remove a domain from the allowed inbound B2B organizations list to prevent further collaboration.
Use Case
A former business partner should no longer have access to shared SharePoint resources, so their domain must be removed.
Remove a Domain for Document Collaboration:
Purpose
Removes a domain from the SharePoint allowed collaboration list, preventing further external file sharing.
Use Case
A business relationship ends, and file-sharing access needs to be revoked.
Operation |
Action |
Target |
| Add a Domain for Inbound B2B | Addition | Allowed Inbound B2B Organizations, Allowed B2B Guest Invitation Domains |
| Add a Domain for Document Collaboration | Addition | Allowed Document Collaboration Domains |
| Remove a Domain from Inbound B2B | Removal | Allowed Inbound B2B Organizations, Allowed B2B Guest Invitation Domains |
| Remove a Domain from Document Collaboration | Removal | Allowed Document Collaboration Domains |
Add a Domain for Inbound B2B
This operation adds a domain to the list of allowed inbound B2B organizations, enabling collaboration with users from that domain.
1. Cross-Tenant Domain Addition
2. Cross-Tenant Domain Inbound Access Addition
3. Entra ID Collaboration Domain Addition
Add a Domain for Document Collaboration
This operation adds a domain to the SharePoint allowed collaboration list, enabling users to share files and folders externally.
1. SharePoint Collaboration Domain Addition
Remove a Domain from Inbound B2B
This operation removes a domain from the list of allowed inbound B2B organizations, restricting collaboration with users from that domain.
1. Cross-Tenant Domain Removal
2. Cross-Tenant Domain Inbound Access Removal
3. Entra ID Collaboration Domain Removal
Remove a Domain from Document Collaboration
This operation removes a domain from the SharePoint allowed collaboration list, restricting external file sharing.
1. SharePoint Collaboration Domain Removal
Need Assistance?
Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.