Azure AD – You can now automate actions when reviewing guest/external users access

As you  know, you can invite external users (known as guest) to your organization, leading to the creation of a guest account in your Azure AD.

You also know that reviewing such external access is always a complicated tasks.

To assist in this process, Microsoft has introduced some time ago already a feature called Azure AD Identity Governance allowing you to automate external access management.

Well, you can now automate actions when processing external access review. These actions are either:

  • Remove the external user from the published/shared resource
  • Block user to sign in for 30 days and then remove it from your tenant

The configuration options are available when using Identity Governance and Access packages (which requires the use of an Azure AD P2 or EMS E5 license [either paid or trial].

When you create a new access review, you will be able to define the actions under the Upon completion settings section


Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies