check before: 2026-05-01
Product:
Entra, Microsoft 365 admin center, Microsoft 365 Apps, OneDrive, SharePoint
Platform:
Online, World tenant
Status:
Change type:
Admin impact, Retirement, Updated message, User impact
Links:
Details:
Summary:
SharePoint One-Time Passcode (SPO OTP) authentication will retire by August 31, 2026, transitioning external sharing and authentication in OneDrive and SharePoint to Microsoft Entra B2B starting May 2026. External users must have Entra B2B guest accounts for access, enabling consistent governance and Conditional Access across Microsoft 365.
Details:
Updated March 4, 2026: We have updated the content. Thank you for your patience.
[Introduction]
We are retiring SharePoint One‑Time Passcode (SPO OTP) authentication in OneDrive and SharePoint starting July 2026. Beginning in May 2026, new external sharing invitations and authentication will start using Microsoft Entra B2B instead of SPO OTP. This transition simplifies external collaboration, aligns authentication with Microsoft identity standards, and enables consistent guest lifecycle management, governance, and Conditional Access coverage across Microsoft 365.
[When this will happen]
May 2026: Invitation and authentication for new external sharing begins transitioning to Microsoft Entra B2B. Users who previously authenticated via SPO OTP will continue to have access to specific people links even without a B2B guest account yet.
July 2026: Retirement of SPO OTP authentication begins. External users without a guest account get access denied on previously shared specific people links. To restore access, a guest account must be created in Entra B2B, or an allowed user must share/re-share at least one file/folder/site.
Retirement is expected to complete by August 31, 2026.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2026-03-04
updated:
2026-03-05
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
Starting in May 2026, Microsoft will transition from the One-Time Passcode (SPO OTP) system to Microsoft Entra B2B for SharePoint and OneDrive, requiring external users to have guest accounts for access, with the old method being retired by August 31, 2026.
Direct effects for Operations**
Authentication Method Change
Retirement of SPO OTP will require all external users to authenticate using Microsoft Entra B2B guest accounts, leading to access denial for users without accounts.
- roles: External Users, IT Administrators
- references: https://learn.microsoft.com/entra/external-id/one-time-passcode" target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/entra/external-id/one-time-passcode, https://learn.microsoft.com/sharepoint/faqs-odspintegrationwithentrab2b
" target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/sharepoint/faqs-odspintegrationwithentrab2b
Access Denial for External Users
External users without a B2B guest account will receive access denied messages for previously shared links after July 2026.
- roles: External Users, Business Users
- references: https://learn.microsoft.com/entra/external-id/b2b-quickstart-add-guest-users-portal, https://learn.microsoft.com/sharepoint/sharepoint-azureb2b-integration
" target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/sharepoint/sharepoint-azureb2b-integration
Changes in Compliance Monitoring
Authentication events will be logged through Entra audit logs instead of SPO OTP logs, altering how admins monitor compliance activities.
- roles: IT Administrators, Compliance Officers
- references: https://learn.microsoft.com/entra/external-id/add-users-administrator, https://learn.microsoft.com/entra/external-id/what-is-b2b
Impact on External Sharing Policies
The transition to Entra B2B will require a review and potential modification of external sharing policies and conditional access settings.
- roles: IT Administrators, Compliance Officers
- references: https://learn.microsoft.com/sharepoint/faqs-odspintegrationwithentrab2b, https://learn.microsoft.com/entra/external-id/b2b-quickstart-add-guest-users-portal
" target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/entra/external-id/b2b-quickstart-add-guest-users-portal
User Experience Disruption
Users may experience disruptions in accessing shared content if they are not informed about the changes and do not have guest accounts set up.
- roles: External Users, Internal Users
- references: https://learn.microsoft.com/sharepoint/sharepoint-azureb2b-integration, https://learn.microsoft.com/entra/external-id/one-time-passcode" target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/entra/external-id/one-time-passcode
Configutation Options**
XXXXXXX ... paid membership only
Potentional Risks**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
change history
| Date | Property | old | new |
| 2026-03-05 | MC MessageTagNames | User impact, Admin impact, Retirement | Updated message, User impact, Admin impact, Retirement |
| 2026-03-05 | MC Summary | SharePoint One-Time Passcode (SPO OTP) authentication will retire by August 2026, transitioning external sharing and authentication in OneDrive and SharePoint to Microsoft Entra B2B guest accounts. This change enhances security, governance, and conditional access, requiring guest accounts for external user access after July 2026. | SharePoint One-Time Passcode (SPO OTP) authentication will retire by August 31, 2026, transitioning external sharing and authentication in OneDrive and SharePoint to Microsoft Entra B2B starting May 2026. External users must have Entra B2B guest accounts for access, enabling consistent governance and Conditional Access across Microsoft 365. |
| 2026-03-05 | MC Last Updated | 03/04/2026 02:21:58 | 2026-03-04T19:27:32Z |
| 2026-03-05 | MC Messages | [Introduction]
We are retiring SharePoint One‑Time Passcode (SPO OTP) authentication in OneDrive and SharePoint starting July 2026. Beginning in May 2026, new external sharing invitations and authentication will start using Microsoft Entra B2B instead of SPO OTP. This transition simplifies external collaboration, aligns authentication with Microsoft identity standards, and enables consistent guest lifecycle management, governance, and Conditional Access coverage across Microsoft 365. [When this will happen] May 2026: Invitation and authentication for new external sharing begins transitioning to Microsoft Entra B2B. Users who previously authenticated via SPO OTP will continue to have access to specific people links even without a B2B guest account yet. July 2026: Retirement of SPO OTP authentication begins. External users without a guest account get access denied on previously shared specific people links. To restore access, a guest account must be created in Entra B2B, or an allowed user must share/re-share at least one file/folder/site. Retirement is expected to complete by August 31, 2026. | Updated March 4, 2026: We have updated the content. Thank you for your patience.
[Introduction] We are retiring SharePoint One‑Time Passcode (SPO OTP) authentication in OneDrive and SharePoint starting July 2026. Beginning in May 2026, new external sharing invitations and authentication will start using Microsoft Entra B2B instead of SPO OTP. This transition simplifies external collaboration, aligns authentication with Microsoft identity standards, and enables consistent guest lifecycle management, governance, and Conditional Access coverage across Microsoft 365. [When this will happen] May 2026: Invitation and authentication for new external sharing begins transitioning to Microsoft Entra B2B. Users who previously authenticated via SPO OTP will continue to have access to specific people links even without a B2B guest account yet. July 2026: Retirement of SPO OTP authentication begins. External users without a guest account get access denied on previously shared specific people links. To restore access, a guest account must be created in Entra B2B, or an allowed user must share/re-share at least one file/folder/site. Retirement is expected to complete by August 31, 2026. |
| 2026-03-05 | MC Action Required By | 06/30/2026 09:00:00 | |
| 2026-03-05 | MC Title | Retirement of SharePoint One-Time Passcode (SPO OTP) and transition to Microsoft Entra B2B guest accounts | (Updated) Retirement of SharePoint One-Time Passcode (SPO OTP) and transition to Microsoft Entra B2B |
| 2026-03-05 | MC How Affect | Who is affected
All Microsoft 365 tenants (commercial, government, sovereign). All external users who access OneDrive or SharePoint files, folders, or sites. What will happen The EnableAzureB2BIntegration setting will no longer control external sharing behavior beginning May 2026. SPO OTP authentication will retire beginning July 2026. The option to disable Entra B2B integration will be removed. Impact on external users External users who already have an Entra B2B guest account in your directory: No change in behavior. External users without a B2B guest account: Specific people links shared after changes rolled out to your tenant: A guest account will be automatically created via the Entra B2B Invitation Manager. Authentication will use Entra B2B (email OTP available if enabled). Specific people links shared before changes rolled out to your tenant: SPO OTP authentication continues until July 2026. After July 2026, these users will receive access denied until a matching B2B guest account exists. Restoring access after retirement Admins can manually create a guest account for the external user at any time. Alternatively, an internal user with permissions needs to share or re-share at least one file, folder, or site, which will automatically create the guest account and restore access to all previously shared content. | Who is affected
All Microsoft 365 tenants (commercial, government, sovereign). All external users who access OneDrive or SharePoint files, folders, or sites. What will happen The EnableAzureADB2BIntegration setting will no longer control external sharing behavior beginning May 2026. SPO OTP authentication will retire beginning July 2026. The option to disable Entra B2B integration will be removed. Impact on external users External users who already have an Entra B2B guest account in your directory: No change in behavior. External users without a B2B guest account: Specific people links shared after changes rolled out to your tenant: A guest account will be automatically created via the Entra B2B Invitation Manager. Authentication will use Entra B2B (email OTP available if enabled). Specific people links shared before changes rolled out to your tenant: SPO OTP authentication continues until July 2026. After July 2026, these users will receive access denied until a matching B2B guest account exists. Restoring access after retirement Admins can manually create a guest account for the external user at any time. Alternatively, an internal user with permissions needs to share or re-share at least one file, folder, or site, which will automatically create the guest account and restore access to all previously shared content. |
Last updated 2 days ago ago
