Features

Setting up Microsoft 365 for New Collaborate

Plans - Pro.png

Microsoft 365 provides authentication and management of guests accessing your New Collaborate site.

To ensure New Collaborate functions as intended, the settings must be configured as per the article below

To complete these one time steps, you will need to log in as your Microsoft 365 Administrator User

Note: These configurations have been changed as of 26/02/2024 to simplify what is required for New Collaborate. There are three mandatory steps and one optional step.

For more information regarding these configurations, please refer to Microsoft resource article.

Step 1 - External Collaborate Settings (Mandatory) 

  1. Go to the Microsoft Entra Admin Centre https://entra.microsoft.com and log in as the Microsoft Administrator.

  2. From the menu on the left, click the External Identities dropdown and select External collaboration settings.

  3. In the Guest invite settings section, ensure as a minimum the following option has been selected:

    ➡️Member users and users assigned to specific admin roles can invite guest users including guests with member permissions. This is the default Microsoft setting.

    3027_Microsoft_entra_recommended_settings.gif
    To restrict the ability for users to share directly from the SharePoint Collaborate site, we recommend updating this directly within the site once you have completed the New Collaborate configuration wizard. Refer to How to restrict the ability for internal users to invite guests to SharePoint.

  4. Scroll down to the Collaboration restrictions section.

  5. Select "Allow invitations to be sent to any domain (most inclusive)". This is the default Microsoft setting.
    3217_New_Collaborate_Collaboration_Restrictions.gif

Step 2 - Enable One-Time Passcode (Mandatory)

One-Time Passcode enables guest users to use a one-time passcode to authenticate their accounts.

Note: If this option is not enabled, users will be required to create a Microsoft Account to access the New Collaborate site.

  1. Open Microsoft Entra Admin Centre - https://entra.microsoft.com/ and log in as the Microsoft Administrator. 

  2. From the menu on the left-hand side, in the External Identities section, select All identity providers.

  3. Select Email one-time passcode and change the toggle for Email one-time passcode for guests to Yes. This is the default Microsoft setting.

3113_Azure_Identity_Provider_Passcode_Enabled.gif

Step 3 - Assign the User Administrator Role (Optional) 

This step is optional as:

  • The only effect of not configuring this is that New Collaborate will not be able to complete the final step when sharing is stopped with guest users. The final step is to automatically delete the guest user from Entra.
  • This can be completed manually and periodically by the Microsoft Administrator.
  • The reason some practices may choose not to configure this, especially enterprise practices, is they may have security protocols to prevent sharing such a powerful permission with an integration app.

Note: If enabling the User Administrator Role, the Guest User role (to limit sharing to specific users only) is not required. 

To assign the User Administrator role:

  1. Open Microsoft Entra Admin Centre - https://entra.microsoft.com/ and log in as the Microsoft Administrator.

  2. From the menu on the left-hand side, in the Users section, select All Users.

  3. Locate the Practice OneDrive Admin User Account and click the name to open the user properties. 

  4. On the User menu on the left-hand side, in the Manage section click Assigned roles.
    3214_Microsoft_Entra_Assigned_Roles.gif
  5. Click + Add Assignments.

  6. Tick the User Administrator role.
    3215_Microsoft_Entra_Directory_Roles_User_Administrator.gif
  7. Click Add.

  8. The next time you load the Assigned Roles page, the User Administrator role will be displayed for the user.

Step 4 - Update SharePoint External Settings (Mandatory)

  1. Open Microsoft 365 Admin Center by visiting https://admin.microsoft.com/ and log in as the Microsoft Administrator.

  2. From the menu on the left-hand side, locate the Admin Centers section and select SharePoint (you may need to first click Show All). 

  3. From the menu on the left-hand side, select Policies, then select Sharing.

  4. In the External Sharing section:
    • As a minimum, set "Content can be shared with" to "New and existing guests" for SharePoint. This is the default Microsoft setting.
    • For "More external sharing settings", ensure "Limit external sharing by domain" is not enabled. This is the default Microsoft setting. 
      2237A_Collaborate_B2B_Setup_highlight.gif

Step 5 - Add Privacy Information to Microsoft Entra (optional)

When clients are added to your New Collaborate site they'll be prompted to accept the permissions requested by your practice.

If your practice has not added privacy information to Microsoft Entra the permissions will display "(Practice) has not provided links to their terms for you to review."

To create a Privacy Policy refer to the Microsoft article Add your organization's privacy information to Microsoft Entra

2870_New_Collaborate_Guest_Permissions_Login.gif

Next Steps: To continue setting up New Collaborate, refer to Setting up Collaborate Email Templates.

Was this article helpful?
4 out of 5 found this helpful