When a guest user redeems an invitation or uses a link to a resource that has been shared with them, they’ll receive a one-time passcode if:
They don't have an Azure AD account.
They don't have a Microsoft account.
The inviting tenant didn't set up federation with social (like Google) or other identity providers.
They don't have any other authentication method or any password-backed accounts.
Email one-time passcode is enabled.
At the time of invitation, there's no indication that the user you're inviting will use one-time passcode authentication. But when the guest user signs in, one-time passcode authentication will be the fallback method if no other authentication methods can be used.
Note
When a user redeems a one-time passcode and later obtains an MSA, Azure AD account, or other federated account, they'll continue to be authenticated using a one-time passcode. If you want to update the user's authentication method, you can reset their redemption status.
No comments:
Post a Comment