MC1243549 - Retirement of SharePoint One-Time Passcode (SPO OTP) and transition to Microsoft Entra B2B guest accounts

Introduction

We are retiring SharePoint One‑Time Passcode (SPO OTP) authentication in OneDrive and SharePoint starting July 2026. Beginning in May 2026, new external sharing invitations and authentication will start using Microsoft Entra B2B instead of SPO OTP. This transition simplifies external collaboration, aligns authentication with Microsoft identity standards, and enables consistent guest lifecycle management, governance, and Conditional Access coverage across Microsoft 365.

When this will happen

• May 2026: Invitation and authentication for new external sharing begins transitioning to Microsoft Entra B2B. Users who previously authenticated via SPO OTP will continue to have access to specific people links even without a B2B guest account yet.
• July 2026: Retirement of SPO OTP authentication begins. External users without a guest account get access denied on previously shared specific people links. To restore access, a guest account must be created in Entra B2B, or an allowed user must share/re-share at least one file/folder/site.
• Retirement is expected to complete by August 31, 2026.

How this affects your organization

Who is affected

• All Microsoft 365 tenants (commercial, government, sovereign).
• All external users who access OneDrive or SharePoint files, folders, or sites.

What will happen

• The EnableAzureB2BIntegration setting will no longer control external sharing behavior beginning May 2026.
• SPO OTP authentication will retire beginning July 2026.
• The option to disable Entra B2B integration will be removed.

Impact on external users

• External users who already have an Entra B2B guest account in your directory:
  • No change in behavior.
• External users without a B2B guest account:
  • Specific people links shared after changes rolled out to your tenant:
    • A guest account will be automatically created via the Entra B2B Invitation Manager.
    • Authentication will use Entra B2B (email OTP available if enabled).
  • Specific people links shared before changes rolled out to your tenant:
    • SPO OTP authentication continues until July 2026.
    • After July 2026, these users will receive access denied until a matching B2B guest account exists.

Restoring access after retirement

• Admins can manually create a guest account for the external user at any time.
• Alternatively, an internal user with permissions needs to share or re-share at least one file, folder, or site, which will automatically create the guest account and restore access to all previously shared content.

What you need to do to prepare

No admin action is required. However, to ensure a smooth transition:

• Inform users that some external collaborators may see access denied beginning July 2026 for older links authenticated via SPO OTP.
• If your organization relies on email OTP authentication via Entra, ensure it is not disabled in Entra External ID settings. See Email OTP for B2B guests.
• Review external sharing policies and conditional access settings for guests in SharePoint and Entra admin centers.
• Optionally, identify external collaborators without guest accounts via external sharing reports. Proactively create guest accounts to retain access.
• Update internal documentation.

Learn more:

• Add and manage B2B collaboration users in the Microsoft Entra admin center | External ID | Microsoft Entra | Microsoft Learn
• Email one-time passcode authentication for B2B guest users | External ID | Microsoft Entra | Microsoft Learn
• Frequently Asked Questions: Improvements to external sharing in OneDrive & SharePoint | SharePoint in Microsoft 365 | Microsoft Learn
• Overview: B2B collaboration with external guests for your workforce | External ID | Microsoft Entra | Microsoft Learn
• Quickstart: Add a guest user and send an invitation | External ID | Microsoft Entra | Microsoft Learn
• SharePoint and OneDrive integration with Microsoft Entra B2B | SharePoint in Microsoft 365 | Microsoft Learn

Compliance considerations