Entra Id Reset External/Guest Redemption
Useful ability to reset external user redemption if they wish to link to a different external identity without losing assignments.
Resetting external or guest redemption is a valuable ability for those who want to link to another external identity without losing assignments. A channel search could provide needed content. There are specific chapters and time stamps on certain topics, including introduction, external users, external user changes, resetting redemption status, permissions needed, and summary. In this article's context, it is explained how to update a guest user's sign-in information after they've accepted your B2B collaboration invite. There might be instances when their sign-in info needs refreshing, such as:
- User wants to sign in using different email/identity provider
- User's account has been deleted and re-created in the home tenant
- User has moved to a different company but still requires the same access to your resources
- User’s responsibilities have been transferred to another user
Prior to these improvements, you needed to manually delete the guest user’s account then reinvite them. Nowadays, you can use the Azure portal, PowerShell, or Microsoft Graph invitation API to reset the user's redemption status and simultaneously reinvite them without losing their object ID, group memberships, and app assignments. After redeeming the new invitation, the UserPrincipalName (UPN) doesn't change, but the sign-in name gets updated to the new email. The user can then sign in using the new email.
Specific Roles and Use of Azure Portal
Resetting a user's redemption status requires an Azure AD role - Helpdesk Administrator, User Administrator, or Global Administrator role. The Azure portal is also utilized to reset the redemption status. Procedures might slightly differ based on the starting portal. Microsoft Entra admin center will gradually replace content over a few months. Directions are also given for users wanting to sign in using a different email.
Learn about Reset External/Guest Redemption
Microsoft experts recommend learning about external user redemption and how to reset it if users wish to link to a different external identity without losing assignments. This article covers the steps required to update the guest user's sign-in information, the scenarios in which it might be needed, the permission required to reset a user's redemption status, and how to do so using the Azure portal, PowerShell or the Microsoft Graph invitation API. It is important to note that when the user redeems the new invitation, the UserPrincipalName (UPN) of the user does not change, but the user's sign-in name changes to the new email
The minimum permission required to reset redemption status is either Helpdesk Administrator, User Administrator, or Global Administrator. The steps to reset redemption status using the Azure portal involve signing in to the Azure portal with a Global Administrator or User Administrator account and navigating to the user's profile page to edit the email address and add other emails if needed. Once complete, the user can sign in using the new email or an email added to the otherMails property of the user object.
More links on about Reset External/Guest Redemption
- Reset redemption status for a guest user - Azure
- May 31, 2023 — Use the Azure portal to reset redemption status · Select the Edit properties icon. · Scroll to Email and type the new email. · Next to Other emails ...
- Invitation redemption in B2B collaboration - Azure
- May 5, 2023 — Describes the Azure AD B2B collaboration invitation redemption experience for end users, including the agreement to privacy terms.
- Resetting the Sign-In Address for an Azure AD Guest Account
- Mar 22, 2021 — To work, the reset feature changes the sign-in name for the guest account and nothing else. The mail user object created in Exchange Online to ...
- Reset redemption status for a guest user - Required ...
- Mar 8, 2021 — Hello, I've been trying to reset the redemption status for a guest user. The doc suggests to put the new email address in ...
- Reset guests' redemption status · Issue #86773
- Jan 21, 2022 — Hello, I've been trying to change guests' connection email using the following documentation . I did try the powershell example, ...
- How to Resend Azure AD Invitation to Guest User?
- Under the user profile tab, In the Overview section, Click on the “Manage (Resend invitation / reset status)” link. resend azure ad guest invitation. Select the ...
- Reset sign-in information on guest accounts - IdefixWiki
- Jan 8, 2022 — Let`s go through the config changes and change a guest account`s sign-in information. So! I have 1 guest account “jr@ptaken.no” and this guest ...
- Change Azure AD guest email address using REST …easier
- Manually recreate the account using the new email address. Update all the previously set data and grant the permissions again. Sounds tedious — and so it is. 2.
- guest redemption | Jacques Dalbera's IT world
- New: It is now possible to reset Guest's user redemption status using ... .com/en-us/azure/active-directory/external-identities/reset-redemption-status.
Keywords
reset external redemption, external user changes, reset redemption status, permissions required, othermails property, Azure Active Directory