A client reached out to me recently stymied that while Guest Access in Teams was enabled, they were unable to actually invite guests to participate in their Teams.  After a review, and a lot of web searching, I discovered that this is apparently a pretty common issue and the solution is not well documented at all.  It turns out you also must enable a feature in the Azure AD component of the tenant in order to make this work.

Here’s what makes it work:

Allow Guest access/Invite Guests

The documentation on this is very sketchy from Microsoft.  There are two things that must be done in order to permit guests and permit members to invite guests.

  1. Enable Guest Access
    1. Log into the Tenant
    2. Open Teams Admin Center (https://admin.teams.microsoft.com/)
    3. Open “Org-Wide Settings”
      1. Click on External Access
        1. Enable: Users can communicate with Skype for Business and Teams Users
        2. Enable: Skype for Business users can communicate with Skype users
      2. Click on Guest Access
        1. Enable:  Allow guest access in Teams
      3. Save settings
  2. Enable Guest Invites
    1. Log into the Tenant
    2. Open Azure Active Directory
    3. Within Azure Active Directory admin center
      1. click on Azure Active Directory
      2. click on Organizational Relationship
      3. Select Settings
        1. Enable:  Guest users permissions are limited
        2. Enable: Admins and users in the guest inviter role can invite
        3. Enable: Members can invite
        4. Disable:  Guests can invite (enabled by default but I’d recommend disabling this)
        5. Enable: Enable Email One-Time Passcode for guests (Preview)
        6. Set Collaborative Restrictions to:  Allow invitations to be sent to any domain (most inclusive)

NOTE:  Enabling Guest access can take 2 – 24 hours to take effect after enabling the feature.