Hi friends,
I've been playing around with entitlement management in Entra to facilitate Sharepoint site onboarding for when my org needs to share and edit files with third parties.
I made an access policy that makes these external folks members in an M365 group which is a member on the site they need access to.
However, because they are guests in our tenant (I think this is default behavior for external domains), it appears SP doesn't care about their membership in the underlying M365 group and just gives them read permissions.
Is there any way to get around this? Throws a huge wrench in the automation scheme to have to upgrade each guest account to a member in the tenant despite them belonging to the M365 group.
I am not super familiar with SP, so there is likely some nuance I am missing here.
Any advice is welcome.