Edit

Reset redemption status for a guest user

  • Article
  • 3 minutes to read

In this article, you'll learn how to update the guest user's sign-in information after they've redeemed your invitation for B2B collaboration. There might be times when you'll need to update their sign-in information, for example when:

  • The user wants to sign in using a different email and identity provider
  • The account for the user in their home tenant has been deleted and re-created
  • The user has moved to a different company, but they still need the same access to your resources
  • The user’s responsibilities have been passed along to another user

To manage these scenarios previously, you had to manually delete the guest user’s account from your directory and reinvite the user. Now you can use the Azure portal, PowerShell or the Microsoft Graph invitation API to reset the user's redemption status and reinvite the user while keeping the user's object ID, group memberships, and app assignments. When the user redeems the new invitation, the UPN of the user doesn't change, but the user's sign-in name changes to the new email. Then the user can sign in using the new email or an email you've added to the otherMails property of the user object.

Required Azure AD roles

To reset a user's redemption status, you'll need one of the following roles:

Use the Azure portal to reset redemption status

  1. Sign in to the Azure portal using a Global administrator or User administrator account for the directory.

  2. Search for and select Azure Active Directory.

  3. Select Users.

  4. In the list, select the user's name to open their user profile.

  5. (Optional) If the user wants to sign in using a different email:

    1. Select the Edit properties icon.
    2. Scroll to Email and type the new email.
    3. Next to Other emails, select Add email. Select Add, type the new email, and select Save.
    4. Select the Save button at the bottom of the page to save all changes.

  6. On the Overview tab, under My Feed, select the Manage (resend invitation / reset status) link in the B2B collaboration tile.

    Screenshot showing the B2B collaboration reset link.

  7. Under Redemption status, next to Reset invitation status?, select Yes.

    Screenshot showing the reset invitation status setting.

  8. Select Yes to confirm.

Use PowerShell or Microsoft Graph API to reset redemption status

Reset the email address used for sign-in

If a user wants to sign in using a different email:

  1. Make sure the new email address is added to the mail or otherMails property of the user object.
  2. Replace the email address in the InvitedUserEmailAddress property with the new email address.
  3. Use one of the methods below to reset the user's redemption status.

Note

  • When you're resetting the user's email address to a new address, we recommend setting the mail property. This way the user can redeem the invitation by signing into your directory in addition to using the redemption link in the invitation.
  • For app-only calls, the redemption status can't be reset if there are any roles assigned to the target user account.

Use PowerShell to reset redemption status

Install-Module Microsoft.Graph
Select-MgProfile -Name v1.0
Connect-MgGraph -Scopes "User.ReadWrite.All"

$user = Get-MgUser -Filter "startsWith(mail, 'john.doe@fabrikam.net')"
New-MgInvitation `
    -InvitedUserEmailAddress $user.Mail `
    -InviteRedirectUrl "http://myapps.microsoft.com" `
    -ResetRedemption `
    -SendInvitationMessage `
    -InvitedUser $user

Use Microsoft Graph API to reset redemption status

To use the Microsoft Graph invitation API, set the resetRedemption property to true and specify the new email address in the invitedUserEmailAddress property.

POST https://graph.microsoft.com/v1.0/invitations  
Authorization: Bearer eyJ0eX...  
ContentType: application/json  
{  
   "invitedUserEmailAddress": "<<external email>>",  
   "sendInvitationMessage": true,  
   "invitedUserMessageInfo": {  
      "messageLanguage": "en-US",  
      "ccRecipients": [  
         {  
            "emailAddress": {  
               "name": null,  
               "address": "<<optional additional notification email>>"  
            }  
         } 
      ],  
      "customizedMessageBody": "<<custom message>>"  
},  
"inviteRedirectUrl": "https://myapps.microsoft.com?tenantId=",  
"invitedUser": {  
   "id": "<<ID for the user you want to reset>>"  
}, 
"resetRedemption": true 
}

Next steps