Manage guest user lifecycle (preview)
Entitlement management allows you to gain visibility into the state of a guest user's lifecycle through the following viewpoints:
- Governed - The guest user is set to be governed.
- Ungoverned - The guest user is set to not be governed.
- Blank - The lifecycle for the guest user isn't determined. This happens when the guest user had an access package assigned before managing user lifecycle was possible.
When a guest user is set as Governed, based on entitlement management tenant-wide settings their account will be deleted or disabled in specified days after their last access package assignment expires. Learn more about entitlement management settings here: Manage external access with Microsoft Entra entitlement management.
You can directly convert ungoverned users to be governed by using the Mark Guests as Governed (preview) functionality in the top menu bar.
Manage guest user lifecycle in the Microsoft Entra admin center
Steps in this article may vary slightly based on the portal you start from.
To manage user lifecycle, you'd follow these steps:
Prerequisite role: Global Administrator, Identity Governance Administrator, Catalog owner, Access package manager or Access package assignment manager
Browse to Identity governance > Entitlement management > Access package.
On the Access packages page open the access package you want to manage guest user lifecycle of.
In the left menu, select Assignments.