As you know, you can invite external users (known as guest) to your organization, leading to the creation of a guest account in your Azure AD.
You also know that reviewing such external access is always a complicated tasks.
To assist in this process, Microsoft has introduced some time ago already a feature called Azure AD Identity Governance allowing you to automate external access management.
Well, you can now automate actions when processing external access review. These actions are either:
- Remove the external user from the published/shared resource
- Block user to sign in for 30 days and then remove it from your tenant
The configuration options are available when using Identity Governance and Access packages (which requires the use of an Azure AD P2 or EMS E5 license [either paid or trial].
When you create a new access review, you will be able to define the actions under the Upon completion settings section