Finance teams in your organization regularly share sensitive files with external auditors, tax consultants, and business partners. When those external recipients click the sharing link, they see a Request Access page instead of the file. This behavior is controlled by OneDrive sharing settings that block anonymous access and force authenticated third-party sign-in. This article explains the exact OneDrive admin settings that cause external users to see a request access screen, and provides a step-by-step checklist to configure sharing links so external finance partners can open files without unnecessary friction.
Key Takeaways: OneDrive External Sharing Settings for Finance Teams
- Microsoft 365 admin center > SharePoint > Policies > Sharing: Controls the default sharing link type for all OneDrive and SharePoint sites. Choose “Specific people” to force authenticated access.
- OneDrive admin center > Sync > Sharing settings: Lets you set external sharing to “New and existing guests” instead of “Anyone” to require sign-in.
- PowerShell Set-SPOTenant -RequireAcceptingAccountMatchInvitedAccount: Enforces that the external user’s email domain matches the domain in the sharing invitation.
Why External Sharing Links Show Request Access to Finance Users
When you share a OneDrive file or folder with an external user, the recipient sees either the file content or a request access page. The determining factor is the sharing link type you selected and the tenant-wide sharing policy. OneDrive offers three link types: Anyone, People in your organization, and Specific people. The Anyone link allows anonymous access without sign-in. The Specific people link requires the recipient to authenticate with a Microsoft or work account. If the recipient is not already in your Azure AD as a guest, they see a Request Access page instead of the file. Finance teams often need external partners to access files without requesting access each time. The fix is to pre-invite the external user as a guest in Azure AD and then share the file using the Specific people link.
How the Request Access Screen Appears
An external user clicks a sharing link. OneDrive checks the link type. If the link is set to Specific people and the recipient is not a guest in your tenant, OneDrive displays a page with a Request Access button. The user clicks that button, and an email is sent to the finance team member who shared the file. That team member must manually approve the request in OneDrive or SharePoint. This process delays external collaboration. The root cause is not a technical error but a deliberate security setting that prevents unauthenticated access to sensitive financial data.
Checklist: Configure OneDrive External Sharing for Finance Teams
Use this checklist to ensure external finance partners can access shared files without seeing the Request Access screen. Perform each step in the order listed.
- Set tenant-level external sharing to New and existing guests
Open the Microsoft 365 admin center. Go to Settings > Org settings > Security & privacy > Sharing. Under External sharing, select “Allow users to share with new and existing guests.” This setting forces external users to be invited as guests before they can access files. It prevents anonymous Anyone links from being used for finance data. - Restrict OneDrive site sharing to Specific people
Open the OneDrive admin center at admin.onedrive.com. Go to Sharing > External sharing. Under “OneDrive,” select “Only allow users to share with specific people.” This ensures that all sharing links created by finance team members default to the Specific people type. - Pre-invite external finance partners as guests in Azure AD
Open the Azure portal at portal.azure.com. Go to Azure Active Directory > External Identities > All users. Click New guest user. Enter the external partner’s email address and an optional message. The partner receives an invitation email. They must accept the invitation to become a guest. Once they accept, they can access files shared with the Specific people link without seeing Request Access. - Configure sharing link expiration for finance files
In the OneDrive admin center, go to Sharing > External sharing. Under “Choose the type of link that’s selected by default,” select “Specific people.” Under “Expiration,” set the default link expiration to 30 days. This reduces security risk for shared financial documents. - Use PowerShell to enforce guest domain matching
Open SharePoint Online Management Shell as an administrator. Run the command:Set-SPOTenant -RequireAcceptingAccountMatchInvitedAccount $true. This setting requires that the external user’s email domain matches the domain in the sharing invitation. For finance teams, this prevents a partner from forwarding the link to someone in a different company. - Test the configuration with a finance test user
Create a test external account in a different email domain. Share a OneDrive file with that account using the Specific people link. Open the link in a private browser window. Verify that the file opens directly without showing a Request Access button.
If External Users Still See Request Access After Configuration
External user is not a guest in Azure AD
The most common reason the Request Access page persists is that the external user has not accepted the guest invitation. Check the Azure AD guest user list. If the user shows a status of Pending Acceptance, resend the invitation or ask the user to check their email spam folder. Once the user accepts the invitation, they become a guest and the Request Access screen disappears for future shared links.
Sharing link was set to People in your organization
If the finance team member accidentally selects the People in your organization link type, external users cannot access the file at all. They see a sign-in page and then a 403 Forbidden error. Instruct finance team members to always choose Specific people when sharing with external partners. You can enforce this by setting the default link type to Specific people in the OneDrive admin center.
External sharing is blocked for a specific OneDrive site
A site collection admin might have overridden the tenant-level sharing policy for a specific finance user’s OneDrive. Open the SharePoint admin center. Go to Active sites. Select the user’s OneDrive site. Click Policies > External sharing. Verify that the setting is not set to “Only people in your organization.” Change it to “New and existing guests” if needed.
OneDrive Sharing Link Types: External Access Behavior Comparison
| Item | Anyone | Specific people |
|---|---|---|
| Authentication required | None | Microsoft or work account |
| Guest account needed | No | Yes |
| User sees Request Access | Never | If not a guest |
| Best for finance external sharing | Not recommended | Yes, with pre-invited guests |
| Link can be forwarded | Yes | Only to existing guests |
The table shows that the Specific people link type, combined with a pre-invited guest account, eliminates the Request Access screen for finance external sharing. The Anyone link bypasses the screen but violates security policies for financial data.
You can now configure OneDrive external sharing so finance partners open shared files directly without requesting access. Pre-invite each external user as a guest in Azure AD before sharing any file. Use the Specific people link type for all finance-related sharing. For ongoing management, set a 30-day link expiration and enable domain matching with the RequireAcceptingAccountMatchInvitedAccount PowerShell parameter. This approach reduces support tickets from external partners and keeps financial data secure.