Accept external SharePont Online sharing invitations with an account matching the invited email address

Dec 27

Written by:
Sunday, December 27, 2015 10:40 AM  RssIcon

By default on the Sharepoint Online Tenant the following property values are active:


With the property   “RequireAcceptingAccountMatchInvitedAccount”  you can control, how external users accept invitations.
When enabled (not default!), this parameter requires external users to accept invitations with the email account with which they originally received the invitation.


If this parameter is $false / not set

When a user shares a document with an external user, they enter an e-mail like, and an email is sent to Stephen at

When he attempts to accept the invitation (by clicking the link in the email), he can log in with ANY account HE WANTS to use. For example, he could use,, or even  The sharing email can be forwarded and accepted by anyone.  This system ensures that external users who use email aliases or who do not have a Microsoft account or organization account are able to accept the invitation.


If this parameter is set to $true  

The "RequireAcceptingAccountMatchInvitedAccount" parameter ensures that the user who receives the invitation is also the user who accepts it. If an invitation is sent to, only a user who can log into is able to accept the invitation.

Any other email account displays an error page that directs to user to use the appropriate account. Notes that this does not apply to invitations that have previously been accepted in SharePoint Online and it only affects external sharing invitations that are generated after the parameter has been set. It will also not affect external users who have previously accepted an invitation.
They will be able to log-in and use the system as normal.


Here you can find the full syntax for the Set-SPOTenant cmdlet, which is used to change the “RequireAcceptingAccountMatchInvitedAccount” property value.



In this post I show you the behavior of sharing   the document “TestShareDoc” from the “test share” – folder in the Documents library.



The rest of this post is divided in the following parts:

Part 1:  RequireAcceptingAccountMatchInvitedAccount = $false (Default)

Part 2: How to change this parameter by Powershell

Part 3: RequireAcceptingAccountMatchInvitedAccount = $true


Part 1:

Invite one external person (  and by pressing <Share> send the email-invitation


Login to your gmx Mailbox (as open the Sharing-Invitation mail an klick on the link to open the document


Select the “Microsoft account”



Use an other account than the one of the invitation.  I use the @gmail instead of the @gmx



You are able to access the (empty) word document by word online



Part 2

Connect to the Office 365 Sharepoint Tenant by Powershell and change the property


Here you can find the code to import the right module, connect to the tenant and change the property-value:


Import-Module Microsoft.Online.SharePoint.PowerShell

$o365cred = Get-Credential -Message "Enter your Credentials" -UserName 
Connect-SPOService -Url -credential $o365cred
# to display all properties
# Get-SPOTenant

(Get-SPOTenant).RequireAcceptingAccountmatchInvitedAccount # value before
# change value
Set-SPOTenant -RequireAcceptingAccountMatchInvitedAccount $true
(Get-SPOTenant).RequireAcceptingAccountmatchInvitedAccount # value after


Part 3

Create the same invitation (as in part 1) again open gmx-Mailbox and open Sharing-Mail and klick on the link in the e-mail


The invitation was intended for “” and now I try to login with the  “” – Microsoft Account (=> different Mailaddress!)


You get the following “That didn’t work” warning that the accounts don’t match – that’s what we want! –> so changing the property-value of “RequireAcceptingAccountMatchInvitedAccount” works!