Today, there is no verification for anonymous participants in Teams Meetings, Webinars and Town halls.
According to the documentation, anonymous meeting users are:
- Users who aren’t logged in to Teams with a work or school account.
- Users from non-trusted organizations and from organizations that you trust but which don’t trust your organization.
- Users without a Microsoft account.
Microsoft is now introducing an optional email OTP verification for anonymous meeting participants.
Email OTP is known from SharePoint and OneDrive. A one-time password (OTP) is emailed to an external person. It is a multi-digit number. After entering the number, the person can access the shared content in SharePoint.
Microsoft is implementing the same feature in Teams. It is a Teams Premium feature, the organizer needs the license.
Microsoft notes that accounts without a Teams Premium license can also use the verification feature. However, anonymous, unverified participants are not possible in such events. Participants must log in with an account.
The experience for attendees to verify their email with OTP prior to joining meetings is available only for meetings created by organizers that have a Teams premium license. However, the new meeting option to require verification will be available to all meeting organizers without Teams Premium license as well, for these meetings, attendees can join meeting after verifying with their TFL account or Entra account.
Content
Configuration
There are two noteworthy points for the configuration.
Enable / Disable Email OTP
In the Teams Admin Center, meeting policies now have a new option for “Anonymous users can join a meeting after verifying.” The configuration for “By email code” is enabled by default.
Teams administrators cannot disable the option in the Admin Center without at least one Teams Premium license in the tenant.
With PowerShell, administrators can also change the policy without a Teams Premium license.
It is the new property AnonymousUserAuthenticationMethod in a meeting policy.
AnonymousUserAuthenticationMethod
Determines how anonymous users will be authenticated when joining a meeting .
Possible values are:
- OneTimePasscode, if you would like anonymous users to be sent a one time passcode to their email when joining a meeting. This is the default value.
- None, if you would like to disable authentication for anonymous users joining a meeting.
# Check the global meeting policy
Get-CsTeamsMeetingPolicy -Identity Global | select AnonymousUserAuthenticationMethod | fl
# Change the global meeting policy
Set-CsTeamsMeetingPolicy -Identity Global -AnonymousUserAuthenticationMethod None
The meeting policy has been changed, even without a Teams Premium license.
Tenants with no anonymous users
Microsoft notes in the announcement that the default configuration of Email OTP enables a new way to join for tenants who do not allow anonymous users. Teams administrators must proactively disable Email OTP in this situation.
Tenants where the Anonymous users can join a meeting setting is currently disabled will be affected by this update. In the Teams admin center, a meeting policy controls whether anonymous users can join meetings. If this setting is turned off, users without an MSA (Microsoft Account) or Microsoft Entra account are currently unable to join meetings. With the introduction of this new feature, we are enabling an additional option for unverified (anonymous) users to join meetings without requiring an MSA or Entra account.
Using verification for anonymous users
Microsoft notes that Email OTP is still in a limited public preview and is expected to be available by the end of March.
If the Email OTP configuration is enabled, the following option will be available in the settings of a meeting:
For the summary, I prepared a table.
| Meeting policy for Email OTP | Default verification setting in new meetings | Meeting participation for anonymous users | |
|---|---|---|---|
| Anonymous users can join meetings | Yes | Disabled, organizer can enable the meeting option | Yes, with verification (if enabled) |
| No | Not available | Yes, without verification | |
| Anonymous users cannot join meetings | Yes | Enabled, organizer cannot disable the meeting option | Partially, unconfirmed participation is only possible by logon with an account |
| No | Not available | No |
Organizers with no Teams Premium license
If the verification option is active in an event, an anonymous participant must sign in with an account.
Organizers with a Teams Premium license
Anonymous participants are prompted to provide an email address,
the system informs them that a code is being sent for confirmation…
…and they receive, as known from SharePoint, the multi-digit number valid for 30 minutes.
After that, the verified person should be able to join the event.
Participants who verify the same email address that the meeting invitation was sent to will be allowed to join the meeting directly if the Lobby bypass setting permits invited participants. Conversely, participants verifying with a different email address will be placed in the lobby and labeled as Email verified.
The Email verified tag and the email address participants entered for verification will be shown on the profile card of the participant in the lobby, meeting roster, and meeting chat.
Today, Teams caused an error during my tests, and the person could not join a meeting or other events. This feature should not yet be used productively for meetings.
