How to invite new external users into your directory using New-MgInvitation

Inviting new external users into your directory

Organizations invite external users to their Microsoft Entra ID directory to facilitate collaboration with individuals outside their organization. This allows for the controlled sharing of resources and the provision of temporary access while enabling external individuals to use their existing credentials.

Invite new external users using Microsoft Graph PowerShell

Prerequisites

Before using the New-MgInvitation cmdlet, ensure the following:

The Microsoft Graph PowerShell module is installed. If not, install it using this script:
Install-Module Microsoft.Graph -Scope CurrentUser
Connect to Microsoft Graph PowerShell with the following permissions to invite external users to access applications.
User.Invite.All, User.ReadWrite.All, Directory.ReadWrite.All,

Using the New-MgInvitation command to invite a new external user into your directory

The New-MgInvitation cmdlet can be used in Microsoft Graph PowerShell to invite new external users into your directory. Here's the syntax:


                                    New-MgInvitation 

                                    [-ResponseHeadersVariable <String>] 

                                    [-AdditionalProperties <Hashtable>] 

                                    [-Id <String>] 

                                    [-InviteRedeemUrl <String>] 

                                    [-InviteRedirectUrl <String>] 

                                    [-InvitedUser <IMicrosoftGraphUser>] 

                                    [-InvitedUserDisplayName <String>] 

                                    [-InvitedUserEmailAddress <String>] 

                                    [-InvitedUserMessageInfo <IMicrosoftGraphInvitedUserMessageInfo>] 

                                    [-InvitedUserSponsors <IMicrosoftGraphDirectoryObject[]>] 

                                    [-InvitedUserType <String>] 

                                    [-ResetRedemption] 

                                    [-SendInvitationMessage] 

                                    [-Status <String>] 

                                    [-Headers <IDictionary>] 

                                    [-ProgressAction <ActionPreference>] 

                                    [-WhatIf] 

                                    [-Confirm] 

                                    [<CommonParameters>]

Example use cases and scripts using the New-MgInvitation cmdlet

Example 1: Invite a user and send a default invitation email


                                    New-MgInvitation -InvitedUserDisplayName "John Doe" -InvitedUserEmailAddress John@contoso.com -InviteRedirectUrl "https://myapplications.microsoft.com" -SendInvitationMessage:$true

Example 2: Invite a user and set the user type to member


                                    New-MgInvitation -InvitedUserDisplayName "John Doe" -InvitedUserEmailAddress John@contoso.com -InviteRedirectUrl "https://myapplications.microsoft.com" -InvitedUserType Member

Supported parameters

The following table contains some parameters that can be used along with the New-MgInvitation command to invite external users into your directory.

Parameters	Description
-BodyParameter	This parameter sends an invitation to the external user.
-Headers	This parameter allows you to add optional headers to the request.
-Id	This parameter assigns a read-only unique identifier for an entity.
-InvitedUserType	This parameter determines the userType of the user being invited.
-InviteRedeemUrl	This parameter specifies the URL that the user can use to redeem their invitation.

Limitations of using Graph PowerShell scripts to invite external users into your directory

Graph PowerShell requires IT admins to upgrade from Azure AD PowerShell and have familiarity with PowerShell scripting.
Microsoft Graph imposes rate limits on API calls, which can affect bulk invitations and lead to delays or failures when inviting numerous external users at once.
While the invitation message can be customized, advanced modifications to the invitation workflow may require complex scripting.
Identifying and troubleshooting errors can be time-consuming and require technical expertise.
The lack of an intuitive interface makes the overall experience less user-friendly, particularly for those new to scripting.

Highlights of ADManager Plus

ManageEngine ADManager Plus is an identity governance and administration solution, with comprehensive Microsoft Entra ID management and reporting capabilities, that eliminates the hassle of complex PowerShell scripts. Its intuitive, user-friendly interface allows you to streamline even the most complex administrative tasks in minutes.

Here’s how it takes your AD management to the next level:

Provides an easy-to-use interface for managing and reporting on users, eliminating the need for complex PowerShell scripting or Graph API knowledge.
Simplify bulk operations through automation capabilities, optimizing for large-scale environments, and eliminating the need for complex scripts.
Use prebuilt or custom templates to standardize management and reporting tasks.
Generate more than 200 prepackaged reports, with options to customize and export them in various formats, like CSV or HTML.
Delegate specific management and reporting tasks to technicians without granting them excessive permissions.

No more PowerShell hassles! Manage Microsoft Entra ID effortlessly with ADManager Plus.

Try it now for free

Inviting external users into your directory using Microsoft Graph PowerShell
Limitations of using Graph PowerShell scripts to invite external users
Highlights of ADManager Plus

Related features:

Related Powershell Guides: