Teams Connect shared channels will be rolling out to public preview in the coming weeks. But what is it? Shared channels are a new channel type in Teams, in addition to the existing standard and private channel types. This new channel type makes it possible to work with other people in a channel by inviting an internal or external (in other organizations) members to a shared channel. In a way, shared channels can be compared to private channels. This is because they both contain an exclusive space only for approved members. The biggest difference lies in the fact that external users can participate more easily, this also applies to internal users, because they now can be invited without first having to join the top-level Team that hosts the channel.
But what about security in shared channels?
When shared channels become globally available, this feature will not be available automatically, but it will offer granular control to best suit an organization’s needs. To work with shared channels cross tenant administrators on both sides must configure cross-tenant access policy tenant posting and the shared channel will have to set up inbound access specifying who from the external tenant is allowed to participate. Similarly, you’ll need to set up outbound access specifying who from your own tenant can participate in the external shared channel. A shared channel will not inherit a Team’s membership, but it will adopt the existing settings. So, when a shared channel is shared with another tenant, the host’s standard policies will apply. Similarly, when a shared channel is shared with another Team, the sensitivity label of the host Team will apply. Which is also cool. In the past any user invited to a channel would gain access to all other non-private channels within a Team. This was default behavior. With shared channels an invited user can only access and collaborate within that specific channel. Also, to ensure data stays with an intended boundary, a shared channel can’t be converted to a public or private channel. Only owners of a shared channel may share it with others. A shared channel owner can promote any direct member of the channel from their own organization to be an owner. But if a channel becomes ownerless, the system self will automatically promote one from within. As users join and leave the Team, they’ll gain or lose access to the shared channel without anyone having to manually manage channel membership.
It’s easy to invite a user to a shared channel
Admins can invite individuals or an entire team to collaborate in a shared channel. These users can be either from your own organization or from an external partner which has also an Azure Active Directory environment. Once external users are added to a shared channel, they can view and access the channel right from their Teams account. The beautiful thing is that when you are invited to a shared channel you will see it in your own tenant. That means that you do not have to switch a tenant when you want to chat & work with files in there. Notifications will also there – right in your own tenant! This makes it easy to participate in conversation(s) and files co-authoring. But how do you recognize a shared channel? No matter on which side you’re on, identifying a shared channel is simple. An icon will appear next to the name of that channel, giving participants on all sides a clear indication that a cross-tenant audience is collaborating in this space. Users from outside your company (external users) will have “(External)” appear next to their name.
Sharing and Meeting Capabilities Are Limited for External Users
Shared channels will support the full suite of app capabilities, tabs, connectors, boards, messages, extensions, and line of business apps associated with the channel. Approved users from outside the host tenant will be able to leverage these functions. But external users have some limitations. For example, sharing is restricted. These external users can only share files from the shared channel with other existing channel members. This is to ensure sensitive data doesn’t accidentally leak out. Also, external users can only join a “Meet Now” request or an already scheduled meeting.
Some stats regarding a shared channel
- A team can contain 200 shared channels
- A shared channel can contain 5000 direct members
- It can be shared with 50 teams
- If membership exceeds 25,000, only the first 25,000 members will be able to add the channel to their channel list.
- A shared channel can be shared with as many organizations that can be specified in the Azure AD cross-tenant access policy
- Admins from both organizations need to set up shared channels before they can be used between them.
- Each shared channel creates a new SharePoint site (just like private channels) and membership is controlled by Teams. Users can not be added or removed via SharePoint.
- Shared channels do not inherit team membership, but it inherits team settings.
- Shared Channel SharePoint site syncs data classification and sharing settings from the parent team
- External users are marked as external.
- When a team is archived, all shared channels will be locked (read only).
- When the parent team is deleted, the shared channel will also be deleted.
- A shared channel cannot be converted to a standard of private channel.
Some expectations for the future regarding shared channels
When shared channels become globally available, I expect a reduction in the number of private channels and an increase in shared channels. But don’t forget, this will require a good governance model and admin controls. Administrators will have access to granular controls in Teams Admin Center, allowing their organization to stay in control of how external users access data and information.