Group self-service: adjustments to 'Groups' application
We would like to let group owners manage Azure AD groups. This is possible with the myapps / accesspanel 'Groups' application.
Currently AAD allows you to enable / disable the 'Groups' application for all users, you can't scope it.
However, the groups app allows the users to see the members including their UPN for groups they are a member of. This isn't a issue for internal users but we also have guests from different companies that could see each other in the 'Groups' application, that's a issue - we can't enable the 'Groups' application.
As far as I know guests don't have read access to other objects either.
Is Microsoft aware of this? Do you have a suggestion how to work around the limitation?
This could easily be solved by:
a) Let us scope who see's the 'Groups' application.. or
b) Make sure guests don't see each other in the 'Groups' application