Allow risk reevalueation for guest users
Currently resource tenants with an User Risk Policy in place, will face the problem that guest users with a risk, that doesn't meet the risk policy will get blocked from accessing the resource tenant. As the risk for guest user can neither be seen nor changed, the only way to allow access to resources is to exclude them from the policy. It would be beneficial for admins of resource tenants to be able reevaluate the risk for guest users on their tenant, instead of letting them bypass and ignoring all future risk events for the user.
Thank you for your feedback. We are currently exploring options for how we evaluate risk and enforce policies for guest users. In the interim, we have provided additional details on expected behavior and best practices for Identity Protection with guest users here: https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-b2b