Skip to content

KB – Reset cross-tenant access policies back to the system default.

  • Entra
  • 2 min read

This is a knowledgebase item. Hope it helps you out someday.

The issue

Changes have been made to the default settings in the Azure AD cross-tenant policies. You want to revert them, but there is no button in the Azure portal UI to do that (at the moment of writing this article)

Solution

This can be done using the Graph API. The easiest way is using Graph Explorer. So, how does that work?

Browse to https://aka.ms/ge, and make sure that you are signed in. First, check if you have consented to the Policy.ReadWrite.CrossTenantAccess permissions.

Then, use this API request:

POST https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy/default/resetToSystemDefault

If successful, this action returns a 204 No Content response code. {}

The default settings are now restored:

Inbound access settings

TypeApplies toStatus
B2B collaborationExternal users and groupsAll allowed
B2B collaborationApplicationsAll allowed
B2B direct connectExternal users and groupsAll blocked
B2B direct connectApplicationsAll blocked
Trust settingsN/ADisabled

Outbound access settings

TypeApplies toStatus
B2B collaborationExternal users and groupsAll allowed
B2B collaborationApplicationsAll allowed
B2B direct connectExternal users and groupsAll blocked
B2B direct connectApplicationsAll blocked

More info: crossTenantAccessPolicyConfigurationDefault: resetToSystemDefault – Microsoft Graph beta | Microsoft Docs

Stay safe!

Leave a Reply

Your email address will not be published. Required fields are marked *