Dynamic groups are special active directory group where is possible to define rules if these rules are satisfied, users or devices are automatically added. This is definitely a very useful piece of Azure Active Directory, especially if we think to use them in the context of the Microsoft 365 ecosystem, in fact, it is extremely easy to add dynamic groups in SharePoint, Teams, or OneDrive.

There is another use case where dynamic groups are strategically important, changing the game. If you are used to hosting the SharePoint Framework assets in the CDN of SharePoint App Catalog, there is a specific case where you have issues.

I’m talking about guests trying to access SPFx solutions whit the configuration above mentioned, in fact, for this casuistic the guest will get access denied for the files stored in the CDN of the SharePoint App Catalog for insufficient permission. There is a sweet solution for this problem, a dynamic group of all guests in the Tenant, where the rule looks like below:

(user.userType -eq “Guest”)

It is important to say that at least one Azure Active Directory P1 license (€5.060 user/month) is required, but considering all benefits in terms of capabilities that this license brings, money is well invested in my opinion.

check out my video tutorial: