How can we make Microsoft Teams better?

Assigning a non-member to a task in planner adds them to the Team

If you assign a person a task in planner who isn't a member of the team, they automatically get added to the team. There is a message which says non-member but I don't think this is clear enough.

There should be another warning/pop up telling the user that if they assign a task to someone not on the team they will get added to the team. This is a security concern!

135 votes
Sign in
(thinking…)
Sign in with: Facebook Google
Signed in as (Sign out)

We’ll send you updates on this idea

Frank S shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

11 comments

Sign in
(thinking…)
Sign in with: Facebook Google
Signed in as (Sign out)
Submitting...
An error occurred while saving the comment
  • Anonymous commented  ·   ·  Flag as inappropriate

    Apparently there is a pop-up alert when trying to perform this action from Teams, but not when performing the same action directly in Planner! If the alert pop-up is the intended solution, please also apply this fix when making task assignment changes directly from Planner. Thanks.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Oh my. Just came across this too late. This led to a major data security breach in our company. Assigning a non-member to an integrated Planner plan should either not be possible unless the non-member is officially added to the Teams group, or the Planner assignment should have not give access to other data within that Teams group. In our case, by assigning a non-member to a Planner task within a private team made lots of confidential information available to this non-member. What a mess! This is a serious data privacy issue and needs to be addressed.

  • Glenn commented  ·   ·  Flag as inappropriate

    Any updates since the last status update to Under Review over a year ago?

  • Michael Sudnik commented  ·   ·  Flag as inappropriate

    I want to be able to assign a task to someone outside of the team or to an organisational guest - and they would only be able to see / update their specific task. They would not see any of the other plan / team contents (e.g. members, documents, tasks, etc.)

  • Anonymous commented  ·   ·  Flag as inappropriate

    Completely agree, people should be able to be added to a specific plan and not the entire team, it just doesn't make sense.

  • Roy F commented  ·   ·  Flag as inappropriate

    Just to be clear, for anyone that gets alarmed by this (as I did); this only happens for those with priv to add members, assignment is restricted to current members if you don't have that priv. It happens as soon as someone is selected, even if you don't leave the task edit dialog with them selected. And there is no warning that the person selected is not a team member (as described in the original feedback post), so perhaps that has changed since te post was done.

    The fact that non-priv members can't do this is a huge plus, but this is still a bad security hole. Microsoft should consider this a significant security bug, not a suggestion.

    Suggestion: I like being able to add a member via task assignment, but it needs to require overt action, e.g. "You selected a non member; do you want to add them to the group and continue?"

  • Anonymous commented  ·   ·  Flag as inappropriate

    Actually, I am of the opinion that non-member should be allowed to be added to the Planner but not be added as a member (which Team does it automatically), or an option to add or not to add to the Team. This allows for the individual to access his/her own Planner and find the task listed there.

  • Cécile MAYER commented  ·   ·  Flag as inappropriate

    Fully agree, i do not know how it should behave but not giving the full membership to the group. I would personnally be happy with a task which becomes part of a “personal plan” (of the person who isn’t a member) and which can be updated by this person

  • Sergio commented  ·   ·  Flag as inappropriate

    Actually, the user added to a task, is added to the O365 group. As described above, it is a security concern.

Feedback and Knowledge Base



You are about to visit the UserVoice site for Microsoft Teams

We have partnered with UserVoice, a 3rd party service providing public discussion forums for product-specific feedback.

By clicking "Continue to UserVoice" you agree to UserVoice's Privacy Policy and Terms of Use.