I'm new to SharePoint Online administration and Azure AD but I have configured my SharePoint site to allow external sharing and can sent invites that people are able to accept and access the site without issue.
My problem is that these users are then getting added to the underlying Azure Active Directory, either as a user from an external directory, or as a Microsoft account. This is going to lead to our corporate Azure AD Directory getting polluted with users who only need to access a single SharePoint site. These accounts don't even appear to be removed from Azure AD when their access is revoked from SharePoint.
Is this how it is supposed to work? Its going to generate a lot of overhead to maintain this.
Alternatively, is it possible to change a single site collection in SharePoint online to use an alternative Azure Active Directory without affecting the other site collections we have?
