Allow organizations to set limits on invite link access

[Chuxel]

Currently VS Live Share allows anyone with an invite link to sign in and join a collaboration session. The invite link identifier is only valid while collaboration session is active (so time is a factor), is large, and non-guessable which increases the overall security of the approach. However, while this is convenient and reduces friction for guests some organizations may want to lock down to specific individuals instead.

Organizations should be able to establish a set of users in a Live Share “account” and set minimum invite link access at one of the following levels:

1. Anonymous access (if supported, see Allow "anonymous" sign ins #3)
2. Anyone with the link
3. Anyone in the account
4. Specific groups

Organizations should be able to change these settings at any time and have this update any existing links automatically.

[joemellin]

Hi All, Please like and subscribe to this issue if you want to be notified when it ships.

[rlh1994]

Just wondering if there had been progress on this? I am trying to get my Azure AD admin to enable this when logged in via work account (Office365) however they are concerned that the session link could be shared externally (on purpose) breaking out security policy. If admins could set a minimum level (in our case, internal users only) this would enable us to start using the extension.

[EikeVerdenhalven]

@joemellin : My company is using Visual Studio for almost everything. As our process are partially have to comply to external regulations security is of major concern. Being able to centrally define a closed user group (e.g. for the companies domain) is a key feature for us.
See also #341, #718, #3010

[CJHarmath]

@fubaduba @joemellin Just stumbled across the vsls-contrib/gatekeeper extension which adds capabilities for further restrict who can you share with which seems awesome!
The collaborators are from Microsoft, so wondering what's the chance of folding that code into the live share?

[derekbekoe]

For Visual Studio, we announced enterprise policies. To learn more, see the following links:

• https://devblogs.microsoft.com/visualstudio/ls-policies/
• https://learn.microsoft.com/en-us/visualstudio/liveshare/use/policies-visual-studio

Currently, we are not able to support policies in VS Code due to microsoft/vscode#147756 and microsoft/vscode#151948. When VS Code supports policies, Live Share can re-visit adding these.

Based on the above, I am going to close this issue. However, rest assured that we love your input. If you have a use-case for additional VS policies outside of what is currently available, please provide feedback at https://learn.microsoft.com/en-us/visualstudio/liveshare/use/policies-visual-studio#contact-us.