In Microsoft 365 -> Azure -> External collaboration settings, for the Collaboration Restrictions setting I have it set to "Allow invitations only to the specified domains (most restrictive)".


I now need to add a specific gmail user, (let's say, as a guest to the organization, but in order to do this I need to add "" as a whitelisted domain. If I do this, it kind of defeats the purpose of using an allow list since there are millions of accounts that exist.


I am wondering if there is a way to specify in the allow list, and then create another restriction for all emails where the email must be in a list that I specify? So basically I would have a policy that says for all users, only allow, otherwise block.


Is this possible via conditional access or other means?