FTP accounts tied to subscription, not user. Not enough auditing
In the current model, FTP credentials are tied to a user's azure login. Thus, we have no visibility into credentials that are set, as we cannot see other people's FTP credentials they've set. Furthermore, when an FTP account is created or deleted, nothing is logged. This makes it difficult to audit who has access. With the logins being tied to the user, when the user leaves, there is no way for us to reclaim that username unless they delete their ftp credentials first. This doesn't always work, as a user may depart abruptly or not on good terms. Although the credential is disabled as soon as we remove access to the subscription, we still cannot claim it.
Thanks for logging this idea. It’s definitely a valid request and we’ll leave it under review to see it collects more support from users.
As a reference, take a look at the deployment credentials doc we have out: https://docs.microsoft.com/en-us/azure/app-service-web/app-service-deployment-credentials
Ahmed Sabbour commented
The deployment credential username is not tied to the subscription, but rather to the Microsoft Account. I can have access to multiple subscriptions and my deployment credentials would be the same across all of them, hence it is required to be unique across Azure.