Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. logout

    Add Server Side Logout for MSA accounts. Once added have Azure Application Service (Easy Auth) logout call MSA's Server Side Logout to complete the flow.

    Current work around is to execute both Easy Auth Logout and MSA Logout via https://login.microsoftonline.com/common/oauth2/v2.0/logout?post_logout_redirect_uri=mysite

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  2. Azure B2C Support for Notification through mobile app and Verification code from mobile app verification methods

    Its very strange that all the verification methods available in Azure Multi-Factor Authentication is not there in B2C.

    Is there a roadmap to bring in it ? Many clients are moving to different providers only because of the lack of this ..

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  3. Custom attributes back in the claims

    Is it possible to get Custom attributes back in the claims of the id_token returned by the ROPC policy

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow userid to be anything , can be email id , Phone # , member id etc.

    Allow userid to be anything , can be email id , Phone # , member id etc.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  5. Work natively with ValidateAntiForgeryToken

    Plugging in ADB2C to an existing MVC website breaks all of the forms that should use ValidateAntiForgeryToken attributes.

    Whilst the work-around is relatively easy, it should support it out of the box by exposing the additional claim type.

    A claim of type 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier' or 'http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider' was not present on the provided ClaimsIdentity. To enable anti-forgery token support with claims-based authentication, please verify that the configured claims provider is providing both of these claims on the ClaimsIdentity instances it generates. If the configured claims provider instead uses a different claim type as a unique identifier, it can…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  6. https

    I'm using Azure B2C directory and Azure functions. B2C is only allowing HTTPS callbacks. Which is a bit too strict. There is one usecase where it is not necessary:

    I have a single web page application and the token is returned using html anchors. (#hash). The connection to B2C is under https, so as the redirect directive when the authentication was finished.
    Then the next GET won't include the part of the URL after the #, so it will never leave the browser, only the app could read it (then redirect away from it).

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  7. Retrieve / pass through the profile data from the identity provider's profile

    If attributes also available in Azure AD B2C are set in the identity provider's profile, copy them to the Azure AD B2C profile. E. g., the address set in the Google profile.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  8. Proceed with Sign-up if clicked on Sign-in and no account exists

    Currently, if the user clicks on Sign-in and use Facebook/Linkedin, if no account is found, there is a generic server error returned back to the website.

    Ideally, the system should display a more meaningful message or even proceed with the sign-up instead.

    Sign-up if the account is already in the system, works better, as the correct message is displayed.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  9. Ability to submit current access token to Edit policy

    I'd like to be able to launch the Edit policy without being prompted for user name and password again, by passing in a current access token. Right now (using the MSAL in a Xamarin app) the user has to re-authenticate just to update their personal info.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  10. Show help when adding an identity provider to the microsoft docs

    When adding an identity provider, there is no help provided to get started... this, for newcomers, should definitely be provided... there are docs on microsoft docs, but no direct link from the portal.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  11. Global Admin in Org AD Manage B2C AD without secondary admin account

    I have been trying to build an admin portal with auth in Org AD and a public facing website with auth in B2C. The admin portal would allow me to manage users directly in the B2C directory. However, I am unable to find a way to do this without having to have, yet another, username and password combination for the B2C directory.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  12. AADB2C: Allow for authentication at the social media provider only

    ACS currently allows you to use a social media provider to authenticate the user without having an AD account. In B2C you cannot authenticate a user who has not also an AD account in B2C.

    This makes certain registration processes difficult, for example if you have a registration-by-invitation-only process.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  13. ADB2C Apply Sign-Up Attributes per Provider, not per entire Policy

    You can select the attributes you want at sign-up in the policy, awesome. BUT, it applies this to ALL providers that are associated with that policy.

    I want certain attributes to apply ONLY to my Email sign-up and different attributes used on 3rd party sign-up. Please separate these attributes out per provider.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  14. Azure B2C: [BUG] Encoded user attribute descriptions are showing in UI

    The user attributes descriptions on the Select signup attributes blades are showing the strings encoded in the UI. For example, the apostrophe is showing up as ' in the field. See attached.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  15. Support WebAuthn and FIDO2

    Add support for the WebAuthn and FIDO2 Standards for passwordless authentication. The support for these Standards, permits you to login using your phone's biometric sensors (fingerprint, Windows Hello, Face ID) or your hardware authenticator.

    More information: https://webauthn.guide/

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  16. Outbound sync

    Provide the capability to sync users & their passwords on an ongoing basis from Azure AD B2C into an external systems (CRM, etc.).

    0 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
1 2 22 23 24 26 Next →
  • Don't see your idea?

Feedback and Knowledge Base