Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Don't display sign up fields before email is verified

    For local accounts the user needs to verify their email but users fill out all fields on the form before clicking the Send verification code button. All fields below the Send Verification code button should not be displayed until after the email verification process is completed.

    23 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add a Keep Me Signed In capability for B2C

    Allow a user to click a KMSI check box which would set a persistent cookie that allows users to bypass authentication the next time they visit the site.

    23 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  3. merge social and local accounts with the same email address

    Identify an attribute as a unique identifier (lets take email address here) When a user signs up with social or local account, check if the email address already exists, if yes log the user instead of creating a new account.

    23 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow User to Enable/Disable Multifactor Authentication

    It would be nice if we could allow users to decide whether they would like to always use multifactor authentication when logging into their B2C account.

    This means enabling or disabling it on an user by user basis instead of always enabling or disabling it on a policy basis (although I still want to do that also, especially for signup).

    23 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add Apple as an identity provider

    Apple is going to REQUIRE apps to offer "Sign in with Apple" as an option if other identity providers are available in the app: https://9to5mac.com/2019/06/03/sign-in-with-apple-requirement/

    Please add Apple as an available B2C identity provider ASAP so we can begin testing.

    22 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  6. Azure AD B2C - Support delayed verification

    Quoting from https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-reference-disable-ev "Some application developers prefer to skip email verification during the sign-up process and instead have consumers verify the email address later. To support this, Azure AD B2C can be configured to disable email verification. "

    Fully agree with this bit - it may lead to drop-offs if we enforce verification while the user is signing up. However, a delayed verification is definitely important to eventually trigger verification. The documentation does not really cover if the delayed verification is something B2C would support at a directory level, or will it be completely bespoke? After posting on the AAD…

    22 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  7. Make it Easier to Pass claims into a Policy

    While it is possible to pass claims into a policy, it is too complicated IHMO.

    Please simplfy this process! Thanks!

    Reference: https://stackoverflow.com/questions/46984166/sign-up-policy-set-user-attributes-through-code

    22 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  8. Increase Activity Log Retention Length (7 days to 30 or 365)

    Currently, Activity Logs are only retained for a rolling 7 days for Azure AD B2C. With Azure AD, this is either 7 or 30 days based on the SKY of Azure AD being used (https://docs.microsoft.com/en-us/azure/active-directory/active-directory-reporting-retention). Since these SKU's don't exist for Azure AD B2C, everything appears to be considered Azure AD Free. 7 days of activity data is insufficient for troubleshooting. Exporting this data and ingesting it elsewhere it is one option, but this is additional complexity that should be unnecessary. Please provide an option to extend the retention to at least a month. A year would be…

    22 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  9. B2C Block sign in for social accounts

    Currently it is possible to select "Block sign-in" for a local account in a B2C tenant. When using a social account, this functionality does not work. However the selection is available for social accounts, which implies that it should work.

    We would like to be able to block access to a user for a specific user using this setting so that the workflow for social and local accounts is identical. I understand that the user is still able to successfully log in to the IdP, but he should be blocked for using the applications associated with that B2C tenant.

    22 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  10. Revoke the refresh token when user run the password reset policy

    We think that it's necessary to have the refresh token revoked when a user reset the password with the reset password policy or when he changes it with a specific form based using Graph API, in order to stop the possibility of using the app from another device (which may be stolen or lost, ...). It's a critical point for us.

    22 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  11. Azure AD B2C Data Residency for Canada (or other regions)

    Add data residency on a per-region basis, we are restricted from storing user data within US regions.

    21 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  12. Support On-Behalf-Of flow in Azure AD B2C

    Add support of On-Behalf-Of flow in Azure AD B2C. It is written that this flow is not supported in Azure Ad B2C, but I think this is a very common scenario when we add a authenticate code in our app.
    https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-access-tokens

    21 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  13. B2C Custom SMTP Email Provider

    Emails for email verification and password resets are from Microsoft (msonlineservicesteam@microsoftonline.com) on behalf of the organization. Allow emails to be sent from the organization’s email domain. Whether this is through SendGrid or by any other means. We use Office 365, at least allow this scenario to work as I’m already logged into Azure to configure all this with my Office 365 account.

    21 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  14. Provide language support for Right-to-Left languages

    Add right-to-left languages to the supported list of languages in B2C and intelligently choose to lay them out right-to-left when selected.

    21 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  15. Trim whitespace in input boxes on all UI pages

    As an example, during signup if "username@email.com " is typed, the interface will present an error and will not allow the user to create an account until the whitespace is deleted and the input reads "username@email.com". This should be automatic (as it is standard practice).

    21 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  16. Return social IdP's native access tokens back to the app

    Return social IdP's native access tokens (for e.g., Facebook access tokens) back to the app.

    21 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  17. Outbound IP range for RestfulProvider technical profile to allow IP Whitelisting

    The issue is that B2C outbound calls can come from any of the Azure IP Addresses documented here : https://www.microsoft.com/en-us/download/details.aspx?id=56519 It is unrealistic to whitelist every single one of them in target APIs. Please provide a narrowed down source IP range for these outbound calls.

    See also: https://github.com/MicrosoftDocs/azure-docs/issues/46544

    20 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  18. Default Country in Azure B2C Registration

    It should be possible to default the country (and other information) in the Azure B2C registration so that a new registration is part filled with the correct information for a user.

    19 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  19. Requesting user consent when acquiring access token with permissions

    When requesting permissions against a web resources we should be able to show a screen to the user, asking for his consent.

    19 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  20. Provide a sample that shows how to use Angular2 with Azure AD B2C

    We want to create a SPA app using Angular2. We want to integrate it with Azure AD B2C and a sample would be useful to get started

    19 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base