Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow multiple WS-Fed assertion endpoints

    [ADFS to Azure AD App migration]

    Azure AD only supports (1) one of these today.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  2. How to export NSF file from Lotus Notes?

    Choose a smart tool which can perform the entire process of NSF data exportation from Lotus Notes. eSoftTools NSF to PST converter software is one such organization. The user can see entire database on the screen in a layout which is easily readable. It does not require MS Outlook installation to provide best results. A free demo edition is also offered to all users. This tool works well with all editions of IBM Lotus Notes and MS Windows OS. Each element of the mailbox can be restored without structural changed
    • Simply select .nsf file and then elements which are…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  3. *Workday to Azure AD UPN attribute our requirement is upn and email should create like this firstnamefirstletterandlastname@domain.com.au

    *Workday to Azure AD UPN attribute

    our requirement is upn and email should create like this firstnamefirstletterandlastname@domain.com.au
    for Example

    Firstname : Sam
    lastname :Dood
    upn should like this sdood@domain.com.au
    With the help of an expression its creating no issue.

    Issue is if we have a duplicate user and if the upn already exist in Azure AD ,based on our expression user is not provisioning .Not sure the expression is correct.
    we need to create upn based on this requirement firstnamefirst2letterandlastname@domain.com.au

    for example Samson Dood
    First Name : Samson
    Last Name :Dood

    UPN should create like this : sadood@domain.com.au

    Please provide…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add Support for Replacing the text in attribute

    lets assume that user email is "xyz@abc.com".
    condition:
    if the user email is having @abc.com then replace @abc.com with @pqr.com

    Thanks,
    Sharan

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add an APPEND transformation method to SAML claims

    I would like to append static text to the end of an attribute. The Join method has two attributes required, with a static separator. Join would work if attribute #2 was not required.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  6. User.Manager and User.Mobile User claims

    Can we please add more User Claims? Reporting Manager and Mobile number are pretty important to us.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add support for more Regular Expressions as part of the SAML

    With the claims that are being issued currently it is immposible to accomplish things like stripping leading 0 values from an attribute. As an example if the EmployeeID field holds 001234 then I could use Extract After Matching set to 0 and it would return 1234 as expected, but if that come across the employeeID of 120345 then the result is 345 rather than 120345.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add support for Chrome OS

    We need users access Exchange only from Android and iOS. In Conditional Access rule, "Any device" is selected and grant access only if user access from "Approved Client App". But users are able to access email from Outlook in Chrome OS. As per Microsoft, neither conditional access nor Approve app support Chrome OS. So users are able to access emails from Chrome OS.

    Can Chrome OS support be added as part of Conditional Access rule? This is a major security threat for us as we are finance.organization.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  9. Dynamics System Admin managed by PIM

    Add the System Admin role from Dynamics to be a role that can be managed by PIM.
    Currently the Dynamics 365 Service Admin isn't fit for purpose as you still have to be granted System Admin rights by a GA to properly use the role. Either expand this role so it is automatically a System admin in the Dynamics instances or make the System admin role manageable by PIM

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow encryption of ADFS SAML claims to AAD, using self-owned certificate.

    I would like the SAML claims sent from O365 RP encrypted by a self-owned certificate. The problem I see is that there is no way for AAD to decrypt the claim. Please when can this feature be supported?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  11. Descriptive error message when reached redirect limit URLs

    The current error message when I exceed more than 20 redirect URLs is misleading and doesn't tell the real problem.

    A message saying "You reached the limit of allowed redirect URLs of 20." would be more informative.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    need-feedback  ·  0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  12. Multiple accounts on AWS integration with Azure AD

    The article for AWS integration with Azure AD doesn't talk about adding a couple of attribute manually to map the role and provider roles in AWS.

    https://blog.flux7.com/aws-best-practice-azure-ad-saml-authentication-configuration-for-aws-console

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  13. O.S as SaaS

    I know Microsoft is giving current O.S as a per license purchased or with device,but this is limited to windows machines.Now a days multiple O.S platforms are released and not all of them... so hoping to get subscription for O.S and can be assessed as Azure content and save all my work required from any OS, without installation using parallels or Boot Camp.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  14. Update instructions to integrate sales force

    Customer reported instructions to integrated salesforce must be updated.

    Hi Andres,

    I was able to resolve the issue earlier today. In addition to the URL, there were three things that had to be done:

    In Salesforce, the SAML identity type must be set to Federation ID.
    In Salesforce, the Azure username must be placed in the Federation ID field.
    In the Azure application, in the Single Sign On settings, a claim must be added with the name FederationIdentifier with a value of user.userprincipalname.

    The MS support case may be closed, but I would suggest an update to the instructions. From…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  15. Please create Application tutorial for user provisioning in bluejeans network accounts

    Please create Application tutorial for user provisioning in bluejeans network accounts

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  16. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  17. Providing compliance information about gallery apps(e.g. HIPPA / PCI compliance)

    e.g. HIPPA compliance status, PCI compliance status, etc.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  18. Can the default sync interval from Azure AD to the SaaS application which is 20 mins, be modified? If yes, how?

    The default user identity sync interval between Azure AD and SaaS app (example: salesforce) is 20 mins. This default value should be modifiable.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  19. Need a way to provide group memberships during account provisioning

    We have created a custom app with no SSO and only account provisioning enabled. We have implemented a web service exposing SCIM (2.0) endpoints Our web service gets the users and groups. But the user objects are missing 'groups' SCIM attribute (memberof). And while the group objects have the attribute 'members', it is empty.

    We need a way to get group memberships of users.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  20. SaaS Account Provisioning Activity report is not record

    SaaS Account Provisioning Activity report is not record for BOX
    But Sales Force is Recorded completely.
    Google is not record this report.

    I hope the common specifications of the report
    This log is important for support to solve the problem of provisioning

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base