Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Currently there no visibility who approved the user the one time by pass from MFA User Portal and to skip the MFA step.

    Issue:-
    Currently there no visibility who approved the user the one time by pass from MFA User Portal and to skip the MFA step. Alos if Possible Please add info bar which will contain the reason of one time bypass, also How the user portal admin will verify the requested user is the real one.
    Impact:-
    The is Security loophole, there is possibility to missuse of account or this functionality with help of MFA User portal admin.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  2. Email Notifications on MFA Initial Setup or Changes

    We would love to have customizable email notifications for users that establish their MFA profile or make any changes to their settings. We cannot find an easy way to trigger this currently, and it seems like basic security functionality.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  3. Make the wizard fill the window for combined MFA and password reset registration experience in Office apps

    When an user opens an Office App (Outlook) and need to register for MFA and SSPR in the new registration Experience. The browser kiosk window is square, but the wizard is rectangular.
    Because if this, the Next buttons aren't visible without scrolling to the right site.
    Make the wizard fill the window.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  4. Please update the MFA page to just redirect to AD Premium

    I still get customers and sellers saying that there is still an option for paying for MFA against an Azure Subscription. From what I understand this is no longer available, that you must purchase AD Premium. If I am correct, please remove the MFA page altogether or update it to reflect the new pricing model and put the old pricing model in the FAQ or something.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  5. One Step Instead of 2-Step Verification

    I won't use a 2 step verification. I don't have time to be kept bothering with it every time I need to sign in. It's too time consuming, If you could make a one step verification with face recognition or fingerprint, I would go for that,

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  6. Provide support in ADAL4J library to authenticate MFA enabled user

    We are using ADAL4J library for Azure AD User Authentication, which enables a Native Client Application to do authentication using Username and Password without User Interaction. But for Multi Factor Authentication enabled Azure AD Users, Authentication is failing with AdalClaimsChallengeException with no API to provide the second factor.

    Please provide support for authenticating MFA enabled user using ADAL4J library.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  7. Text messages only works intermittently

    Half the time I‘m asked for the verification code when signing in, I never got any text message. Usually after the first attempt I have to click “Sign in another way” and choose another text message and then most of the time it will work on the second attempt. (This morning it failed to send on the second attempt as well.)

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  8. MFA records date of modification

    It would be nice to have additional details like the following when you run powershell script get-msoluser -userprincipalname user@contoso.com | FL

    -Time/date it was enabled first
    -Time/date it was last modified

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  9. Improve Azure MFA NPS extension logging

    We had an issue deploying the Azure MFA NPS extension recently as per this thread - https://social.msdn.microsoft.com/Forums/en-US/6fd88b14-8353-4eac-be42-501ce1986c11/troubleshooting-azure-mfa-extension-for-nps-issue?forum=windowsazureactiveauthentication.

    After a number of weeks trying to solve it, we ultimately had to move NPS to new servers as we could not find a solution. This was mainly because the logging from the extension is great when it is functioning relatively normally (successful logons, simple failures like missing certificates, ACCESS-REJECT messages received etc.), but for less well defined failure modes there seems to be a complete lack of useful logging.

    In the case of the above issue, we had verbose logging turned…

    9 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  10. Verification by call never succeeds on the first try

    Whenever I use the verification by phone call, it never registers when I press the '#' key. I need to hang up and have the system call me again. On the second try it works like a charm.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  11. provide a way to import OATH tokens into Azure MFA, assign them to users, and autoactivate them, in order to allow migration

    Need a way to import OATH tokens, assign them to users, and have them activated automatically, in order to allow migration from an existing system using the OATH tokens without having to manually activate each one individually.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  12. Dont require a phone call every time I sign in. I do not always have phone service and its very inconvenient.

    Do not require a phone call every time I sign in. I do not always have phone service and its very inconvenient.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  13. Generate alert MFA information updates

    Create the possibility of generating an alert for MFA information update, so admins can keep track of them.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  14. Set MFA using Azure Active Directory Powershell Module

    Add support in Azure Active Directory PowerShell module to set Multi-Factor Authentication (MFA).

    Thanks

    71 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  15. protesta

    IL programma a cui mi riferisco è il Global Advanteg della DELOITTE che
    richiede un cod from Microsoft Authenticator App ma quest'ultima
    invia un codice di otto cifre quando ne vengono accettate solo sei

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow users with MFA to login via CLI (az login)

    az login currently does not work with Microsoft accounts or accounts that have two-factor authentication enabled, see: https://docs.microsoft.com/en-us/cli/azure/reference-index?view=azure-cli-latest#az-login

    Following the idea of Infrastructure-as-Code (IaC), we pro-grammatically use `az login` to set up our infrastructure. However, we would highly prefer using user account when running such scripts manually compared to service principals:
    a) Audit logs on Azure should show *who* (= real user) triggered infrastructural changes
    b) MFA-backed accounts are more secure

    See also: https://github.com/Azure/azure-cli/issues/6962

    11 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  17. how to export lotus notes mail to outlook

    By taking the help of ATS NSF to PST Converter application you can convert single as well as multiple NSF file into PST and other file formats such as EML, EMLX, HTML, vCal, vCard, MBOX, CSV and MSG file format for the future. This tool always ready to export password protected and encrypted data in a safe manner without any hassle. It is 100% safe and secure for the conversion task. It supports cloud-based application Office365 & Live Exchange Server. Before finishing conversion it displays the preview of the recovered mailbox in a safe manner along with email, draft, task,…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  18. USE AUTHENTICATOR AS 2nd factor

    This is as classic a mind numbing and soul crushing experience as I have experienced in my 30 plus years of a Microsoft missionary . Have 4 or 5 hours to waste? look for documentation showing you how to set up logging into windows 10 on an AAD machine which triggers an authentication in the authenticator app - just admin its the most value added thing you could do and for some reason it doesn't exist - but you can do it for FREE with your Microsoft account - WHY??? PATENTLY RIDICULOUS

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  19. one time bypass from powershell

    Create the possibility to control/change One-time bypass MFA via PowerShell.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  20. MFA NPS ext - Support for Network policies via RADIUS-Challange msg via SMS & OTP

    When you have NPS extension, The problem is that when a user is using SMS or OTP, the user is not granted access based on the network policies that are defined in RADIUS server.

    This is known limitation (MS says) with NPS where the network policies are not applied for SMS or OTP Flows.

    If you use a challenge method it does not support the NAP policies. These are only evaluated during primary authentication.
    When using Radius Challenge(for SMS or OTP), the Challenge response skips primary auth and so these policies are not evaluated.

    But when the users have chosen…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base