Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. letsencrypt integration

    enable lets encrypt integration for custom domains in Azure Application Proxy.
    this reduces the cost and process effort of the certificates.

    14 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  2. App Proxy - Multiple Internal Urls attached to External urls

    Azure AD App Proxy enables hostname url's to work when browsed via Intune Managed Browser or with the MyApps Edge plugin (from Microsoft Store).

    This requires you to publish an application with the hostname https://contoso and a second application with the FQDN https://contoso.internaldomain.com

    This leads to you having 2 published tenantname.msappproxy.net external URLs.

    It would be better if multiple internal URL's could be attached to 1 external URL

    Perhaps this could be implemented under Azure AD >App Registrations, like custom homepages?

    Thanks

    14 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow ADFS equivalent of "Windows Account Name" incoming claim (domain\username) transform to outgoing Name ID claim in Azure SAML SSO

    I can easily transform domain\username to Name ID from ADFS using the "Windows Account Name" incoming clam. I can also easily transform claims other than Name ID in Azure SAML to join(user.netbiosname\user.onpremisessamaccountname) to achieve the same thing, but this is not permitted for Name ID. This would allow better legacy compatibility for those trying to vacate ADFS to rely solely on Azure AD SAML SSO.

    13 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  4. Azure AD Application Proxy wildcard app supporting both http and https for internal URL

    I’m trying to publish a huge number of internal applications using wildcard app over Azure AD Application Proxy. Some of the internal applications are available over HTTP, some over HTTPS and some do a redirection from HTTP to HTTPS. All the internal apps must be published over HTTPS.
    Now I have found some “complex” workarounds for this scenario, but I’m wondering, if you could add a functionality to Azure AD Application Proxy that helps me to achieve the mentioned goal with using one Azure AD Application Proxy app easily?

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  5. Please support Group Managed Service Accounts for Azure AD App Proxy

    Please support Group Managed Service Accounts for Azure AD App Proxy. Without it we have to manage the Kerberos Constrained Delegation Settings for each App Proxy Connector separately. A misconfiguration at this setting has a fatal security impact so we would really appreciate to do it once per connector group.

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  6. Dynamics NAV mobile app support for Azure AD Application Proxy

    The Dynamics NAV mobile app cannot login to a Dynamics NAV server which is behind Azure AD Application Proxy, you'll just receive a "Could not connect to the server" prompt from the app.

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  7. http2 application proxy

    Add support for http2 in the frontend of the application proxy

    10 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  8. Support javascript or AJAX refresh calls, without triggering a CORS violation after session token timeout

    When using AAD pre-authentication with Application proxy, users are first redirected to log in to AAD. Once logged in they are assigned an access token with a default lifetime of 1 hour. When this token is valid, the users are granted access through Application proxy. Once it expires, they are redirected again to authenticate.
    In applications that have complex logic (for instance using javascript or AJAX calls to refresh data on screen), this redirect may trigger a CORS violation on the AAD login site and will cause applications timeouts.

    10 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    planned  ·  1 comment  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add the ability to temporarily block a published app (published with an AAD Proxy) during its maintenance hours

    We start publishing our on premise web applications into MyApps with Azure Active Directory proxies. But our applications have weekly or even daily maintenance operations. In this case those apps are not working. It will be great if we can grey out an application during specipic periods on myapps to make sure we won't have any issue with our users. The idea would be to gray out the application for the end users during a given period so that they can not launch it from Myapps.

    10 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  10. Azure Active Directory's Application Proxy and load balancer

    How this is going to work if web servers are being behind load balancer (like a BIGIP F5 ). Thanks.

    9 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  11. Support for accessing Android Office Apps over Sharepoint onprem through Application Proxy

    Word file should able to be opened on Android Mobile device when we access the sharepoint site via AAD App Proxy

    9 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  12. Enable X-Forwarded-Host in Response

    Enable X-Forwarded-Host in Response as a configuration option:
    X-Forwarded-Host=<FQDN of reverse proxy server>

    8 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  1 comment  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  13. Manage Azure AD App Extension properties from AAD or Intune

    Hi,

    I would like to have the ability to control the Azure AD Proxy Extension properties from a central place perhaps Azure AD Portal or Intune CSP policy. It should be possible to define the policy to target a specific group of users or All users.

    Currently I have a need to disable the "Company internal URL redirection", which can only be done for on the PC for each users and needs to be done in both Edge and Chrome.

    https://blogs.technet.microsoft.com/applicationproxyblog/2018/05/04/access-panel-extension-for-application-proxy/

    Peter Selch Dahl
    Azure MVP

    8 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  1 comment  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add the ability to prioritize Azure AD Application Proxy Connectors that are part of a Connector Group (priority load balancing)

    That way a primary or preferred host that has a connector that is part of a connector group installed can be leveraged. This would help in situations when hosts having connectors installed are geo-diverse (active disaster recovery site), as well as when connectors are associated with applications with an active/standby model (in which case it is not desired that the passive node serve requests unless the primary node is down).

    8 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  15. Make Azure Application Proxy available in South Africa North Region

    Make Azure Application Proxy available in South Africa North Region, latency is just to high when you have your connector server running on premises. US is 250ms + and Europe is 150ms +. With this kind of latency application proxy will just be to slow to use in South Africa.

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  16. Make Application Proxy an Azure SaaS Option

    If I want to deploy an internal web app into Azure and secure it using Application Proxy, I need to deploy two Windows Server instances alongside it.

    Why is a managed Application Proxy not something that can be switched on in a VNet in a similar way to Google's Cloud IAP?

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow Alert Creation for Azure Application Proxy Service Health

    Allow Alert Creation for Azure Application Proxy service health under the Service Health blade like the other services.

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  1 comment  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  18. Apply access control on Application proxy regardless of pre-authentication method set

    Apply access control on Application proxy regardless of pre-authentication method set. As current behaviour user assignment only takes effect if you select Azure Active directory as the pre-authentication option and restricts access to the application depending on the users or groups that have been assigned. If you choose PassThrough as the pre-authentication option it does not use the assignments and therefore you cannot control access.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  19. AD Application Proxy: Support for subdomains

    Please add the ability to support apps that have a subdomain in the URL. Or ability to add subdomain as an available domain in the drop down list.

    for Example

    app1.myapps.domain.com

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  1 comment  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  20. Azure AD App Proxy support for "Provider Hosted App" and passing "Query String" to Provider Hosted App

    Support for publishing "Provider Hosted App" and passing "Query String" to Provider Hosted App using the Azure AD App Proxy.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  2 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base