Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Azure AD App Proxy support for "Provider Hosted App" and passing "Query String" to Provider Hosted App

    Support for publishing "Provider Hosted App" and passing "Query String" to Provider Hosted App using the Azure AD App Proxy.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  2 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  2. Make Azure AD Application Proxy Service available in Middle East/Saudi Arabia region

    Our users / connectors are located in Saudi Arabia, but the Azure AD Application Proxy endpoint is in US. This causes a huge delay. Please make Azure AD Application Proxy Service available in Middle East/Saudi Arabia region.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow MFA functionality while Publish Cloud Printers

    While running Publish-CloudPrinter, MFA is blocking the ability to complete. MFA prompting through the Microsoft app should be allowed so security of the system/environment is not scarified to complete the setup.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  4. Get all sharepoint functionality supported or clearer specify what work and what doesnt or how to work around issues?

    While publishing sharepoint through guide published https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/application-proxy-integrate-with-sharepoint-server mostly works ok, we have issues accessing the SOAP api and specifically opening office documents through the rich client applications and syncing document libraries. I have some fiddler traces of the traffic flow with and without app proxy and I think it breaks on accessing /sites/sp/ourinternalsitename/vtibin/cellstorage.svc/CellStorageService It works by using the local/on-premise url so sharepoint should be working correctly. Is this a supported scenario that's supposed to work?

    Documents work when we open through a passthrough published office online server / web apps server and edit online, but the functionality on…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add support for other encodings in URL Link Translation like ISO standard 8859-1

    Consider adding support for other encoding types in URL Link Translation feature as this will make it easier to adopt the feature.

    Ex. ISO standard https://en.wikipedia.org/wiki/ISO/IEC_8859-1

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  1 comment  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  6. Apply access control on Application proxy regardless of pre-authentication method set

    Apply access control on Application proxy regardless of pre-authentication method set. As current behaviour user assignment only takes effect if you select Azure Active directory as the pre-authentication option and restricts access to the application depending on the users or groups that have been assigned. If you choose PassThrough as the pre-authentication option it does not use the assignments and therefore you cannot control access.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  7. For Enterprise Applications SSO with IWA/KCD configuration in Azure provide better SPN handling for multiple back-end servers

    For Enterprise Applications SSO with IWA/KCD configuration in Azure, either add support for multiple SPNs for representing multiple back-end servers using round robin DNS, or for Wildcard Application publishing, allow the wildcard SPN in Azure to ignore the mismatched SPN on the back-end servers/application, to support multiple back-end servers, via DNS round robin.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  8. http2 application proxy

    Add support for http2 in the frontend of the application proxy

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  9. SFTP: We need options to publish other protocols than http and https

    We are trying to get rid of Citrix Netscaler and our Cisco VPN and start using AAD App Proxy. It works perfect on simple websites. Now to the problem.
    We have applications that we publish using our netscaler. In some cases they use MS SQL or postgresql.

    We also have integrations using SFTP and FTP.

    What is your solution to this or you don't want us to use AAD App Proxy for applications such as these?

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  10. Dynamics on prem

    Support / guidance for using Azure AD App Proxy for access to Dynamics 365 on prem (including Resco).

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  11. Web application Proxy on-premises Non-Responsive

    We had a recent issue with Web Application Proxy throwing an error 'Maximum no. of Kerberose Attempts exceeded' with error 12008 in WAP server resulting it in being non-responsive. A case has been opened with MS with regards to this as well. When this issue happened WAP server could not authenticate any user. Only resolution was to restart both IIS and WAP Server. This was caused due to left over ghost entries in teh ApplicationHost.config file for the winodws authentication. This issue needs to be addressed in the product as its an issue that can reoccure if the web applications…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  12. Protect on premises application(that doesnt support SAML,OAUTH or Ping Access) with application proxy and pass user attributes

    Protect on premises application(that doesn't support SAML,OAUTH or Ping Access) with application proxy such that Azure AD does authentication for user and post authentication pass user attributes as an HTTP header request to backend on premises application to identify the user.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  13. WAP trafic logs

    We are using WAP to publish many https sites and wanted to see traffic/activity logs.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  14. App Proxy for Intranet API

    We are using App Proxy for intranet API publication.
    The usage flow is below.


    1. SSO to applications SAML cooperating AzureAD.

    2. Use the SSO authentication token to hit the App Proxy API embedded in the application.

    On that basis, I am troubled below.
    · It can not be executed unless you access the API beforehand on the screen.
    I implement the following as HTML.
    <object data = "~ msappproxy.net / api /" type = "text / json" style = "visibility: hidden"> </ object>
    <input type = "button" value = "test" onclick = "postAPI ('~ msappproxy.net / api /')">
      
    · The…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  15. Allow Application Owner to have the ability to see App Proxy configuration

    Allow Application Owner to have the ability to see App Proxy configuration for the apps they own, but not apps they don't.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  16. More simple configuration between Dynamics Nav and Azure Active Directory

    Allow more simple application single sign-on between Azure Active Directory and Dynamics Nav i.e. use similar application as application proxy to create the federation between nav and azure ad.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  17. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  18. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  19. Azure AD Application Proxy Installer fails when TLS 1.0 Client disabled in registry

    When installing the Azure AD Application Proxy service on Windows Server 2019, if the SChannel TLS 1.0 Client is disabled, the Azure login window will not appear, and the installer will fail.

    This may be an issue with the Microsoft site, as the microsoft.com homepage also fails to load in IE 11 (among other sites) until TLS 1.0 Client is re-enabled.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  20. App Proxy should provide correct URL based on user location (Internal vs External)

    We have some internal applications that requre custom ports in the URL, i.e. https://webserver.company.com:8787. When using the app proxy for these types of sites, things work as expected only you're external:

    External user clicks the app in the myapps portal... They're provided with the external URL and the app proxy then grabs the website based on the internal URL and presents the pages to the user. GREAT! All works as intended.

    However, the issue comes when you're an internal user accessing the same myapps portal and clicking the same application. The app proxy determines you're internal, but still hands…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base