Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Azure AD Portal - Ability to search devices using "OWNER" on Search devices window

    [Azure Active Directory] - [Devices] - [All devices] - [Search devices]

    Currently, only "NAME" can be used when searching.
    Please add in the Search devices window the function to search by more criteria (ex: OWNER, etc).

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  2. MyApps Approval Request approval link

    The link "Go to My Apps" should point at the application and the correct tenant where the approval was made. ex. https://account.activedirectory.windowsazure.com/r?tenantId=1d063515-0000-4195-9486-ea65df434faa/applications

    If the approval was made from a Azure B2B partner it doesn't make much sense to take the user to the users default directory

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  3. 4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  4. Send notification to all Office 365 Group owners when one renews the Group

    The renewal notifications prior to Office 365 Group expiration are great! When there are multiple Group owners, all the owners receive the notifications. So far, so good. Now, if one of the owners decides to renew the Group, wouldn't it be nice if the other owners would receive a message that this particular Group has been renewed by person X?

    Saves time for the other owners, and, more importantly, when one or more owners believe the Group should expire, all the owners can at least have a discussion before the next expiration cycle.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  5. Myapps self service approval flow

    Today approves get email to approve request.
    But there is no possibility for approves to see history.

    It also might be worth having an option to send email to approves once an approver have approved/denied a request.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  6. Azure SSO access panel extension

    Azure Access Panel extension needs to be more usable, make it an app instead of a browser extension. This would make work more universally with cloud software. The extension no longer works with FireFox, and as browsers change this is more likely to happen.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  7. Create sample code for a customized landing page for Azure AD applications

    The MyApps portal isn't customizable enough (many requests to improve this). Why not create and share sample code so customers can imbed Azure AD applications into their OWN landing pages?

    30 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks so much for the feedback! Customizations of the My Apps portal for both end users and admins are on our roadmap. This includes providing the ability to re-arrange and group apps and as well as using a customizable domain.

    Alongside this, we are looking at ways to expose these capabilities through APIs that allow customers to create their own version that meets their needs.
    Please keep sharing feedback and ideas!

  8. Support to show contents on AD Login Page coming from CMS like Sitecore

    I am talking about content published from a CMS like SiteCore like
    News or announcement item which can come up as a fragment on the AD Login page.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  9. Correct behavior when Seamless SSO fails, so that the cursor is placed into password field.

    Currently when Seamless SSO fails (example: due to signing on with a different user account than current), the cursor is placed into the username field rather than password. This typically then ends up having the user starting to type their password in clear text into the username field. This is especially a problem when sharing your screen with others, shoulder surfing, etc.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  10. Support substring searches for groups in myapps.microsoft.com

    When a user goes to myapps.microsoft.com and wants to join a group. The search query does not allow for partial names to be searched. A user needs to know the starting name for the group. As an example: a group named "Product and Service Management" if a users does a search for "Service" or "Management" the group will not display. The user would need to search for "Product" for the proper result to be returned. This search experience does not seem to be consistent with the other areas of myapps such as searching for groups you below or own or…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  11. Send out an email when users gets assigned to application

    I have been migrating our 100s of applications to Azure from an OpenAM SSO solution.
    When a user gets added to an application in Azure. It would be a great idea that the users gets an email stating that they have been added.
    If users can get alerts that a new application has been added for access, that would help with end user confusion.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  12. Source of Authority in user overview page should show same info as Source in user profile

    In New Azure Portal it would be of more use if
    Azure Active Directory -> Users and Groups -> All users
    page column "Source of Authority" would show that same value as in
    Azure Active Directory -> Users and Groups -> All users -> <click a user>-> Profile and field Source

    Ps. This works better in Azure Classic Portal. Ds.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  13. Application Management In Access Panel

    There are some issues, with the way apps are presented to the users in the access panel, this would bring the access panel experience up to par with equivalent 3rd party application portal apps.


    1. Please allow the administrative removal of any O365 application from a group of users in their Access Panel Application, even if they are licensed for a O365 product we dont necessarily want to have it display on a users access panel. e.g. Delve - we dont want the user to not have Delve access but we dont necessarily want the app linked on their access panel.

    24 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks so much for the feedback! Customizations of the My Apps portal for both end users and admins are on our roadmap. This includes providing the ability to re-arrange and group apps and as well as using a customizable domain.

    We’ve also recently add a few new features to allow you to better manage the visibility of apps on My Apps. You can now hide specific third party applications and as well as the set of Office applications. Learn more about it here: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-coreapps-hide-third-party-app

    Please keep sharing feedback and ideas!

  14. No photo available in myapps application panel

    The AAD Application panel is making use of the AAD thumbnailphoto attribute. In most environments this is a different photo as the O365 photo.

    It would be a good end user experience to provide AAD admins functionality to configure which photo can be used: O365 photo (can be set with Outlook web, Skype or Delve) or the AAD photo (which can be synced from AD on prem and is also current behavior).

    The other option would be to provide an option to sync O365 photo to AD on prem, which then would sync back to AAD. Less preferred in my…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  15. Provide a better end user message for "We received a bad request" or AADSTS50105 message when user doesn't have permission to an application

    When using SAML-based SSO within Azure via a built-in app, or a custom non-gallery application, the error message that end users receive when they are not in a group that provides access is confusing.

    Users could attempt to access the application if someone sends them the "User access URL", and the message that they receive is the following:

    "Sorry, but we’re having trouble signing you in.
    We received a bad request."

    In very, very small text at the bottom of the screen, it says:
    "Additional technical information:
    Correlation ID: XXXXX
    Timestamp: 2017-08-10
    AADSTS50105: The signed in user 'user.name@contoso.com'…

    15 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  16. application panel

    App icons in the application panel of Azure AD:
    - Grant admin and or user possibility to put applications in folders or organize them in a smart way
    - Possiblity to "hide" and "unhide" icons.
    - Possibility to categorize them, for example: Enterprise applications, BU specific applications, etc

    12 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks so much for the feedback! Customizations of the My Apps portal for both end users and admins are on our roadmap. This includes providing the ability to re-arrange and group apps and as well as using a customizable domain.

    We’ve also recently add a few new features to allow you to better manage the visibility of apps on My Apps. You can now hide specific third party applications and as well as the set of Office applications. Learn more about it here: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-coreapps-hide-third-party-app

    Please keep sharing feedback and ideas!

  17. My Apps portal getting crowded with Published Apps

    The Azure My Apps portal is getting crowded with Published Apps and there is no way to customize the look and feel. It would be nice if the portal allowed better oganization/customizations of the published apps where you could move around apps, hide apps, put apps into a folder structure, etc....

    18 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  18. Make knownClientApplications manifest property work across tenants

    As described in Vittorio's book (https://www.microsoftpressstore.com/articles/article.aspx?p=2473127), the 'knownClientApplications' property only works for API and client that are published in the same tenant directory.

    We offer a multi-tenant API that is consumed by app teams and ISVs that publish their APIs in a different tenant. Our and their applications are branded completely different.

    Forcing tenants that subscribe to the SaaS applications published by these teams to go through two consent flows is really ugly.

    Making the 'knownClientApplications' property work across tenants would solve this problem cleanly.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  19. Force Azure Active Directory Join Out of Box Experience

    The device is to be provisioned to a corporate user but will not be joined to the on-premises Active Directory. There should be a provisioning package option to force the user to join the device to Azure Active Directory rather than presenting other options that leave the machine in workgroup mode or given the option to join the on-premises domain.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  20. Have one portal

    There are too many portals for administrators and end users. Users can be confused by the myapps.microsoft.com and portal.office.com/myapps pages. Each of these pages provides a different end user experiece. Administrative portals are a nightmare. Trying to provide temporary MFA code for a user involves going thorugh multiple portals to get to the appropriate area, and the user experience for this is still not clear.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base