Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

How can we improve Azure Active Directory?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Provide a better end user message for "We received a bad request" or AADSTS50105 message when user doesn't have permission to an application

    When using SAML-based SSO within Azure via a built-in app, or a custom non-gallery application, the error message that end users receive when they are not in a group that provides access is confusing.

    Users could attempt to access the application if someone sends them the "User access URL", and the message that they receive is the following:

    "Sorry, but we’re having trouble signing you in.
    We received a bad request."

    In very, very small text at the bottom of the screen, it says:
    "Additional technical information:
    Correlation ID: XXXXX
    Timestamp: 2017-08-10
    AADSTS50105: The signed in user 'user.name@contoso.com'…

    13 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  2. AADDS: Make it possible to move Users synched from AAD to other OUs then "AADDC Users" OU

    Putting all Users/Serviceaccounts synched from On-Prem AD in one OU is a little bit confusing...

    11 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  3. Implement the ability to join Mac OS X to Azure AD

    It would great to have the ability to allow Mac OS X users with the ability to join Azure AD.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add sort and search to group member management

    When managing group members in Azure AD there is no way of sorting the members or searching for them. At the moment the members appear in a random order, not in alphabetical order. Please add sort and search options to group member management

    11 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  5. The Password-based SSO Extension should inactivate the option of saving passwords in the browser.

    The Password-based SSO Extension "My Apps Secure Sign-in Extension" should inactivate the option of saving passwords in the browser.

    Currently, any user can just save the passwords in the browser. Edge is manageable but Chrome, FireFox and Internet Explorer as supported browsers for the extension should inactivate the password manager.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  6. application panel

    App icons in the application panel of Azure AD:
    - Grant admin and or user possibility to put applications in folders or organize them in a smart way
    - Possiblity to "hide" and "unhide" icons.
    - Possibility to categorize them, for example: Enterprise applications, BU specific applications, etc

    10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks so much for the feedback! Customizations of the My Apps portal for both end users and admins are on our roadmap. This includes providing the ability to re-arrange and group apps and as well as using a customizable domain.

    We’ve also recently add a few new features to allow you to better manage the visibility of apps on My Apps. You can now hide specific third party applications and as well as the set of Office applications. Learn more about it here: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-coreapps-hide-third-party-app

    Please keep sharing feedback and ideas!

  7. Have one portal

    There are too many portals for administrators and end users. Users can be confused by the myapps.microsoft.com and portal.office.com/myapps pages. Each of these pages provides a different end user experiece. Administrative portals are a nightmare. Trying to provide temporary MFA code for a user involves going thorugh multiple portals to get to the appropriate area, and the user experience for this is still not clear.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  8. ServiceNow Enterprise App: Add funtionality to provision AAD Photo attribute to ServiceNow photo

    Currently many attributes can be provisioned in a ServiceNow Azure Enterprise app, but AD Photo is not an option. That would a great thing to be able to.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  9. About guidance in Microsoft Azure sign-in page

    I wants input guidance for the information boxes in Microsoft Azure sign-in page.
    It is difficult to understand to input each information boxes in it.

    For example, like the following link, Please add of help page in Microsoft Azure sign-in page.

    Sample:
    Register your Azure AD subscription : Step 2 to 6
    https://technet.microsoft.com/en-us/library/dn832618.aspx

    Or, Please add input guidance for the information boxes on Microsoft Azure sign-in page.

    <Japanese>
    Azure サインアップ画面で、各入力項目に何を入力してよいかわかりにくいため、
    以下のようなヘルプページの設置、もしくはサインアップ画面上でのガイダンスの追加を希望します。

    サンプル:
    Azure AD サブスクリプションの登録:2~6番
    http://technet.microsoft.com/ja-jp/library/dn832618.aspx

    9 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  10. Stop referring to ”Your admin” as someone almighty

    Various Azure AD services have information pages that say “Please contact your admin” or “ Your admin has required that you setup this account for additional security verification”

    Usually there is some kind of helpdesk users turn to for help and its usually not a admin that mandates security requirements. It´s an organizational thing.

    Just rewrite them to “Please contact your helpdesk” and “You organization has required that you setup this account for additional security verification”

    The average user probably have no idea what an “admin” is. They have a hard time understanding the term “MFA” :)

    Please see examples…

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  11. Correct behavior when Seamless SSO fails, so that the cursor is placed into password field.

    Currently when Seamless SSO fails (example: due to signing on with a different user account than current), the cursor is placed into the username field rather than password. This typically then ends up having the user starting to type their password in clear text into the username field. This is especially a problem when sharing your screen with others, shoulder surfing, etc.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  12. stop signing me out!

    When you put the new design into effect, i can no longer stay signed in. Please fix this! It gets really annoying to have to sign in every time i want to check my email on my own device

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  13. Send notification to all Office 365 Group owners when one renews the Group

    The renewal notifications prior to Office 365 Group expiration are great! When there are multiple Group owners, all the owners receive the notifications. So far, so good. Now, if one of the owners decides to renew the Group, wouldn't it be nice if the other owners would receive a message that this particular Group has been renewed by person X?

    Saves time for the other owners, and, more importantly, when one or more owners believe the Group should expire, all the owners can at least have a discussion before the next expiration cycle.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow per-device credential management in iOS for WAAD accounts

    I currently have +10 Microsoft developed apps towards Azure and Office365 on my iPhone. I also employ MFA for my account. On average I have to perform the sign-in flow 4-6 times per week on my personal iPhone for the various apps. E.g. OneNote has updated, have to log in again. OneDrive needs to re-login with my LiveID and OrgID. I just re-authenticated in OneNote, but opening PowerBI immediately after repeats the login flow. I just MFA authenticated in the Groups app, but switching to OneNote starts another auth process.

    For a regular end-user this makes the use of the…

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  15. Smart Lockout For Full Azure users is mandatory

    We Implement Azure AD and Intune in our organization 600+ users some of them on hybrid and some of the Full AD join.

    RIght now from a security perspective, there is an issue with SmartLockout feature, users can't be locked according to Microsoft support, in case they try to sign in with a bad password to their computer, which is very bad in case someone from outside will try to access company resources.

    the answer was that it can be work only if we will disable user cache credentials and then in case of user don't have network access he…

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  16. Delivery of One-Time Password (OTP) over SMS

    The new One-Time Password (OTP) functionality delivers the OTP to the external user using the email address originally configured for the user. Would it be possible to add functionality that will allow the OTP to be delivered optionally over an SMS message as well?

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  17. Would this work with Ceridian Dayforce to automate user provisioning, changes to role based access base on job title?

    Would this work with Ceridian Dayforce to automate user provisioning, changes to role based access base on job title? We would like to automate the provisioning and changes to user account in AD based upon their job status, change title, manager, etc. in Ceridian Dayforce. Does this product integrate with Ceridian Dayforce?

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  18. Vector graphics as custom branding

    Azure Ad, Intune MDM and Company Portal are made to work on multiple devices, operating systems, resolutions and screen sizes. A single png as custom company branding is not. It looks bad (blurry, blocky, aliasing) when viewed on smaller devices, and if site scaling goes beyond 100% in the web browser.

    Please add the ability to use vector graphichs (SVG) when setting custom branding.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  19. Profile picture not displaying when sigin in with Microsoft account (@live.*, @outlook.*, @hotmail.*)

    Profile picture not displaying when sigin in with Microsoft account (@live.*, @outlook.*, @hotmail.*)

    But all other AD, @microsoft.com, @custom.tld are displaying the correct profile pic

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  20. Display list of connected domains when creating new user

    It would be nice to have a drop-down list of available domains when creating a new user in Azure AD just like we have at portal.office.com.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base