Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Customize company branding for an application.

    We have an application hosted on our azure tenant "A" and we need to give access to users created on other tenant "B" by inviting them as guests. In the process of guest user invitation as soon as the user clicks on the invitation URL it displays the tenant branding page.

    We want to customize this page , as our requirement is to give access to application we need to project application logo there instead of tenant branding page.

    We also need to customize the invitation email.

    so please let us know if this can be achieved or not.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  2. Azure AD Portal - Ability to search devices using "OWNER" on Search devices window

    [Azure Active Directory] - [Devices] - [All devices] - [Search devices]

    Currently, only "NAME" can be used when searching.
    Please add in the Search devices window the function to search by more criteria (ex: OWNER, etc).

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  3. Myapps self service approval flow

    Today approves get email to approve request.
    But there is no possibility for approves to see history.

    It also might be worth having an option to send email to approves once an approver have approved/denied a request.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  4. SaaS Application experience

    Plugin for SaaS application (logging onto Facebook, for example) presents to install plugin. There are issues on that page, and it may not be intuitive for users.
    Also plugin on Apple Mac OSX with Firefox 45.x version did not work, even after plugin installed successfully.

    Attached is a screenshot of the issues on the page, they include:
    1: Formatting on page background shows the HTML code which it shouldn't. Looks unproffesional.
    2: when resizing the window, the context page does not re-center on the page.
    3: Report a problem Link is broken.
    4: Tip is not very intuitive for end…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  5. Searchbox for accounts in Microsoft Authenticator

    The Authenticator is great and I am using it for a lot of accounts (>30) and it would be great if you could search for an account instead of scrolling a large list.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  6. In administrative Unit, Only assigned AU should be visible to that specific scope admin user.

    In administrative Unit, Only assigned AU should be visible to that specific scope admin user.

    as i created two AUs in AAD,


    1. Sales and HR,

    i assigned only RBAC to sales AU, but that administrator have read rights on all other AUs at same time, it should be improved, only AUs visible to specific admin where rabc assigned only.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  7. There no explanation on why we are unable to see mobile number (but can see work phone number) in myprofile.microsoft.com.

    a user can see work and mobile number in webmail-->my account page. but when the user logs into myprofile.microsoft.com, only work number is shown and not the mobile number. we are unsure where this myprofile.microsoft.com syncs the data from.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  8. Requesting email as a login is confusing when its an alias and not their Identity

    As our organisation has a coded AAD & AD Login ID (e.g. Staff Number) but the Email are an alias of their preferred firstname and lastname... It is confusing as we transition to a UPN based world where Microsoft login screens are always asking for "Email" as a login. Can we add the word "Identity" . Its a common word in the consumer world

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  9. create a custom attribute for cloud only users and be able to see this custom attribute is users's profile in Azure.

    Create a custom attribute for cloud only users and be able to see this custom attribute is users's profile in Azure.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  10. Dette forsto jeg ikke. Skriv en punkt for punkt forklaring på NORSK.

    Hvis det jeg skrev var for vanskelig å forstå. Hvordan tror dere det er å forstå alt det dere skrev for en eldre databruker. Dere er i Norge, her skriver vi norsk. Hvis dere ikke har norsktalende i staben deres, ansett noen. Dere har penger til det.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add the ability to disable users that haven't logging in after x amount of days.

    Add the ability to disable users that haven't logged in after x number of days.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  12. Organize member list view for groups

    Is there a way to organize the members within a hybrid or cloud only group? I have a few groups who have more than one page of users who I would like to view in a chronological order similar to how users populate in Azure Active Directory.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  13. Is there a way to eliminate the 'Pick an account' prompt for single-sign on applications?

    When enabling SSO for applications, we don't want Azure to prompt users to 'Pick an account' when first launching the application. Is there a way to improve the user experience of not having an additional prompt to get access to their SAS application?

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow the ability to search from IAM at the subscription level and see all downstream access.

    If I (or another) add user/identity access at a granular resource or resource group level I should be able to see that access when I search from the IAM blade at the subscription level.

    For customers with large support organizations that have many engineers that need different levels of access and having to keep track of who/what you gave access at what level is a bit unreasonable.

    I should be able to simply search from the top/subscription level and see what all access is granted to a user/identity so it can be removed when it is no longer needed.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  15. 2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  16. Synchronizing Managed Service Accounts from OnPremise to Azure ActiveDirectory

    I wish there is a way to synchronize managed service accounts(MSA) from onpremise to Azure Active Directory, There are many third party applications where we are using the MSA's auth for the apps on-premise . Now we have needs to connect to Azure SQL Database and they can't connect it using the existing auth. I think currently there is no way to sync the MSA's from onpremise to Azure Active Directory.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  17. Please expose non interactive logins logs to customers

    We look to setup alerts for security events. AAD Risk event "Impossible Login" though consumes non interactive login events that are not visible to customers so its not possible to create an event.

    If there are two interactive login's and the second deemed a risk event because of impossible travel we can create an event looking for the risk field in the sign-in logs but if the second event is a none interactive login you can't create an alert, we can't see this event.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  18. This is not an idea but a feedback

    I find the idea of entering the OTP everytime I login ,very absurd. atleast you should not ask for OTP on the same system which I was logged

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  19. smartlock - powershell commands

    It would be nice for administrators to see what accounts are currently locked or how much time to go if they were locked by smart lock out. Or even a way to unlock them?

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  20. azure ad app Required permissions dependency

    Presently when you create a azure ad app and app the api in Required permissions. It requires that app the api has be in specific order to use the KnownClient setting for Creating the service principal in Consumer Tenanat. Please make check the internal dependency of Required api before creating the service Principal.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base