Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 20 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  2. Ability to Grant Permissions via API or Powershell

    Azure AD allows you to create app registrations, define roles on them and give permissions to each other (as application identities). This way you can have a Web application talking to your API with its service principal and you can protect your API with roles.

    Service Principal creation, role definition and permission assignment can be done through Portal, Powershell and API. But in order to make Application Permissions (which requires admin consent) work, you need someone with Global Administrator role to go to Azure Portal and click Grant Permissions button (or do the same thing via OAuth prompt on your…

    205 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    17 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
    under review  ·  Azure AD Team responded

    Thank you for the feedback! This is in the backlog and we are looking into this. We don’t have an ETA yet, but we will share once we have one. Please keep voting if this feature matters to you.

  3. Support Managed Service Identity on VMs in Azure Batch Pool

    Enabling MSI for Windows VMs created by an Azure Batch Pool would allow us to use this service in Azure Data Factory .Net custom code activities running on Azure Batch.

    26 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  4. Lacking option to publish a client directly to marketplace.

    I can view my created oauth client at https://identity.microsoft.com/#/application , but there is no option present on the page to publish the client to the market place for azure administrators to allow their uses to authorize their information to our application.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  5. Cannot enter valid url as Native Application redirect uri

    When I enter urls like http://localhost:8080/register or even http://google.com I get an error stating the url must have the format {scheme}://{domain}/{path}

    Changing http to test (e.g. test://localhost:8080/register) causes the validation to succeed.

    Because of this it is not possible to set a redirect uri for native applications.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  6. Delegated permissions not working

    I have registered an application at the application registration portal (apps.dev.microsoft.com) and configured it to use delegated permissions (specifically "Files.Read.All", "Sites.Read.All" and "User.Read") which are marked as "User can consent".
    In one tenant (used for development) the app works exactly as expected, asking the user to consent in the first access. However, in the client environment (I registered another app in their tenant, with the exact same configurations), the user is not asked to consent the permissions, instead it is shown a message:
    "{App name} needs permission to access resources in your organization that only an admin can grant. Please…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  7. app registration not available

    why ?? just it refrech the new form of creation

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  8. Application Registration portal Login does not use Tenant Branding

    When you are delivered to the tenant login page for both new and existing login experience. The tenant branding experience does not load in. e.g. Background image and logos.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  9. 16 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  10. app reply address does not update

    Under "apps.dev.microsoft.com" app url redirect does not update despite deleting old app entry. Trying to create quick prototype for client thinking of migrating to O365 and therefore only using the trial version for now.

    To update reply address, it requires login into azure. Permissions are limited for trial version and therefore unable to update "reply address".

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add support to list directories that the user is member of

    As per this thread on Stack Overflow (https://stackoverflow.com/questions/45235572/getting-all-b2b-directories-user-is-member-of/) it would be great to be able to list all directories the account is member of along with the directory name and possibly the primary domain. It would greatly make the B2B support in multitenant apps easier than it is right now.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add new app - screen keeps reloading

    screen keeps reloading, unable to load screen. Would be nice if the screen worked, i'm using google chrome.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  13. Add Windows Store as a platform to an existing app in Application Registration Portal

    Hi,

    I had a UWP app working with OneDrive, allowing users to read and write to a file.

    Then I accidentally deleted my app from the Application Registration Portal and now any OneDrive related code throws an authentication error.

    How can I re-register my app with the Registration Portal to get it working with OneDrive again?

    I can add anew app but cant see a way of getting the Windows Store platform back. All my other apps have this platform by default.

    I've attached an image illustrating the platform that I want to add.

    Thanks for any help anyone can…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  14. It would be nice to have powershell support to access access Azure Portal -> AzureAd ->Users and groups - User settings

    Currently, there exists no powershell commandlet in the MSOnline and AzureAD Module that could give me the list of user settings. It will be a really powerful commandlet. There exists, Get-MsolCompanyInformation, which only renders the partial information, but not all. The rest of the settings like ,1) Users can add gallery apps to their Access Panel 2) Guest users permissions are limited 3) Admins and users in the guest inviter role can invite 4) Members can invite 5) Guests can invite 6) Restrict access to Azure AD administration portal , are still inaccessible via powershell

    10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  15. WHERE can I find Client Secret for API settings that comes with Client ID?

    WHERE can I find Client Secret for API settings that comes with Client ID?

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  16. Hey suckers, the create app form on Application Registration Portal cannot be saved! It is embarrassing!

    Hey suckers, the create app form on Application Registration Portal cannot be saved! It is embarrassing!

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  17. Cannot save web platform added to app in Application Registration Portal

    Whether I create an app on
    https://identity.microsoft.com/portal/register-app
    or edit an existing app on
    https://identity.microsoft.com/#/appList
    I cannot add a web platform. The Save button on the registration page is always disabled. Only the Discard Changes button works.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  18. I cannot see my app after registering in apps.dev.microsoft.com, but I see it in the Azure AD Portal

    Unable to get app to show up on apps.dev.microsoft.com/#appList after trying to 'Add' Azure AD Only application. My registrations show up in the Azure AD portal.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  19. You need a single place for all of the discussion and help facilities.

    Relevant discussion points could then be displayed at the bottom of each help page. The spread out nature of these boards makes it really difficult to find help and I am sure that your operators spend most of their time redirecting people.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  20. 3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base