Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Improve the experience of creating and managing Azure AD B2B security groups of guest users

    We created a security group of 200+ external users across 80+ vendors.


    1. Please create the ability to easily manage the membership of a security group in Azure portal. For example, we cannot currently sort the list of members by name. Also, to drill into a member's profile, it takes two clicks when it should only require one click.


    2. Please create the ability to track responses to invitations within a group. After multiple rounds of mass invitations via PowerShell, 80 users responded to the invitation, but 120 people have not and they likely cannot find the email. We need the ability…

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  2. fga

    hh s

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow an Application Service Principal to be added as a guest in other tenants

    We manage multiple tenants across our extended organiation and would like to have a single application service principal to do so rather than having a separate service principal in each tenant.

    The work around is to use a standard user account but we would prefer not to do it this way. Since service Proncipals don’t have UPNs, there doesn’t seem to be a way to invite them via the B2B guest invite API.

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  4. sign in codes

    IMO would love to not have to receive codes to sign in. already signing in w/ our password, so i think codes are time consuming/unneccessary

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow guest users to acces VM in Azure in combination with AADDS

    I hope this can be done so I do not have to look for 3th party solutions.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add an Enterprise app for Single Sign on for OpenShift

    Create an Enterprise app for Single Sign-on for the OpenShift service https://www.openshift.com/

    We currently access OpenShift via AD DS LDAP however we need more flexibility for internal and 3rd party access (Azure AD Cloud only account from our tenant and Federation)

    The current app in the gallery is Password Vault not SSO

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add an Enterprise app for Seismic

    Create an Enterprise app for Single Sign-on for the Seismic service https://seismic.com/ According to the Seismic documentation it supports Azure AD however it would be easier if there was an app in the gallery

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add an Enterprise app for Symphony IM

    Create an Enterprise app for Single Sign-on for the Symphony IM service https://symphony.com/ I successful created a custom app for SAML SSO however it would be easier if there was an app in the gallery

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  9. Very good

    Very good

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  10. Intune Ap Protection for Azure B2B users

    I have app and I am using Intune app protection and every thing is working fine. I have few azure B2B users.
    I also read some app configuration policies.
    My question is how I will read the app configuration policies for my Guest users.

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  11. "What is Azure AD B2B collaboration?" documentation

    Your "What is Azure AD B2B collaboration?" page has two copies of the same screenshot, which is wrong for the "Authorization policies protect your corporate content?"

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  12. Reset Password option for B2B User should be grayed out to avoid confusion

    had a real life scenario today whereby Azure AD Admin / Support person was having issues with a B2B / External Login and so clicked on the available Reset Password for the login . And got rather generic error message below which made them think they didnt have correct rights

    "The password can not be reset. This may be due to an incorrect level of administrative privilege or if trying to reset your own password."

    Ask : If a B2B / External User , have the Reset Password button grayed out and ideally with a "hover over" of something like…

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  13. remove b2b user when host account is removed

    We use Azure B2B extensively. However where B2B users have been into our directory and the user has left the third party organisation and thus had their account removed does not clean up the guest account records in our directory.

    Over time this leaves thousands of 'orphaned' guest accounts in our directory, with no ability for our administrators to identify which accounts are orphaned. and thus numbers of guest users in our our directory expands over time infinity

    Azure AD should automatically in the in the event of a user object being removed from the third party directory remove the…

    106 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →

    This is in our backlog, but votes and comments about how you would expect this to work are very helpful to our planning/designing the feature so please keep them coming.

    Also, for some scenarios in this space Access Reviews (https://docs.microsoft.com/en-us/azure/active-directory/governance/manage-guest-access-with-access-reviews) can be a good way of removing users who no longer need access, including those who don’t have accounts anymore. (Thanks Shawn for pointing that out for everyone!)

    /Elisabeth

  14. Fix Account Provisioning for B2B users in SaaS Apps like Salesforce

    Currently account provisioning for B2B users in SaaS apps like Salesforce is broken. More info: name attribute in SAML response from Azure AD for B2B user is suffixed with azure ad tenant name e.g. testuser_yahoo.com#EXT#@azureadtenantname.onmicrosoft.com because of this external users\b2b users are not able to login to the SaaS application.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  15. support removal of the forgotten password link for B2B users

    At the moment in AD Connect you can remove the Password Writeback option however the microsoft company branded page has no option to remove the "forgotten password" link.

    So users end up trying to use that link and end up saying the Admin hasnt enabled the option.

    It would be better to support an option to either customize the link or removal completed when the password writeback is turned off.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  16. Azure AD B2B better support for users who don't know their organisation has O365

    We invite quite a lot of external guests into our SPOnline tenant. Originally via the (old Azure portal) bulk add (CSV) B2B process, but more recently via the (new Azure portal) invite guest user B2B/B2C process.

    We're getting more and more B2B users that fit into one or more of the following:


    1. Don't know their organisation has O365

    2. Don't know their O365 login (it's not always their email address)

    3. Their organisation/domain is registered for O365, but they don't have a license.

    4. Have O365, but aren't syncing their AD with AzureAD.

    5. Aren't able to get their IT to give them O365…
    33 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →

    We’ve made several improvements in this area to support users who don’t have O365 or who are using email addresses that differ from their O365 login information (such as supporting proxy addresses, direct federation support, and email one-time passcodes), but we know there’s more work to do in this space. Please let us know what other scenarios are causing you and your guests the most pain so we can use that information to triage and prioritize future investments.

    /Elisabeth

  17. B2B invitation status

    Azure Active Directory B2B account.

    Now there isn't possiblity to generate report, if B2B user has activated account or not. It would be good to have feature to list not activated users from administrative perspective. Example when doing acocunt clean up.

    There are fields in profile like Source which contain Invited user or Resend invitation button is visible. Those indicates if user hasn't activated invitation.

    Or even have automatic removal on directory, if invitation hasn't been approved within X days, B2B account is removed automatically. As if account hasn't been activated, it cannot be used anywhere.

    14 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  18. B2B Integration pack for VS2017

    B2B Integration pack is available for only VS2015. When it is released for VS2017 we can have Only VS2017. Now i'm using two versions VS2015 for B2B and for Azure functions i'm using VS2017.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  19. SharePoint Online / Microsoft Teams inviter should be written back to Azure AD

    A lot of functionality seems to be missing on the backend from a governance and compliance point of view. All Azure B2B accounts magically gets created in Azure Active Directory, when the users accept the invite send from SharePoint Online. We can see the invites within SharePoint Online, but they are missing this within Azure B2B invitation summary view and under Azure Audit. We would have expected to see an entry from SharePoint Online as the "Initiated By (Actor)" with the "Activity" sending out Azure/SharePoint B2B invitation on behalf of user XYZ. I would be preferred with the users UPN.

    11 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  20. B2B Guest User Expiration

    Looking for the functionality where you can schedule Azure B2B users to exist in your tenant for a predetermined period of time. This would operate similarly to the O365 Groups expiration functionality that exist today. Additionally, managers would be allowed to extend these periods of time and automated reminders would be sent to the manager of these users.

    223 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    23 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →

    We do have some capabilities in this space by using either Access Reviews (https://docs.microsoft.com/en-us/azure/active-directory/governance/manage-guest-access-with-access-reviews) or the newly-released-to-preview Entitlement Management feature (https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-overview).

    If neither of those fulfill your requirements, please add a comment with your scenario for the feature to help us prioritize and design it better.

    /Elisabeth

  • Don't see your idea?

Feedback and Knowledge Base