Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow guest users to acces VM in Azure in combination with AADDS

    I hope this can be done so I do not have to look for 3th party solutions.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add an Enterprise app for Single Sign on for OpenShift

    Create an Enterprise app for Single Sign-on for the OpenShift service https://www.openshift.com/

    We currently access OpenShift via AD DS LDAP however we need more flexibility for internal and 3rd party access (Azure AD Cloud only account from our tenant and Federation)

    The current app in the gallery is Password Vault not SSO

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add an Enterprise app for Seismic

    Create an Enterprise app for Single Sign-on for the Seismic service https://seismic.com/ According to the Seismic documentation it supports Azure AD however it would be easier if there was an app in the gallery

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add an Enterprise app for Symphony IM

    Create an Enterprise app for Single Sign-on for the Symphony IM service https://symphony.com/ I successful created a custom app for SAML SSO however it would be easier if there was an app in the gallery

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  5. Very good

    Very good

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  6. "What is Azure AD B2B collaboration?" documentation

    Your "What is Azure AD B2B collaboration?" page has two copies of the same screenshot, which is wrong for the "Authorization policies protect your corporate content?"

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  7. B2B Integration pack for VS2017

    B2B Integration pack is available for only VS2015. When it is released for VS2017 we can have Only VS2017. Now i'm using two versions VS2015 for B2B and for Azure functions i'm using VS2017.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  8. Choose SaaS app for invite in UX

    Provide an option to select an alternative saas app within the Azure Active Directory Portal for the Azure B2B invite or/and solve the issue surrounding the Azure Access Panel / MyApps.

    Issue: https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/19738183-support-conditional-access-for-myapps-microsoft-co

    @Sarat

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  9. TrackingID#2105100040005144 : Azure sends ObjectIDs when no onprem group is assigned to the user by default

    Related to MS ticket TrackingID#2105100040005144
    Azure setting for OpenID/SAML app is "groupMembershipClaims": "SecurityGroup", to pass the sAMAcoountName.
    It passes samaccountname when the user is member of at least one onprem group.
    But when the user is member of cloud groups only (no onprem group), it sends their objectIds by default. which is incorrect, as the setting is to send samaccountnsamed of securitygroups only.

    This causes 2 issues:
    1. The SAML/OpenID token becomes extremely large and breaks things with tons of object ids, when the user is part of no security groups
    2. The application has to validate the group claim…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  10. Sign SAML requests for SAML/WS-Fed identity provider (IdP) federation (Direct Federation)

    AAD should be able to sign SAML requests sent to a third-party IDP, especially if the IDP metadata suggests it (WantAuthnRequestsSigned="true"). Either auto-configure request signing based on the metadata and/or allow the admin to toggle request signing on/off.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  11. Self Service sign-up add an API connector to a first time user

    Some application require a setup process, the first time a user signs in.
    It would be great if we can start the process before we redirect the user.
    Or adding a the user in the specific security group.
    This way we can fill up the myapplications page dynamically.

    I know you can handle this also at login, but that means checking every log in, which is overkill.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow to view the application name in the account selection screen

    When you login to azure portal, I can see the application I am trying to log in to, in the account selection screen. (pick account)

    But with my own application this is not the case.
    This information would help inform our users.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  13. Sharing Sites and Accessing Apps

    Does the one-time passcode work for all MS products, such as for providng guest access to Teams?

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  14. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  15. 451123828@ minia3.moe

    نسيت كلمة السر

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  16. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  17. One-time passcode authentication for B2B guest users - Is it possible to reduce user session expiry time from 24 hours

    While reviewing the public preview feature of One-time passcode authentication for guest users, it was observed that the guest user session expires only after 24 hours. This seems to be a longer window and we will prefer to have the user session time to be something like 8 or 9 hours. The guests will be signing in from their environment and we don't know how secure their environment is and how secure is the email account that they are using. Leaving the user session open for 24 hours seem to be risky and we will prefer to have an option…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  18. Reset my guest account - to fix post migration lost B2B access

    URL in AAD where a user can reset their guest account access. We've just gone through a tenant migration and the manual nature of the reset process is painful. It's basically a Delete and Re-invite process to the same e-mail address that is already in AAD.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  19. Proper error-code and messages in the Invite redemption failed page

    We use the Graph API to register users, send Invite link to user. User opens the link, grants permission to application to access the data, and from then on user will be able to access our application using the Azure Single Sign-on.

    Currently, while signing-up(opening the Invite link), in case of any problem, it shows a Request ID, Co-relation ID, and Timestamp.
    It would be better if an error message and error code too can be displayed in this page. This would be really helpful for us. As of now we need to reach out the Azure support team for…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  20. OTP: Allow a guest and a contact with same email address

    Guest Account is not able to sign-in with OTP if an Exchange online contact exists with the same email address and the guest tries to sign-in to the my apps portal.
    Error “AADSTS50020
    If the guest use the link from the invitation he received by email, there is no issue.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base