Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add tizen support for autenticator Samsung hear s3

    Add tizen app for Microsoft autenticator (Samsung smartwatch S3) thanks

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  3. While reading the FAQs for the authentication app I was redirected to the azure feedback page.

    Please, investigate the reasons for one being redirected from the authentication app area to the Azure feedback area.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  4. What an increadible POS

    Make a system that does not loop you endlessly through authentication set up and then hangs. Failing this go back to on-premise software it is your only hope

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  5. Google Apps

    Have the ability to Redirect to Google Hub page and SSO without prompting for email address during SSO process.

    https://admin.google.com/a/domain/UserHub
    https://apps.google.com/user/hub

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  6. Redirect URL After Login Enterprise Applications

    I would like the ability to redirect to a custom webpage after the user authenticated using an Enterprise Application.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  7. Release MSAL library inline with Xamarin and Xamarin.Forms releases

    At time of writing, the 'released' version of MSAL is 1.1.0-preview. This is incompatible with the current release of Xamarin.Forms (2.5.0.121934). The latest development build (1.1.1-alpha0414) is compatible with XF 2.5.0 , however this obviously hasn't gone through QA testing and shouldn't be used in production environments.

    Please schedule regular test-release cycles for MSAL,, at least ensuring there is a formal release that is compatible with each release of Xamarin.Forms.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  8. 2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  9. Standalone OAuth2 + non WebApp + No UserInteraction + Redirect always failing - How to get Auth Code ?

    I have created a dummy Outlook mail account :
    Username: arnab30dutta@outlook.com
    Password: wiproinfotechbt012
    Also registered my headless standalone Java App at https://apps.dev.microsoft.com/#/application/524f2f35-30ca-4497-9a58-654e431858ef (I dont require Spring Model Or View, + all necessary consents allowed) using above same user/password

    SpringBootMailRESTApiApp

    Application Id 7a1fff16-ef39-4299-a6b9-50d2b37924e4
    Pass 8wLwBic9Hxwj9f9e5hkjq9n
    RedirectcURI https://USHYDARNDUTTA2.us.deloitte.com:8080/signin-microsoft

    Following URL When Tested with RestClient Firefox addon works fine:

    https://login.live.com/oauth20authorize.srf?clientid=524f2f35-30ca-4497-9a58-654e431858ef&scope=openid+offlineaccess+profile+User.Read+Mail.Read+Calendars.Read+Contacts.Read&redirecturi=http%3a%2f%2flocalhost%3a8080%2fauthorize.html&responsetype=code+idtoken&state=717b3297-2692-4a3a-a22c-ade52010e24b&responsemode=formpost&nonce=adc6829c-c4c3-4895-818a-99e5f9574381&display=popup&uaid=94f304002ecd487cb72a708b8d14fb52&msproxy=1&issuer=mso&tenant=common&uilocales=en-US&loginhint=arnab30dutta%40outlook.com

    But same don't work when hit from Spring Boot App.
    Redirect URI never receives any response.

    Code Attatched

    Plz Plz Plz provide solution of - How to get the Authorization Code ?

    "I…

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  10. AAD Token Life Time Policy - also look at the Return URL

    When we make an custom Azure AD policy for Token life time, the Return URL functionality is not a part of the configuration.
    It would be nice when you are log-out on the application based on the Azure Ad policy, Azure AD also looks to the return URL functionality (re-direct). At this moment it's done by the web app, but with this new policy, the web app has nothing to do woth it anymore.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  11. Azure App registration making url not mandatory

    Now when registering an app with Azure, you either need to enter Sign-on URL or a Redirect URI depending on the type of Application you pick.

    In my use case (which I believe to be quite broad in general), I don't have any URLs and just want some credentials that I can give to my automation script that manages Azure resources. In particular, I am using Ansible automation to automate management of Azure resources, but generally that could be anything.

    A longer description of the issue can be found here:
    https://stackoverflow.com/questions/46682708/azure-app-registrations-sign-on-url

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  12. Support credential roaming for Microsoft Workplace Join for non-Windows 10

    Add support for handling credential (Certificate) roaming in the "Microsoft Workplace Join for non-Windows 10" client for Windows 7.

    Either remove previous / old certificate or do not request a new certificate before expiration.

    https://technet.microsoft.com/en-us/library/cc770797(v=ws.11).aspx

    https://www.microsoft.com/en-us/download/details.aspx?id=53554

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  13. New Sign-in experience UX prompt 'I sign in frequently on this device. don't ask me to approve requests here' miss-leading!

    Re-word the New Sign-in experience UX prompt as it is miss-leading, 'I sign in frequently on this device. don't ask me to approve requests here"

    In reality the tenant set MFA configuration is enforced, which in our case is for a single day.

    I believe that the wording of the new sign-in prompt is highly miss-leading and should be altered as this message implies a loser security than is actually in place, which gives completely the wrong message to my users.

    My user base will also be of the opinion that Office 365 isn’t working correctly as the behaviour will…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  14. Workable SSO integration

    Hi there

    We would really benefit from a Workable SSO integration.
    https://www.workable.com/

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  15. Keep same element IDs on new Azure AD sign-in page

    As an automation tester, I want the credential input on the new Azure AD web-based sign-in page to be able to be found and used the same way as on the old page so that my scripts don't break.

    Currently, the old Azure AD web-based signin page has this for the username: <input id="creduseridinputtext" class="login_textfield textfield required email field normaltext" placeholder="username@egov.com" type="email" name="login" spellcheck="false" alt="username@egov.com" aria-label="User account" value="" autocomplete="off" aria-describedby="accessibleError">

    And this for the password: <input id="credpasswordinputtext" class="login_textfield textfield required field normaltext" placeholder="Password" spellcheck="false" aria-label="Password" alt="Password" type="password" name="passwd" value="" aria-describedby="accessibleError">

    Both of…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  16. My apps iOS app login

    Microsoft "My Apps" mobile app is great, but it is promoting use for authentication several times a day.

    I think Microsoft should update the app to use same sign in process as other apps - outlook, onedrive, planner, etc

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  17. Security Bug: Please Fix Bug Application Delegation Bug Lingering Active Directory Delegation

    If application registration has Active Directory delegation it would NOT remove the Active Directory delegation behind the scenes even after removing all delegations.

    I need to remove all application delegations, Save and then add a new non-active directory delegation and Save again in order to limit who can access the application and/or web service.

    This is a issue as if there is any application that uses OAuth 2.0 and gets a token where the the "audience" | "aud": "00000002-0000-0000-c000-000000000000" it will have access to any application without restrictions of delegation rules if this lingering active directory access is behind the…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  18. Restrict Groups List on Claims Identity to Only Groups (not directory roles)

    Amend the http://schemas.microsoft.com/ws/2008/06/identity/claims/groups claim of the user identity so that it only includes groups, not directory roles as well. (Or add a further groupMembershipClaims value to the manifest to show "GroupsOnly" or similar, in addition to the current "All" | "SecurityGroup" | null option)

    Currently if a user is in either the Global Administrator or Limited Administrator role, the ID of this role appears in the list of groups as well. See details on StackOverflow here: https://stackoverflow.com/questions/45215615/phantom-group-membership-in-azure-ad

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  19. Need option to export Win 10 Domain Joined Device Registration details with Owner names

    Right now we are not getting Owner details for Win 10 Domain Joined Registered Devices, value is showing as {} , If we get those details then it will be good for manage devices.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  20. OAUTH integration

    For integration with OAuth2 several solutions were tried both at the mobile application level (React Native) and at the Backend level (Laravel).

    The problem we encounter with Laravel libraries is that they are focused on web application, where the process includes a redirect to the Microsoft page to make the entry. This as we are running from a server we would not have the way to make this redirect for the user. In Laravel we use Socialite that is of Laravel and OAuth 2 Client of PHP League. In the research process in Microsoft forums especially in this question (…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base