Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Make Microsoft Account authentication great again

    https://apps.dev.microsoft.com seems broken... I cannot create an app (getting : There's a temporary problem with the service. Please try again. If you continue to get this message, try again later) 3 days now

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  2. password

    The current SSRPT does not give a 3rd option to enter a new password because its expired (90day policy) it currently provides 1. I have forgotten 2. I know my password but i cant login (unlock feature). This is language issue is causing a lot of confusion to our user.

    The site also needs to return a meaningful error msg when the user is unable to reset the password.. not a generic one like whats available today.

    Finally it will be handy to have listed when i last logged in successfully or failed attempt using my password..

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  3. Provide ability if we want to use SP or IDP auth for apps in the marketplace

    I'd like the ability to pick what form of auth is used for apps I install from the marketplace. For example, if I install the Salesforce app it only allows setup for SP. In order to use IDP I have to create a non-gallery app.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  4. Force Apple to fix Safari certificate auth bug (Support ADFS Device Authentication)

    We really need Microsoft Corp. to fly to Cupertino and slap the guys responsible for the development of the Safari browser on MacOS. :D
    It looks like the people at SAP give up on Apple. This have been an issue for a long time now and we REALLY need a solution for this.

    Another approach would be to built somekind of mechanism / feature into ADFS that would not send a "Certificate Authentication Request" for specific user-agent-string (Read MacOS+ Safari). We have only seen the issue for Safari on MacOS. Other browsers work like a charm.

    The fact that Apple…

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  5. buffer app sign on is no longer working

    I have added and configured bufferapp in my Azure AD applications tab. Configured it correctly - however the sign on never happens when the end user clicks on the app. Just the main home page of buffer.com is shown.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  6. Enable Organizational Account

    Enable Organizational Account checkbox in VS publishing profile:
    this checkbox is checked by default when publishing a AAD App Service to Azure.
    However when checked, it will create a NEW App Registration in AAD.
    This can lead to your API returning 401, in the scenario where a AAD App Registration was previously created and configured, then it will be ignored in favor of the one created by VS.
    Also, in my specific case, the new App Registration was not visible in the AAD Tenant Applications list, so it took a month of Azure support and several hours on the phone…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  7. Azure AD can create same name groups

    Azure AD can create same name groups. Is it right ?
    Same name groups occurred errors when set up Azure settings(ie, SSPR setting to security groups)

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  8. Make it less bizzare!!!! I've read the docs and I am still confused. Its working, but Im confused.

    Are these accounts copies of accounts in my local directory? Where the does Microsoft account come into play? I can only sign in with "personal account". Come on....this is just strange and your docs are ZERO help.....

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  9. Passport for Work MFA

    It should be selectable in Azure MFA to use Passport for Work as a 2FA. A computer is using device authentication (2nd factor) when Passport for Work is used.

    It seems redundant to also require a Phone Factor, SMS, or Azure Authenticator Push when Passport for Work is already verifying Device + PIN/Bio.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  10. Azure User Login Authenticate Issue, Not able to access Graph api

    Please help with solving the following:
    I have a office365 subscription. I created application in azure Active Directory for Access users outlook calendar event from iOS application.I am using graph api for this. I am getting successfully Event of user which is added in azure active directory tenant user list. But I am not able to get the Event of user's calendar which is not added in azure active directory tenant and got the error in response "user not added in azure active directory tenant" so how to resolve this issue and allow all user to access outlook event api…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  11. Verification Certificate upload for Azure AD Applications

    Currently the only way to add a certificate as a verification method to a service principal is through PowerShell, and it is painful to script. It would be really helpful if there was a way to upload a certificate as a credential in the portal.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  12. HTTP Agents for OpenID connect or SAML

    We would like to migrate all our application protection to AzureAD from traditional WAM systems like SiteMinder.

    Not all applications can consume OpenID or SAML tokens, would need HTTP connectors / proxies to speed up application migration to Azure AD.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  13. Login conflict between organizational ID and Outlook.com (personsl)

    I am certain if this is the right place to post this.

    I have both a recently created organizational Azure AD account (MPaxton@isp.IN.gov), and an older Outlook.com account (MPaxton5684@Outlook.com) that has an alias identical to my Azure account.

    When I tried to login to my Outlook account, I received the following error:

    X-ClientId: 08B2383E094046859E798B1521F6E042
    X-OWA-Error: Microsoft.Exchange.Data.Storage.DatabaseNotFoundException
    X-OWA-Version: 15.1.517.8
    X-FEServer: BY2PR0601CA0024
    X-BEServer: BY2PR09MB0248
    Date: 6/12/2016 3:01:47 AM

    It does not matter which ID I use at Outlook.com, I get the same error.

    Can you help me, or direct me to someone who can?

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow ADFS federation per user not domain

    Remove the federation limitation of only allowing federation by domain and allow federation by user. e.g.

    usera@contoso.com = federated to ADFS
    userb@contoso.com = cloud authentication

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  15. passphrase

    Users should be prompted and guided to passphrases, not passwords. Passwords are dead and buried, we should stop encouraging their use. Allow admins to makeusers specify at least 5 words for a total of more than 20 wide char. Give the user an example (that they cannot use, naturally). Give them hints.

    Then require MFA, because seriously... single factor is moronic.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  16. Azure federation limitation

    If user has federated their AD with AAD for O365, they will not be able to federate their AD names with AAD for other purpose. would help if AAD can support that.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  17. Configuration of SAML 2.0 responses - hash algorithm (SHA1 v SHA256), message signing

    Are there any plans to add further configuration options to the AAD SAML 2.0 functionality.

    When acting as an IdP in a SAML 2.0 federation, unlike ADFS, there does not appear to be any options to customize the SAMLResponse which is returned to the Relying Party.

    The options that I'm particularly interested in are:

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  18. Support certificate authentication in MyApps for iOS

    I would like to be able to log into MyApps using ADFS and Certificate authentication. I can log into Safari using Certificates, but I can not use the native MyApps application on iOS.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
1 2 22 23 24 26 Next →
  • Don't see your idea?

Feedback and Knowledge Base