Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Server authentication

    I would love to be able to fully deploy Azure MFA to all server authentication requests. I just recently rolled out Azure MFA to my remote access VPNs. It would be great if I include more services like server authentication. Currently I am using RSA MFA when logging in to servers, where I am prompted for a passcode after entering my AD credentials. I would love to use Azure MFA in a similar manner, where I can approve the login request through the Authenticator app, or use the passcode generated in the app.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  2. Custom code to extend token / claims

    It would be nice to be able to use code to inject custom field/claims into the token.
    Classic usage would be calling a third party service to inject dynamics field to be used by applications instead of having each application develop this.

    Ideally something similar to Auth0 rules mechanism: https://auth0.com/docs/rules

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  3. Support other languages for Azure MFA NPS extension notification (iOS)

    At the moment the MFA notifcation popup shows only in english language on iOS devices.

    As you can see in the attached screenshot the language of the popup is in english even though the language of the iOS device is set to i.e. german.

    Please support other languages for the extension.

    At best the language is tailored to the language which is set on the notified device.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  4. Remove two factor

    It is more of an inconvenience that an asset. It doesn't help me feel my account is secure as I have already felt it was secure by having a password that only I knew. This feature is very frustrating as sometime it does not work and then I am not able to log in to my account to complete my course work or view assignments. People should be asked if they would like to turn this feature on versus being made to do so.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  5. I am the administrator for the account and the phone number that appears I no lo9nguer have access to

    I am the account administrator and the phone number that appears for 2 factor auth, I no longer have access to?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  6. OAuth-based generation of SAML tokens

    It would be very useful to be able to use an OAuth flow (both for regular user authorization, as well as a client-credentials flow for service principals) to obtain a SAML, rather than JWT token.

    This could be achieved by either doing an OAuth flow that produces a SAML token directly, or by exposing an endpoint capable of taking a JWT token and returning a SAML token for the application (the opposite of the OAuth2 SAML bearer assertion flow, essentially).

    The scenario for this is applications that need to support modern authentication in order to authenticate to external applications that…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  7. This authentication app

    the authentication app makes me frustrated. More passwords, codes, sms, devices. Make proper software and do not change procedures each time. i am not a software guy and i do not be one. 2 way verification is safer than 1...duhh. You can make 1000 way verification which is even more safe but not workable.
    I have a pc, need to log in with a password. When i want to see my company account i need a VPN with again a password.
    Than suddenly i see that i need Microsoft verification with this app.
    This app doesn't work when i needed.…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  8. Support Emitting objectGUID for Group Claims

    Currently you cannot emit a group objectGUID as a group claim even if you are syncing it as a directory extension via Azure AD Connect. This should be a claim type that is available with the group claims feature.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add the ability to access codes from Apple Watch

    Apple watch app only works for MS personal or work accounts. Would be great to be able to access the codes from other accounts via the watch app, as you can from the iPhone app.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  10. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  11. 中国无法下下载 Microsoft Authenticator安卓版

    不知道中国是无法登陆google play应用商店的吗?问什么不给中国单独提供一个下载方式么?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  12. What happens if you do not have you personal cell phone with you and need to get something done for the district? The district use

    I do not have my personal cell phone that the district expects me to have but does not pay for. How can I sign into my google account if they keep sending sign in verifications to my personal cell phone?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  13. Visual Studio - Connected Services - Authentication with Azure Active Directory - Fails

    The Visual Studio, Connected Services, Authentication with Azure Active Directory configuration tool fails if the web.config appSettings has a file="xxxx" attribute.

    VS 16.2.5

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  14. I am experiencing an error message when I attempt to open mysource, which is requiring me to download a microsoft

    When I attempt to log into mysource I am presented with the error requiring me to login to an app on my phone in order to access the site. Each day it is allowing me to access a "skip for now" option that counts down the days stating shortly I will no longer have access to the function.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add a user SAML attribute claim that can be assigned a text value.

    For example Service providers that Require a EduPersonPrincipalAffiliation or urn:oid:1.3.6.1.4.1.5923.1.1.1.9 you could set a text value to all claims of "Member@contoso.com" or use the Transformation options to filter specific text values to the claim. Like "member@contoso.com" or "Administrator@contoso.com" or "Contributor@contoso.com" this would allow the Service provider to assign roles without having to process groups just a simple text value set at the IDP level.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  16. No way to tap Authenticator or enter or choose code.

    No option to tap or choose code using authenticator

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  17. not receiving notifications being sent to iphone Authenticator

    Stopped working for iphone.. no notifications come in. full signal on network. Notifications for other apps working perfectly fine. Really horrible to force people to use this then not have it work. Not having access to email and everything else means absolutely no work being done and possible MUCH WORSE.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  18. MFA app password

    1.What exactly we need is if the account is get compromised while user resetting the password the app password also need to be reset by default also is there any options to get the popup /notification automatically
    While user reset the password ?

    2.Ideally the app passwords should vanish as soon as we disable MFA, or Reset passwords so the user has to use a new password for all devices/apps

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  19. See what I just wrote.

    DONT CREATE ANOTHER PROPRIETARY APP!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  20. Not getting text to sign it

    I am not getting a text.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base