Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. block non-USA logins, foreign IPs are locking out my users.

    block non-USA logins, foreign IPs are locking out my users.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  2. Support POST OpenID Connect authentication requests

    Supporting POST authentication/authorization requests is not mandatory for clients, but would be a nice addition if I wanted to use idtokenhint without being it captured in server logs in the referer header response.

    >Authorization Servers MUST support the use of the HTTP GET and POST methods defined in RFC 2616 [RFC2616] at the Authorization Endpoint. Clients MAY use the HTTP GET or POST methods to send the Authorization Request to the Authorization Server. If using the HTTP GET method, the request parameters are serialized using URI Query String Serialization, per Section 13.1. If using the HTTP POST method,…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  3. when we are able to login the Microsoft account in mobile phones using bio metric, why can't you provide same bio-metric authentication for

    when we are able to login in the Microsoft Authentication App. using the Microsoft account (xyz@hotmail.com) in mobile phones with bio metric Authentication, why can't you provide same bio-metric authentication for PC signing In. the option using Microsoft account signing In is already available, additional requirement is signing using. Mobile signing In using Microsoft Authentication App. For this additionally you have to provide the mobile Icon in the login Screen in windows 10 OS.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  4. Face id

    Rien avec FaceId, plutôt qu’un système de codes compliqué ? C’est pas très top

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  5. It’s so new of the products for me to used, it seems have a lot more useful than others normal mails, I will let you know that Soon again.

    It’s so new to me, I don’t even receive the first mail yet, but I will let you all know that later please. Thank you so much to helping me to set it up. I’m sure it very useful mail for me to the futures. Love xoxoxo

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  6. Fix MSAL-Angular library

    Currently, the Angular implementation of the MSAL client library is not synced up with the main branch of MSAL and is broken when using Microsoft Internet Explorer. I hate IE but 70% of our users are stuck on it. PLEASE FIX.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  7. Do not require a person to scan a QR code using the device that they are attempting to register

    I’m trying to access using my mobile device. The app wants me to scan a QR code to register the device. Guess what? I cannot scan a QR Code that is on the screen of the device - with the app - using that same device. As it happens, I also can not look myself in the eyes.

    Even worse, I can already access my Outlook, I just can’t see my folders with unread emails - populated via rules. All I want to do is see my emails and this Authenticator app pops up and won’t let me see anything…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  8. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  9. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  10. Improve the client secret generator

    The current secret generator presents two issues:


    • The length of the secrets varies, which is good, but sometimes it can be too short. Therefore I need to delete and regenerate secrets multiple times until I get a satisfactory length


    • Some of our clients uses legacy setup that for some reasons can't handle some special characters like curly brackets {


    My suggestion would be to improve the secret generator by letting us configure some criteria. E.g.:


    • Length of the secret (or min/max values, if we want to keep it variable)


    • Possibility to select type of supported characters (e.g. letters, digits, simple…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  11. Include "basic auth" support using MI

    I have a Linux VM with "system Managed" entity enabled. I use this to upload a ZIP file to an Azure Web App. The issue is that it seems this feature of App Service only supports basic Auth and I am not able to use access_token to authenticate. How can I use MI to authenticate to an AAD enabled service that uses only basic AUth?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  12. es una plataforma complicada

    es una plataforma complicada

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  13. Need official documentation on switching federation providers

    It would nice if Microsoft would publish official documentation for the recommended way to switch between federation providers. This article does a nice job of it, but I'd prefer to follow official Microsoft documentation:
    https://ping.force.com/Support/articles/Article/Office-365-Switching-the-federation-protocol-to-SAML-from-WS-Federation

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  14. cesser de redemander constamment les mots de passe. Je suis privé d'accès à OUTLOOK depuis plus de 15 jours! e

    cesser de redemander constamment les mots de passe. Je suis privé d'accès à OUTLOOK depuis plus de 15 jours!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  15. Android user contact sir

    May be android not using wifi

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  16. WE as a world will need a build for AUS system set up of inclusivity Nintendo coins

    CENSUS, PAYMENT, PROCESS, Receivables: Spendingaling ding:
    Working on process accountability of KISS product, Keep it simple sweetie
    Have made you a team of emojies will send you a photo. Oh thank you my friends. Will be in touch it's called bridging the gap...…..

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  17. [Static website] openId connect plugin / guidance

    In MVC, we have Microsoft OpenId Connect / Owin to secure the application using Hybrid flow with a Single Page Application on the front end.

    The request is to have capabilities to move from MVC SPA (self hosted VM) to Serverless (Azure blob + Azure function as backend) to do Hybrid flow authentication. Impicit flow is not secure, so that option is out for Serverless Architecture.

    An explicit guidance explicitly how to handle state and nonce / a nuget package plugin would be great.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  18. When you say 'We've sent a notification to your mobile device. Please respond to continue.' you can specify by which method you have send it

    When you say 'We've sent a notification to your mobile device. Please respond to continue.' you can specify how you have send it. If by sms, I cannot receive sms because I'm abroad and it doesn't work for some reason. I have MS authentificator app, which doesn't show anything and it is not linked to this web profile anyhow, which can also be improved.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  19. Option without double verification.

    I really hate having to answer a phone call or text in order to sign into my email every time

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  20. Authentication app should show the IP address and App that is generating the authentication challenge.

    The Approve/Reject popups in the app should contain more information so the user can tell what app and what IP is triggering the approval request. We recently had a user click Approve on a challenge that should have been rejected because the user said there are so many requests. See what device, IP and app is causing the Approve/Reject challenge would help the user identify valid requests (and there are many of these) from those that should be rejected.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base