Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. REST API common tenant is broken

    Scenario: I have 2 microsoft accounts. A personal account and a school account. The school account login process is 2 stage involving a redirect to a second login page. If an app uses: https://login.microsoftonline.com/common/oauth2/v2.0/authorize, I am supposed to be able to choose an account however, it jumps directly to the second stage of logging into my school account.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  2. v1 and v2 apps vs app registrations / Enterprise apps

    There are sy different ways to mention application and authentication. I would like see this be consistent from every point of view (developers, GAs, application admins).

    1)Why can some registred apps not be managed from within Azure Portal and do the need to be managed via https://apps.dev.microsoft.com/ ?
    2)Why are these same apps visible via powershell. This almost wants a GA to change it via Powershell. When that happens things can break I understand. At that moment the existing owner might not even see the app anymore in https://apps.dev.microsoft.com/
    3) There should only be one workflow and in that workflow…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  3. network

    Hi,

    we would appreciate that remote office computers not connected directly to our Active Directory Network but only Internet could create profiles for users that haven't previously connected. These remote office computers are Azure AD hybrid domain joined and the user account have been synchronized to Azure AD. It would ease the user provisionning as it would not require remote computer to be connected through a VPN.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  4. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  5. We are reachable at our Quicken US support number on a 24×7 basis and 365 days a year

    You can hire third party Quicken tech support companies 24 hours, 7 days, and 365 days a year. They can be accessed from anywhere anytime. You would not have to leave your current place to reach these certified professionals because they will serve you over the phone as per your convenience.

    more info :-
    http://www.quickentechsupport247.com/
    http://www.quickentechsupport247.com/quicken-customer-service.html
    http://www.quickentechsupport247.com/contact.html

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  6. 2-step authentication locks me out of my account when my phone is not working. How can you fix that?

    2-factor authentication is bogus sinc it does not account for a phone not working

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  7. Workable SSO integration

    Hi there

    We would really benefit from a Workable SSO integration.
    https://www.workable.com/

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  8. Security Bug: Please Fix Bug Application Delegation Bug Lingering Active Directory Delegation

    If application registration has Active Directory delegation it would NOT remove the Active Directory delegation behind the scenes even after removing all delegations.

    I need to remove all application delegations, Save and then add a new non-active directory delegation and Save again in order to limit who can access the application and/or web service.

    This is a issue as if there is any application that uses OAuth 2.0 and gets a token where the the "audience" | "aud": "00000002-0000-0000-c000-000000000000" it will have access to any application without restrictions of delegation rules if this lingering active directory access is behind the…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  9. password

    The current SSRPT does not give a 3rd option to enter a new password because its expired (90day policy) it currently provides 1. I have forgotten 2. I know my password but i cant login (unlock feature). This is language issue is causing a lot of confusion to our user.

    The site also needs to return a meaningful error msg when the user is unable to reset the password.. not a generic one like whats available today.

    Finally it will be handy to have listed when i last logged in successfully or failed attempt using my password..

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  10. Provide ability if we want to use SP or IDP auth for apps in the marketplace

    I'd like the ability to pick what form of auth is used for apps I install from the marketplace. For example, if I install the Salesforce app it only allows setup for SP. In order to use IDP I have to create a non-gallery app.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  11. Enable Organizational Account

    Enable Organizational Account checkbox in VS publishing profile:
    this checkbox is checked by default when publishing a AAD App Service to Azure.
    However when checked, it will create a NEW App Registration in AAD.
    This can lead to your API returning 401, in the scenario where a AAD App Registration was previously created and configured, then it will be ignored in favor of the one created by VS.
    Also, in my specific case, the new App Registration was not visible in the AAD Tenant Applications list, so it took a month of Azure support and several hours on the phone…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  12. Make it less bizzare!!!! I've read the docs and I am still confused. Its working, but Im confused.

    Are these accounts copies of accounts in my local directory? Where the does Microsoft account come into play? I can only sign in with "personal account". Come on....this is just strange and your docs are ZERO help.....

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  13. Azure User Login Authenticate Issue, Not able to access Graph api

    Please help with solving the following:
    I have a office365 subscription. I created application in azure Active Directory for Access users outlook calendar event from iOS application.I am using graph api for this. I am getting successfully Event of user which is added in azure active directory tenant user list. But I am not able to get the Event of user's calendar which is not added in azure active directory tenant and got the error in response "user not added in azure active directory tenant" so how to resolve this issue and allow all user to access outlook event api…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  14. Verification Certificate upload for Azure AD Applications

    Currently the only way to add a certificate as a verification method to a service principal is through PowerShell, and it is painful to script. It would be really helpful if there was a way to upload a certificate as a credential in the portal.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  15. HTTP Agents for OpenID connect or SAML

    We would like to migrate all our application protection to AzureAD from traditional WAM systems like SiteMinder.

    Not all applications can consume OpenID or SAML tokens, would need HTTP connectors / proxies to speed up application migration to Azure AD.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow ADFS federation per user not domain

    Remove the federation limitation of only allowing federation by domain and allow federation by user. e.g.

    usera@contoso.com = federated to ADFS
    userb@contoso.com = cloud authentication

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  17. passphrase

    Users should be prompted and guided to passphrases, not passwords. Passwords are dead and buried, we should stop encouraging their use. Allow admins to makeusers specify at least 5 words for a total of more than 20 wide char. Give the user an example (that they cannot use, naturally). Give them hints.

    Then require MFA, because seriously... single factor is moronic.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  18. Azure federation limitation

    If user has federated their AD with AAD for O365, they will not be able to federate their AD names with AAD for other purpose. would help if AAD can support that.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
1 2 22 23 24 26 Next →
  • Don't see your idea?

Feedback and Knowledge Base