Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Enabling Azure AD Authentication for SQL Managed Instance Needs Improvement

    Enabling Azure AD Authentication for SQL Manage Instance requires a Global Admin or Azure AD user with similar elevated privileges to grant read access to to the SQL Managed Instance's Managed Identity. This does not scale well for teams using DevOps deployment methodology who frequently create and destroy resources in a large environment where security standards necessitate the separation of duties. We need a way to enable this which does not require a global admin or creating a microservice to do it.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  2. Azure AD Authentication for Mobile that can redirect authentication request to different Claim Provider Trust

    Hello,
    We hope that Azure AD Authentication can redirect Mobile device authentication request to different Claim Provider Trust such third party Airwatch Workspace One.

    Regards,
    Jake

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  3. Requested feature for Azure AD Conditional Access policy Third party MDM compliant check

    We would love to have the ability in Azure AD Conditional Access that can allow or block base on different MDM provider as for mobile device compliant check.

    Regards,
    Jake H.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  4. Support other languages for Azure MFA NPS extension notification (iOS)

    At the moment the MFA notifcation popup shows only in english language on iOS devices.

    As you can see in the attached screenshot the language of the popup is in english even though the language of the iOS device is set to i.e. german.

    Please support other languages for the extension.

    At best the language is tailored to the language which is set on the notified device.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  5. Variable password complexity requirements / multiple assignable password complexity policies

    I'd like the ability to configure multiple password complexity requirements / policies, and assign them based on for instance:
    * Azure AD Groups (Ex: All users in a group gets affected, all not assigned to a complexity gets the tenant default complexity)
    * Azure AD Role (Any or specific roles)
    * Subscription role on any of subsbriptions tied to tenant (Ex. User has "owner" on one of the subscriptions)

    This would make sense as regular users should be able to create short, memorable passwords. Admin users on the other hand, should have complex, random generated, long passwords, and use password…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add the ability to access codes from Apple Watch

    Apple watch app only works for MS personal or work accounts. Would be great to be able to access the codes from other accounts via the watch app, as you can from the iPhone app.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  7. Really tired of getting this.... Your organization needs more information to keep your account secured. No... you don't. I

    Stop sending these messages. They are annoying and time consuming and with all the hacks out there, I don't think it's prudent to keep so much information about people online to begin with.

    Stop asking me for my information.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  8. Lock sign-in to specific country/region on a per user basis

    Just like the credit card companies allow you to lock/unlock your credit card for use in different regions/countries it would be great if users could allow/disallow sign-in from different regions/countries.

    Like a per-user conditional access...

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  9. No code being sent to the Microsoft Authenticator.

    Microsoft Authenticator generates codes which display on the smart phone screen.

    The problem is that the Microsoft website isn't sending the four digit code it generates to the Microsoft Authenticator app.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  10. Show the URL that is missing when getting "missing, misconfigured, or does not match reply addresses configured for the application" error

    We have had a number of occasions where we get the "missing, misconfigured, or does not match reply addresses configured for the application" error when using our own applications with AAD as the IdP.

    Sometimes this requires extensive investigation to figure out the offending URL (whether it is missing, a typo, or syntax error).

    What would be handy is if the error gave administrators the offending URL to help direct the investigations.

    If there is a way of exporting this already, would be great to understand how.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  11. Provide email authentication

    We work in offshore platform where mobile network is not available

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add IPv6 support in Azure Active Directory so it'll work as a redirect for OAuth2

    Azure Active Directory doesn't support the input of an IPv6 address as a redirect URI for OAuth2, so it isn't possible to use e.g. the IPv6 loopback address as the redirect URI after completion of OAuth2 authorization for the purpose of retrieving the authorization code.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  13. Authentication does not work via SMS

    Please, choose better your provider of SMS Service, as clearly SMS does not properly work, codes are not delivered to cell pone via SMS

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  14. MS Azure SSO add-on for Jira/Confluence needs to lose button and use login prefilters

    Jira and Confluience Add-on for Azure sso needs to use Jira/Confluence filters instead to initiate login instead of requiring user to click a button when they go to Jira.

    Issue:
    As a simple concept, we have an application that has web links to Jira issues. If the user clicks the links to go to the issue, the user sees a blank page and the Jira login in the top right corner. What we need is for the add-on to see the user is trying to access a Jira, check authentication, and if not present, initiate the process.

    Bad workaround from…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  15. Improve the client secret generator

    The current secret generator presents two issues:


    • The length of the secrets varies, which is good, but sometimes it can be too short. Therefore I need to delete and regenerate secrets multiple times until I get a satisfactory length


    • Some of our clients uses legacy setup that for some reasons can't handle some special characters like curly brackets {


    My suggestion would be to improve the secret generator by letting us configure some criteria. E.g.:


    • Length of the secret (or min/max values, if we want to keep it variable)


    • Possibility to select type of supported characters (e.g. letters, digits, simple…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  16. Need admin approval page in azure has options to login as admin account, which is not working

    "Need admin approval" page is shown when adminconsent url is logged in by user, which is fine. It has as options to login with admin account.
    1. On clicking "Have an admin account? Sign in with that account"
    2. It redirect to login as admin, on login as global admin of the AD.
    3. It shows an error "AADSTS50197: Sorry, we could not find the user, please sign-in again."

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  17. Enable more visibility into which permissions Cloud Apps need

    There doesn't seem to be any documentation as to what rights/permissions various Cloud Apps need from other services.

    Example: When setting up exclusions within Conditional Access policies for cloud apps, simply selecting Teams isn't encompassing enough. You must also exclude SharePoint.

    Company Portal also uses more than just Intune and Intune Enrollment.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  18. The way to update the certificate for Run As account should be more flexible

    Currently, the self-signed certificate that you created for the Run As account expires one year from the date of creation and the certificate won’t be automatically updated. Although you can set your certificate to expire a very long time by using Azure PowerShell, some users wonder that it will be an issue if such a log certificate leaks. Such users are required to update the certificate every year before it expired. It would be great if the operations to update a certificate could be flexible as follows so that the uses can omit the troublesome procedure, which is updating the…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  19. phone system down

    My office phone system is offline, making it impossible to log in or change authentication info. What now?

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  20. Recovery does not work

    Please fix this app for recovery. I switch phones a lot for work purposes and MS Authenticator is bad for Backup/Recovery. I can backup to iCloud and it backs up one account. I'm now moving to LastPass Authenticator until MS can fix the recovery option.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
1 2 6 8 10 22 23
  • Don't see your idea?

Feedback and Knowledge Base