Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Access reviews should also apply to Directory access

    Access Reviews should let you review guest users access on the directory level. Using a dynamic group with all guest users in it, I should be able to have access reviews DELETE the user from the Azure Active Directory rather than just removing the user from a group.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →
  2. Access review for subscription

    Expand access reviews to support Azure Subscription and Resources for explicit assigned identity.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →
  3. PIM Access Reviews Emails Alerts

    Would be great having the opportunity to edit or add a message into the Email sent by Azure.
    Eg. When someone has the role membership denied by a role owner, the user should get the email WITH the reason and not just the email saying that the has been removed.

    Also would be great allowing the GA's to add a message or create the reminders by themselves AND schedule it.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →
  4. Access review - domain admin & Global Admin

    Hi,

    Would be great if Access Reviews could include the on-prem group Domain Admins, and the Cloud based group GLobal Admins. Right now this is not possible.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you John for the feedback! My understanding is that you are referring to access reviews of privileged roles in the PIM experience.

    In regards to reviewing on-prem group Domain Admins, historically, groups like that were blocked by AAD connecto for not sending them to AAD, so they are filtered out.

    For cloud based group Global Admins, you can review global admins in the current PIM experience, these 2 articles should help you get started –
    docs.microsoft.com/en-us/azure/active-direc..

    docs.microsoft.com/en-us/azure/active-direc..

    If you have any more questions – feel free to email accessreviews@microsoft.com

  5. Access review

    There should be a validation message to check the end date before or equal start date.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →
  6. Access Reviews: Apply to new groups and/or multiple groups

    It would be VERY beneficial to apply an Access Review policy to new groups as they are created, eliminating the management overhead of creating new policies AFTER each group created.
    Also, if a Access Review Policy could be applied to multiple groups at a time, Access Reviewmanagement overhead would be reduced.

    32 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add Manager Option to Reviewers in Access Reviews

    Our organization requires Managers to approve access to Applications. Please give the option to require a manager to approve application access via the Access Reviews option.

    18 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →

    Hi Justin, thanks for the feedback! It will definitely be helpful to have managers as the reviewers, there is a “manager” attribute in AAD’s user profile, but it’s currently a string only. We are working to improve the architecture first, then we can leverage the data to automatically assign managers to be reviewers. If you have any more feedback or questions on this, feel free to comment on this thread or email accessreviews@microsoft.com.

2 Next →
  • Don't see your idea?

Feedback and Knowledge Base