Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Fix tab order for B2C login

    Please fix the tab order for B2C logins. Currently tab goes from the username field to the "Forgot your password" link. It should go from username to password.

    43 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add app roles to Azure AD B2C to support applications roles/claims

    Azure AD already supports this in the new app registration experience. Using this feature, an administrator can for example easily manage these roles (i.e. the claims) of a user and application. Currently the only way to manage these claims is for the end user to choose these claims at singup which defeats the point of authorizing users.

    This prevents us from making/hacking our own authorization system for Azure B2C and would provide nice clean native support for multi application scenarios within a single B2C tenant.

    9 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  3. Count of users in Azure B2C tenant

    $count isn't available yet in B2C, when will this be available?

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  4. B2C Custom Content - Add HiddenField as UserInputType

    When writing custom javascript in B2C it can be useful to output a claim value into the client side code for dynamic behavior. Today, this requires a dance to output as a display claim then hide the (readonly) inputs: see: https://stackoverflow.com/questions/66478604/b2c-custom-content-output-claim-value-as-hidden-field

    Please consider adding a HiddenField UserInputType: https://docs.microsoft.com/en-us/azure/active-directory-b2c/claimsschema#userinputtype

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  5. Support PIM on AAD B2C Tenants

    Today, in a B2C tenant no licenses can be purchased or obtained from trial. Unfortunately - Priveleged Identity Management requires a P2/E5 license to function and therefore cannot function on an AAD B2C tenant

    In a B2C tenant the same paradigms of PIM for administrators apply – (just in time access, just enough access, access reviews/audit history, time-bound, and break glass approval to activate ) to our AAD B2C Administrators. Without PIM our only option is to provide them standing administrator access which goes against security best practice and standards.

    There exist various different administration job responsibilities in a B2C…

    30 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  6. 5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  7. B2C Email verification code not interpreted as phone number

    My customer told me that he has problems copying the email verification code. Due to the fact that some codes start with a zero, his email program interprets it as a phone number and therefore offers the user a phone call interaction. Can you make sure that the verification codes are not interpreted as a phone number? Thank you

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  8. Support custom policies to be shared between different B2C tenants

    I tried to look how policies can be shared between multiple B2C tenants(e.g. dev and prod).
    Microsoft documentation specifies different methods of sharing such as inherit from basePolicy https://docs.microsoft.com/en-us/azure/active-directory-b2c/trustframeworkpolicy or
    include-technical-profile
    https://docs.microsoft.com/en-us/azure/active-directory-b2c/technicalprofiles#include-technical-profile
    but all within the same tenant.

    At the same time

    https://docs.microsoft.com/en-us/azure/active-directory-b2c/best-practices recommends
    “For easier operations and deployment roll-out, create separate environments for development, testing, pre-production, and production. Create Azure AD B2C tenants for each.”

    However each policy has attribute TenantId="mytenant.onmicrosoft.com", which will reference to different tenants, if I have separate B2C tenants for development and production.
    Furthermore we have 2 different , but architecturally similar sites for countryA…

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add the company name claim so that it maps correctly to the user's Job info

    Hello,

    I want to return Company name from user's B2C AD record in the Application Claims using user flows but It's not listed as one of the built-in options.
    I have added the companyname claimtype to our Azure AD B2C flow in multiple ways, yet none of them seems to map to the field "Company name" in the Azure user view under "Job info"
    Based on my research, looks like CompanyName attribute is not supported as B2C user profile attribute. If you create custom companyName attribute, it gets stored as extension<guid>companyName in the backend and it will not…

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add SCIM support to B2C tenants

    Hello,

    In order to have a similar behavior and usage of AAD and AAD B2C it would be very helpful if B2C would support provisioning using SCIM.

    Thanks,
    Oded

    11 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  11. Support OpenID Connect IdP authenticated by mTLS in Azure AD B2C

    Currently, Azure AD B2C allows adding OpenID Connect IdPs secured by a client secret. The OAuth specification allows alternative authentication methods such as certificate-based mutual TLS. Add support for OIDC IdPs authenticated by PKI based mutual TLS to Azure AD B2C.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  12. In B2C please support an external identity provider initiated SAML flow

    Please add support for an external identity provider initiated SAML flow where B2C is the service provider.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  13. Phone number Sign up/ Sign In-

    Instead of having "Verify Code " button to authenticate users. Can we incorporate verification functionality in signin /signup button . "Verify code " button just adding one extra step which wont be necessary.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  14. userjourney does not recognize sendclaims defined in subjourney

    B2C custom policy subjourney is feature in public review.

    Userjourney must define a claims provider of type "sendclaims" to return claims to relying party.

    Consider a scenario when a reusable subjourney of type "transfer" has sendclaims provider, and the subjourney is invoked from last orchestration step of a userjourney.

    Under this policy usage scenario, userjourney fails to recognize that the subjourney has already defined a sendclaims provider and responds with error : AADB2C90040: User journey 'SignIn' does not contain a send claims step.

    Requesting Azure AD B2C development team to take note of the feedback and enable detection of sendclaims…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  15. Azure AD B2C Unified sign-up page with IdP selections and signup form

    We are currently creating a signup page using custom policies. Since we have invite-only accounts, I was wondering if it is possible to have a signup page with the social idP selection (Facebook, Linkedin) and below the sign-up form on the same page instead of the user clicking on the "SignUpWithLogonEmailExchange" button and redirect to the page to fill up the signup details.
    Thanks
    Khushal

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  16. Delegated user administration in B2C

    Support of delegated user administration in B2C. A customer company or a responsible person with a proper delegated administrative role can manage their identities(add, modify, delete another customer identity).

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  17. Fix "Run now endpoint" "copy to clipboard" tooltip hiding copy button

    When viewing a custom policy in the Identity Experience Framework the "copy to clipboard" button in the "Run now endpoint" input is being hidden by its tooltip.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  18. visualize the MAUs of B2C tenant

    Hi,

    Since we all are interested in KPIs, especially when growing fast, we all are interested in our MAUs in Azure B2C.
    In the beginning just for monitoring, but later also for cost tracking. Please give an overview for this.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  19. Prepopulate password reset email address

    I can't find any documentation about how to prepopulate the email address in the password reset custom policy user flow (Sign-In prepopluation works when https://docs.microsoft.com/en-us/azure/active-directory-b2c/direct-signin?pivots=b2c-custom-policy is followed).

    I found this ticket: https://github.com/MicrosoftDocs/azure-docs/issues/37487 that states, that the mentioned behaviour it isn't possible (mid 2019). Are there any plans to allow this and therefore improve the B2C experience?

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  20. Configure timeout and retry count settings to REST api

    If there is slow or no response from the RESTful service to Azure AD B2C, the timeout is 30 seconds and the retry count is two times (meaning there are 3 tries in total). The timeout and retry count settings are NOT currently configurable. I would like a new feature to fully configure timeout and retry settings

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 25 26
  • Don't see your idea?

Feedback and Knowledge Base