Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow any App registered in Azure AD to have its own customized login page UI like in Azure AD B2C

    Nowadays, on Azure AD, you can customize the login page UI at the Organization level. This means ALL the registered apps will share the same UI, same branding, same css, etc.

    Please, add a way to customize the Azure AD login page UI & branding per-app like Azure AD B2C does via Custom Policies

    19 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  2. Error details website - JSON support

    Please provide us with an option so let the azure ad error details page (https://login.microsoftonline.com/error) return a JSON response.

    This enables a reliable way to get the error details, which could be used with Azure Sentinel/Monitor

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  3. Better education on GraphAPI

    I'm a new developer and I'm trying to learn how to use Graph to get tokens and access to Outlook calendar, but every training I find doesn't deal with using the product from a server based system. I can't even find paid education on the subject. Please help me find where I can get this training!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add support for assigning app roles to SPs in GUI

    Currently it is not possible to assign service principals to app roles in the GUI, even though it is a supported feature in Azure AD. Also, when assigning SPs, the GUI somewhat breaks, with "Role assigned" always listed as blank, and clicking the display name of the SP navigates to a "not found" page.

    Having this option would greatly ease of using consumer to API assignment with roles, using APIM and validate JWT feature.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  5. MSAL Swift library add Package.swift

    Pleas add a Package.swift file to Git. It would allow to use the Swift Package manager from the command line or from XCode. This would eliminate using 3rd party tools and would provide a great developer experience.

    Eddy

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  6. Publisher verification should support associated Partner Center accounts

    Publisher verification currently doesn't support scenarios where a separate (production) tenant is used (reference case # 120081923000005). Therefor the publisher verification doesn't work for larger scale scenarios where tenant isolation for production-level workloads is used.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add an endpoint for retrieving list of tenants where user is a guest

    We need an API for retrieving all tenants where user is guest. This is currently available in Resource Management API (https://docs.microsoft.com/en-us/rest/api/resources/tenants/list), but this gives access to lots of other Resource Management endpoints. When used it might even triggers a policy to force using MFA.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  8. Application Naming Convention Policy

    Please introduce a policy that will limit the names created applications can have to allow better organization and management.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  9. Make the resourceBehaviorOptions changeable

    Hello,

    we found the issue that you can't change the resourceBehaviorOptions of a Group (they are immutable). Due to that fact, we can't disable the "HideGroupInOutlook" Behavior option.

    Please make this an option for admins.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  10. Can you share a consolidated Azure AD security best practice and Microsoft recommendations for Azure AD

    I was looking for a consolidated document which covers all the aspect of the security best practices and the Microsoft recommendations for Azure AD. There should be generic documentation which a developer can follow during the developmental phase before utilizing the on-demand assessment or such features.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  11. Search App Registrations by tag

    Today is possible to add tags to App Registration via the "tags" property in the manifest. This field is searchable via the Microsoft Graph API but it's not on the Azure Portal. Please, add the capability to search for App Registrations via tags directly from the portal

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  12. MSI Access token timeout

    Provide a timeout config to refresh access tokens generated by MSI. As of now the timeout is 8 hrs and there is no option to force refresh. So having a lesser refresh time ~ 1 hr is helpful or if it is made configurable it is really assists the customers.

    Scenario failed:
    I added an MSI to the reader group of a shared image gallery. This MSI could read the image only after 8 hrs, until then an http 403 was returned.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  13. Enable the option for adding # in the reply url for Angular applications

    When developing angular applications etc, often the reply url would be something like https://myurl/#/callback. This is not possible today.

    22 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  14. Could we search for Service Principals as Azure Resources, as they're bots?

    Navigating to subscription to check and assign SP's roles feels like it could be made faster. Could we search for SP's through the Azure graph search on the top of the portal?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  15. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  16. Improved control of Client Secrets and Certifficates(also via PowerShell )

    At the moment there is lack of control via PowerShell for the Client Secrets.
    To list them up you have to use:
    Get-AzureADServicePrincipal and list PasswordCredentials
    If there is more than one key, they will be displayed in random order. This means that not always the active one will be presented as first.
    At the moment there is possibility to see expired certs /keys under App registrations (Preview)but there is no option of sorting. Also for apps with more client secrets, value is not displayed at all.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  17. meci

    merci

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  18. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  19. Ability to Grant Permissions via API or Powershell

    Azure AD allows you to create app registrations, define roles on them and give permissions to each other (as application identities). This way you can have a Web application talking to your API with its service principal and you can protect your API with roles.

    Service Principal creation, role definition and permission assignment can be done through Portal, Powershell and API. But in order to make Application Permissions (which requires admin consent) work, you need someone with Global Administrator role to go to Azure Portal and click Grant Permissions button (or do the same thing via OAuth prompt on your…

    220 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    18 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
    under review  ·  Azure AD Team responded

    Thank you for the feedback! This is in the backlog and we are looking into this. We don’t have an ETA yet, but we will share once we have one. Please keep voting if this feature matters to you.

  20. App registrations Redirect URI - Allow disable on a redirect uri entry

    Hi,

    It would be great if there was an enable / disable checkbox for redirect uri's.

    As a developer I am constantly adding / deleting the localhost redirect uri.

    Regards,
    Graham O'Riley
    Netdocs

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5
  • Don't see your idea?

Feedback and Knowledge Base