Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Cannot Change back SCIM from Automatic to Manual.

    I am implementing SCIM and I setup Provisioning to Auto. I want now to move back to Manual, but the item is grey-out, so it's stuck in Automatic.
    How I can change it? Delete the whole application?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  2. ADD Documentation for Percipio ( skillsoft product )

    Percipio ( Skillsoft's SaaS Application ) SAML APP documentation is needed

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  3. BSD

    SE:

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow to define delegation authorization rules.

    [ADFS to Azure AD App migration]

    The application has custom delegation authorization rules defined. Azure AD doesn’t support this today.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow to source user attributes from external directories (different than Active Directory) to be emitted in the SAML token

    The relying party is configured to source claims from another claim provider different than Active Directory. We need to be able to do this in Azure AD.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  6. Allow in Azure AD to specify certain authentication types

    [ADFS to Azure AD App migration]

    This is a setting in AD FS that let you specify whether the application is configured to only allow certain authentication types. Azure AD doesn’t support this today.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow multiple WS-Fed assertion endpoints

    [ADFS to Azure AD App migration]

    Azure AD only supports (1) one of these today.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add more attributes for Workday writeback

    Provisioning from Workday to AD has almost every attribute of an AD user available to be used. But when doing writeback from AD to Workday, email address is the only value available that anyone would use. We would like to write back office phone and fax number because those are systems falling within IT jurisdiction and it makes more sense to have AD as the source of truth. Otherwise, IT has to email HR and have them make the change.

    Also, Workday provisioning doesn't set the "user must change password at next logon" even though it sets a random password…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  9. Be able to provide credentials when assigning an Enterprise Application through PowerShell

    We are on-boarding hundreds of SaaS applications in to Enterprise Apps across a number of customers.

    When we assign these Enterprise Apps to users/groups we populate the credentials so they don't need to ever know them.

    Currently this is having to be done manually in the portal (which is really really time consuming) but we need it to be available as an option/action through PowerShell.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  10. How to export NSF file from Lotus Notes?

    Choose a smart tool which can perform the entire process of NSF data exportation from Lotus Notes. eSoftTools NSF to PST converter software is one such organization. The user can see entire database on the screen in a layout which is easily readable. It does not require MS Outlook installation to provide best results. A free demo edition is also offered to all users. This tool works well with all editions of IBM Lotus Notes and MS Windows OS. Each element of the mailbox can be restored without structural changed
    • Simply select .nsf file and then elements which are…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  11. *Workday to Azure AD UPN attribute our requirement is upn and email should create like this firstnamefirstletterandlastname@domain.com.au

    *Workday to Azure AD UPN attribute

    our requirement is upn and email should create like this firstnamefirstletterandlastname@domain.com.au
    for Example

    Firstname : Sam
    lastname :Dood
    upn should like this sdood@domain.com.au
    With the help of an expression its creating no issue.

    Issue is if we have a duplicate user and if the upn already exist in Azure AD ,based on our expression user is not provisioning .Not sure the expression is correct.
    we need to create upn based on this requirement firstnamefirst2letterandlastname@domain.com.au

    for example Samson Dood
    First Name : Samson
    Last Name :Dood

    UPN should create like this : sadood@domain.com.au

    Please provide…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add Support for Replacing the text in attribute

    lets assume that user email is "xyz@abc.com".
    condition:
    if the user email is having @abc.com then replace @abc.com with @pqr.com

    Thanks,
    Sharan

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  13. Add an APPEND transformation method to SAML claims

    I would like to append static text to the end of an attribute. The Join method has two attributes required, with a static separator. Join would work if attribute #2 was not required.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  14. User.Manager and User.Mobile User claims

    Can we please add more User Claims? Reporting Manager and Mobile number are pretty important to us.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add support for more Regular Expressions as part of the SAML

    With the claims that are being issued currently it is immposible to accomplish things like stripping leading 0 values from an attribute. As an example if the EmployeeID field holds 001234 then I could use Extract After Matching set to 0 and it would return 1234 as expected, but if that come across the employeeID of 120345 then the result is 345 rather than 120345.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add support for Chrome OS

    We need users access Exchange only from Android and iOS. In Conditional Access rule, "Any device" is selected and grant access only if user access from "Approved Client App". But users are able to access email from Outlook in Chrome OS. As per Microsoft, neither conditional access nor Approve app support Chrome OS. So users are able to access emails from Chrome OS.

    Can Chrome OS support be added as part of Conditional Access rule? This is a major security threat for us as we are finance.organization.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  17. SCIM for zoom

    Without provisioning, I was able to map my new "JIT" provisioned Zoom users to type=pro in the SSO config.
    Now with SCIM, everyone is set to Basic by default and I don't see anywhere to change that. How can I set users to pro by default or based on the azure app assignment (where I can set it).

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  18. Support claims transformation on user.assignedroles

    I can't apply a claim transformation method to the source attribute user.assignedroles or any multi value.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  19. Allow adding a suffix to the end of the email in the name identifier(nameID)

    Allow to add a suffix to the end of the email and send it as the name ID. For example:
     

    user@domain.com is the email, that is being sent as the nameID, but we need to add a suffix at the end, example "test", so Azure will send user@domain.com.test as the name identifier(nameID)

    We know that this possible with AD FS using replace email suffix with new email suffix and we need to have the same behavior in Azure AD. This is needed because we have multiple ORG at Salesforce and each ORG needs to use a unique email address…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  20. Find and Replace Claims Transformation Function

    When customizing the claims issued in the SAML token by Azure AD for single sign on, there should be a claims transformation rule that allows for a Find and Replace transformation. For example:

    If 'user.extensionattribute10' contains '@', then replace '@' with 'A'.​

    11 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5
  • Don't see your idea?

Feedback and Knowledge Base