Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

How can we improve Azure Active Directory?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow the ability to import and assign MFA hard tokens to be delegated

    right now, only a global admin can import and assign mfa hard tokens. It'd be great to be able to delegate that ability to helpdesk or security team members. It really seems like something the existing Authentication Administrator role should be able to do

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  2. MFA Office Phone calling should identify extensions by comma

    Users are typically set in AD with a comma preceding their extension for their Office phones. This is so that users can click on someone's phone number using their cell phone to dial numbers automatically.
    Having to change to " x" breaks this functionality that and in turn when calling from a shared company number, random users become associated with the caller ID.
    In short Azure should be able to work with commas to be able to identify and dial Office phone extensions to prevent breaking other systems.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  3. Combined security information registration (Preview) language issue

    The Combined Security Information Registration outlined in the follow documentation is not functioning as described.

    https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-registration-mfa-sspr-combined

    The Language is not pulling from the browser. In my scenario if I set this up using French language and have my German users attempt the process they are receiving the security questions in French and not German. The documentation outlines the language settings are of the computer accessing the page. This is not what I am experiencing.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  4. Change the recommended account type from "Other" to "Work or School" account in certain circumstances when installing the Authenticator app

    When the Global Administrator chooses to combine MFA and SSPR setup and not allow the authenticator app choice of 'approve or deny', but only allows authentication by 'code', the user's choice of three accounts: Personal, Work or School, and other -- the web page suggests the user setup their account as 'other'.

    In other words, on the "Keep you account secure" page (as you're setting up the authenticator app in this scenario) asks the user to select "other" instead of "Work or School". It seems that removing the choice of "approve / deny" for the tenant for security reasons, shouldn't…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  5. Need to restrict MFA type by user group

    Use a group policy to restrict the MFA type (i.e. app only) allowed.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  6. Is there way we can add Authentication contact info via power shell

    is there way we can we can add Authentication contact info via power shell Like
    Phone,Alternate phone,Email & Alternate email via power shell ?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  7. Converged MFA/SSPR does not activate Office Phone as MFA method without setting to default

    When using the new Converged MFA/SSPR registration it does not activate the Office Phone as an authentication method unless i set it to primary. Also, this experience does not show the extension information from AD as the previous enrollment page shows.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow organizations to randomly send an MFA request to test/train the user

    Some organizations are testing their users by an anti-phishing campaign. The idea is simple: the organization randomly sends a phishing email to the user. If the user clicks on the link, the user is informed about the campaign and how to prevent this from happening again. If the user clicks on a link for the second time, the user is required to complete a training on this topic.

    I would like to see this for MFA as well. MFA blocks 99.9 % of all the malicious authentication requests, but that's when we assume that the user is completely aware of…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow per user exceptions to Azure AD MFA

    I have several service accounts that need to work with NPS Radius MFA and O365 MFA. I would like these accounts to automatically be successful not requiring MFA prompt so they will work for service accounts

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  10. Radius fail Open

    When using AUTHN Azure MFA with on premise Windows Server NPS, currently if the cloud service is unreachable users are blocked from completing MFA validation until service is restored or AUTHN/AUTHZ registry settings are removed.
    Ideally would have ability to set that if no response from Azure MFA in x seconds allow user to be authenticated with single factor.
    Other MFA vendors have this capability.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  11. Pre-set End user’s phone number

    IT Admin expected that they are able to pre-set MFA phone number for end users so as to restrict the end user to only use compliance phone.
    IT Admin also expected that they could have full control to set the authentication method for users .

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  12. We need three methods: (1) Dial a phone number (2) SIP URI Dial (3) SmartPhone App to multi-factor authenticate via Phone Factor

    We need three methods: (1) Dial a phone number (2) SIP URI Dial (3) SmartPhone App to multi-factor authenticate via Phone Factor. Today methods 1 and 3 are supported. As systems move to VoIP, SIP URI will become the standard way to dial a hardware/software based phone.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  13. Token activation Verification code cannot start with a 0

    When activating a OATH Token a verification code can not start with a zero, the 0 is removed automatically and activation fails

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow user admins to see and/or set MFA methods of user in Authentication methods menu in Azure AD

    currently with MFA+SSPR combined; when an admin goes to look up a user > Authentication methods in Azure AD. They can see and set only the users phone.

    It should atleast show:
    - if the user if enrolled in MFA cloud
    - if so, what is their default method
    - allow the admin to change the default method for the user or set the user's default method to get the user started. for example, allow the admin to set a brand new user to have default mfa method of phone call, and then the user can go change settings themselves…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  15. Azure MFA server does not support E-Mail as an Authentication method, i.e. OTP getting delivered to EMail. This feature is required.

    Azure MFA does not support OTP over E-Mail, The support for the same is required for scenarios where Mobile is not allowed inside the premises due to security and has to be submitted outside at security desk. In such cases, OTP can be checked over E-MAil but that is not supported by MFA. Please suggest,

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  16. Why My Gmail Not Receiving Emails? How to fix it?

    Get gmail related error solution for how to fix my gmail not receiving emails error via the customer service executives.Call 1855-345-8210 toll free number for help.
    For more info visit the given link:
    http://www.askhelpme.com/blog/gmail-not-receiving-emails

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  17. Filtering on “MFA Auth Method” via the interface

    Filtering on “MFA Auth Method” via the interface, would be beneficial on the report we are looking at. Downloading the report is not really a good option as the report has over 250000 rows and last time we tried the download failed.

    The report doesn’t show us any data as we aren’t using MFA server, just Conditional Access policies.

    The report shows us the data, but doesn’t allow us to filter on MFA Auth Method.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  18. Filtering on “MFA Auth Method” via the interface

    Filtering on “MFA Auth Method” via the interface, would be beneficial on the report we are looking at. Downloading the report is not really a good option as the report has over 250000 rows and last time we tried the download failed.

    The report doesn’t show us any data as we aren’t using MFA server, just Conditional Access policies.

    The report shows us the data, but doesn’t allow us to filter on MFA Auth Method.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  19. Authenticator Backup for Android

    Hello,

    Could we get an update on the back up feature for the authenticator app please? Your article last year stated it was coming soon and the feature doesn't appear to have landed yet. This is effecting the take up of MFA as when people change their device they loose their 2FA tokens.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  20. Update MFA number using Graph API

    I've seen various articles/requests for the ability to modify MFA number using the Graph API.

    All of these are dated early-mid 2018.

    I have not seen any progress or information that it is possible yet.

    What are the plans/roadmap for this feature? The need is becoming more important for us, and we've been waiting for this.

    Any information would be helpful.
    Thanks, Ricky

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 13 14
  • Don't see your idea?

Feedback and Knowledge Base