Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Server authentication

    I would love to be able to fully deploy Azure MFA to all server authentication requests. I just recently rolled out Azure MFA to my remote access VPNs. It would be great if I include more services like server authentication. Currently I am using RSA MFA when logging in to servers, where I am prompted for a passcode after entering my AD credentials. I would love to use Azure MFA in a similar manner, where I can approve the login request through the Authenticator app, or use the passcode generated in the app.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow more than 150 groups to be returned in the SAML assertion

    As part of the SAML assertion of a user we get the groups from the Azure AD. But for some users that are in many groups (> 150) Azure AD does not send the list of groups.
    Please allow either more than 150 groups or enable an easy way to get all groups of a user.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  3. Custom code to extend token / claims

    It would be nice to be able to use code to inject custom field/claims into the token.
    Classic usage would be calling a third party service to inject dynamics field to be used by applications instead of having each application develop this.

    Ideally something similar to Auth0 rules mechanism: https://auth0.com/docs/rules

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  4. Support other languages for Azure MFA NPS extension notification (iOS)

    At the moment the MFA notifcation popup shows only in english language on iOS devices.

    As you can see in the attached screenshot the language of the popup is in english even though the language of the iOS device is set to i.e. german.

    Please support other languages for the extension.

    At best the language is tailored to the language which is set on the notified device.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  5. Support other languages for Azure MFA NPS extension notification (iOS)

    At the moment the MFA notifcation popup shows only in english language on iOS devices.

    As you can see in the attached screenshot the language of the popup is in english even though the language of the iOS device is set to i.e. german.

    Please support other languages for the extension.

    At best the language is tailored to the language which is set on the notified device.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  6. Variable password complexity requirements / multiple assignable password complexity policies

    I'd like the ability to configure multiple password complexity requirements / policies, and assign them based on for instance:
    * Azure AD Groups (Ex: All users in a group gets affected, all not assigned to a complexity gets the tenant default complexity)
    * Azure AD Role (Any or specific roles)
    * Subscription role on any of subsbriptions tied to tenant (Ex. User has "owner" on one of the subscriptions)

    This would make sense as regular users should be able to create short, memorable passwords. Admin users on the other hand, should have complex, random generated, long passwords, and use password…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  7. Support Android Biometrics (Face) Unlock for Microsoft Authenticator

    The Microsoft Authenticator Android app should support the new Biometrics (Face) Unlock API. Currently face unlock is not supported for devices such as Pixel 4.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  8. Remove two factor

    It is more of an inconvenience that an asset. It doesn't help me feel my account is secure as I have already felt it was secure by having a password that only I knew. This feature is very frustrating as sometime it does not work and then I am not able to log in to my account to complete my course work or view assignments. People should be asked if they would like to turn this feature on versus being made to do so.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  9. I am the administrator for the account and the phone number that appears I no lo9nguer have access to

    I am the account administrator and the phone number that appears for 2 factor auth, I no longer have access to?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  10. OAuth-based generation of SAML tokens

    It would be very useful to be able to use an OAuth flow (both for regular user authorization, as well as a client-credentials flow for service principals) to obtain a SAML, rather than JWT token.

    This could be achieved by either doing an OAuth flow that produces a SAML token directly, or by exposing an endpoint capable of taking a JWT token and returning a SAML token for the application (the opposite of the OAuth2 SAML bearer assertion flow, essentially).

    The scenario for this is applications that need to support modern authentication in order to authenticate to external applications that…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  11. This authentication app

    the authentication app makes me frustrated. More passwords, codes, sms, devices. Make proper software and do not change procedures each time. i am not a software guy and i do not be one. 2 way verification is safer than 1...duhh. You can make 1000 way verification which is even more safe but not workable.
    I have a pc, need to log in with a password. When i want to see my company account i need a VPN with again a password.
    Than suddenly i see that i need Microsoft verification with this app.
    This app doesn't work when i needed.…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  12. Windows Hello for Business in AAD/AD Hybrid too complicated for SMB

    Currently the process to enable Azure AD-joined users to authenticate to on-premises systems is complex and requires multiple servers and specialized expertise. Can we enable a simplified approach to enabling Hybrid environments to support Azure-AD Joined Windows 10 using Windows Hello for Business without complicated Key Trust or Certificate Trust implementations, or at least simplify the setup of those environments so that SMB may easily accomplish this?

    10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  13. Support Emitting objectGUID for Group Claims

    Currently you cannot emit a group objectGUID as a group claim even if you are syncing it as a directory extension via Azure AD Connect. This should be a claim type that is available with the group claims feature.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add the ability to access codes from Apple Watch

    Apple watch app only works for MS personal or work accounts. Would be great to be able to access the codes from other accounts via the watch app, as you can from the iPhone app.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  15. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  16. 中国无法下下载 Microsoft Authenticator安卓版

    不知道中国是无法登陆google play应用商店的吗?问什么不给中国单独提供一个下载方式么?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  17. Really tired of getting this.... Your organization needs more information to keep your account secured. No... you don't. I

    Stop sending these messages. They are annoying and time consuming and with all the hacks out there, I don't think it's prudent to keep so much information about people online to begin with.

    Stop asking me for my information.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  18. What happens if you do not have you personal cell phone with you and need to get something done for the district? The district use

    I do not have my personal cell phone that the district expects me to have but does not pay for. How can I sign into my google account if they keep sending sign in verifications to my personal cell phone?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  19. Visual Studio - Connected Services - Authentication with Azure Active Directory - Fails

    The Visual Studio, Connected Services, Authentication with Azure Active Directory configuration tool fails if the web.config appSettings has a file="xxxx" attribute.

    VS 16.2.5

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  20. I am experiencing an error message when I attempt to open mysource, which is requiring me to download a microsoft

    When I attempt to log into mysource I am presented with the error requiring me to login to an app on my phone in order to access the site. Each day it is allowing me to access a "skip for now" option that counts down the days stating shortly I will no longer have access to the function.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 17 18
  • Don't see your idea?

Feedback and Knowledge Base