Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Help locked out of Facebook

    Please I can’t see well and I accidentally deleted my Facebook account within the app. I have iCloud back up but that didn’t seem to do anything but sync the new version without the Facebook accounts to my other phone.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  2. Integration with ASP.Net WebForms (NOT MVC)

    I have seen and implemented many articles on how to do SSO against an MVC app and they work great. I am trying to integrate this into an existing WebForms (Non-MVC) .aspx application and having a login lopping issue.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  3. This is aweful - not understandable at all. Hate this.

    This is a horrible inconvenience and I don't understand these directions at all. Horrible explanation.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  4. sasa

    recover

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  5. If this is correct area; mobile app Authenticator needs better recognizable icon that is noticeably an MS product.

    If this is correct area; mobile app Authenticator needs better recognizable icon that is noticeably an MS product.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  6. Better customisation for claims with Azure AD Policies

    Right now I’m aware I can set SamlClaimType of http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier and this allows me to send a number of attributes in the format of urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress

    If I do not set a SamlClaimType then by default is sends a persistent nameId using the nameID format urn:oasis:names:tc:SAML:2.0:nameid-format:persistent. Can we support customisation to this like what can be done in the portal? In the portal I can set persistent to send the users ObjectId and a few other options, however I don’t see any documentation on how I can do this in a policy.

    Also support for the other two formats should be…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  7. mag reign kayo lahat

    mag reign kayo lahat

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  8. putang ina nyo, delayed ang verification code ng 15 min

    putang ina nyo talaga, san nakakintindi kayo ng Pilipino, mga bwiset!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  9. SAML token. Login ID look up in Claim management - source attribute.

    With the new option to sign-in to Azure AD with email as an alternate login ID (preview), it would be great to have access to the login ID in the source attribute when adding a new claim. It may be useful to able to pass the login ID in a SAML claim when it's different from user.email and UPN, especially if an account has multiple ProxyAddresses that can be used as login ID.
    Dynamic source attribute and an attribute lookup function in the transformation would be handy as well.
    Thank you.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  10. Were having issues with users not realizing the 2 factor option "click here to not be asked for 30 days" expiring and userse not realizing.

    When the 2 factor option for "Click here to not be bothered for 30days" expires it doesn't really prompt you very clearly that you need to sign back in. It's just a small icon on outlook. If you're busy or doing other things you don't notice.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add a «start» sync button for the Authenticator App

    I have noticed that the Authenticator App does not sync the newly added accounts with your existing backup. This is a huge oversight as I have fallen in that trap where I downloaded the app on a new phone only for then to lose half the accounts I had before.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  12. Avoid Sign-in prompt on iOS by adding Redirect URI scheme for Apple device in Safe List

    When adding a new Microsoft Exchange account under Settings / Password & Accounts on an Apple iOS device to access O365, after authentication a consent page is displayed (see screenshot). This page is not clear to users, and we have seen cases where the device would be stuck on it (Continue or Cancel wouldn’t work)
    Looking at AAD logs and after opening a case, we found out that this page is displayed because the redirect URI that the iOS device sends back to AAD is not in the “Safe List” (http://, https://, msauth:// (iOS only), msauthv2:// (iOS only)…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  13. 408132

    sorry not now

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  14. Authenticator Backup

    Authenticator backup should allow cloud backup to work or school accounts and allow recovery across devices.

    Presently, I cannot recover my work codes, via my personal account on an iOS device because the backup was originally taken on my Android phone.

    A backup that can't be restored is useless (if it's even that good).

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  15. Fix authentication app crashes

    Latest authenticator update for Android broke. Authenticator Appplicaton crashes and restarts endlessly. Drained my battery in under 8 hours. I have had to uninstall it so that my phone will keep working.

    Samsung Galaxy Note 5 (yes it's old but so what)

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  16. For 2 days I have been trying to access my email but your authenticating phone process will not allow me to do so. It allows 2-seconds only

    Can't access my email account because of your 2nd level authenticating process (phone call) happens too fast (2-seconds) then it automatically hangs up on me. I need to change the registered phone number. How can I do that?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  17. PRT with MFA strong authentication in token on hybrid Aad join/Aad join

    PRT with MFA strong authentication in token on hybrid Aad join/Aad join
    With Aad registered with strong authentication works correctly. User gets one mfa part of registration flow once and will skip mfa challenges even if Aad Ca is set for it. strong authentication .
    With hybrid Aad join there is no strong authentication part of flow. Yes you get a PRT but will not bypass/skip mfa challenges even if Aad Ca is set for it. No strong authentication.
    What I would like is hybrid Aad join to have strong authentication to bypass/skip mfa challenges even if Aad Ca is…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  18. Show log entries for basic attempts once basic authentication is blocked

    As noted in the article
    https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/disable-basic-authentication-in-exchange-online

    When it's blocked, Basic authentication in Exchange Online is blocked at the first pre-authentication step (Step 1 in the previous diagrams) before the request reaches Azure Active Directory or the on-premises IdP. The benefit of this approach is brute force or password spray attacks won't reach the IdP (which might trigger account lock-outs due to incorrect login attempts). The issue is that because of where blocked, the normal sign-in logs don't show it - which is good and bad

    It'd be nice to have those attempts still show up in the sign-in attempts log,…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  19. Make refreshing SSO sessions an option

    Currently, an SSO session has a fixed lifetime as configured by the SsoLifetime parameter, i.e., a user logs in, and once [SsoLifetime] minutes have passed, their SSO session ends, even if they were still active until minutes before.
    This is because a new SSO session is only created when an authentciation is performed, but as long as an SSO session is active, (of course) no authentication is performed.

    There are use cases, however, where we want the user to be able to extend their SSO session whenever they are active, provided that their current SSO session is still valid.

    It…

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  20. Delete my account on microsoft authenicator

    Hi, I accidentally remove/delete my school on microsoft authenicator, and I can not receive verification code now. What should I due? Everytime I choose to use other selection, it shows send code in my application or send notification in my application. That' s a deadlock.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 22 23
  • Don't see your idea?

Feedback and Knowledge Base