Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Customer-owned domains

    Run Azure AD B2C's sign-up & sign-in pages under a custom domain, for e.g., login.contoso.com, instead of login.microsoftonline.com.

    1,061 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    168 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  2. Programmatically register B2C applications

    I want to be able to call a Graph API to register new B2C applications

    240 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    25 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  3. Go Direct to Password Reset from Sign-In/Sign-Up

    The Sign-in only policy allows the user to go directly to the password reset.

    The Sign-in/Sign-Up does not allow this. The user gets redirected back and you have to handle AADB2C90118.

    Reference: https://stackoverflow.com/questions/41497158/azure-ad-b2c-self-service-password-reset-link-doesnt-work

    While this flow is useful for some people the opposite is also true. Please allow me to specify the password reset policy in my sign-in/sign-up policy so the round trip is not required if I don't want it.

    188 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    48 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  4. Custom password complexity

    Allow the ability to set different password complexities for local accounts in a B2C tenant.

    121 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    15 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  5. 70 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add a common (multi-tenant) Azure AD Identity Provider

    An idp that can be used to set up the AAD "common" tenant, which does home realm discovery (customer types in their email address and the real tenant is looked up) to find the actual AAD tenant. This would allow any customer with an AAD account in any AAD tenant (that has not disallowed it to be used with the common tenant) to authenticate.

    58 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  7. 45 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  8. AADB2C: Add multiply reply URLs with the same domain

    If you create an Azure Active Directory B2C and then add an Application for your Web API, your Web API will only be able to receive tokens from a client that shares the same Application ID.

    Currently, building a Web API that is accessed from several different clients is not supported.

    This means that if you want to add different clients, you can configure them with the restriction that redirect URLs must all belong to the same domain.

    But when you try to add them, for example:
    https://client1.domain.com

    https://client2.domain.com

    I receive an error saying that the reply URLs are not…

    44 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    13 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →

    It is possible to add multiple reply URLs within the same domain, unfortunately the experience is a bit clunky and we’re working on fixing this.

    At this time, in order to achieve this a setup with client1.domain.com and client2.domain.com as redirect URIs, you must first add the overarching domain as a redirect URI and then add the sub-domains, like so:

    1) https://domain.com
    2) https://client1.domain.com
    3) https://client2.domain.com

    Check out this article for more info:
    https://docs.microsoft.com/en-us/azure/active-directory/active-directory-v2-limitations#restrictions-on-redirect-uris

  9. AADB2C: Support Twitter

    B2C currently supports authenticating with various social networks, but not Twitter. Please consider supporting Twitter as well.

    30 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  10. Return social IdP's native access tokens back to the app

    Return social IdP's native access tokens (for e.g., Facebook access tokens) back to the app.

    21 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  11. Attribute Validation with Azure Functions.

    Would like the capability to provide method which allows post-validation for attributes using Azure Functions. It could be setup as a post-validation policy as well, which could specify the Azure Function(s) required to validate the attributes attached to it.

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  12. B2C analytics and reporting

    It would be great if there was some kind of reporting or/and analytics for B2C in Azure. For example can we find the successful user sign-ins or the total user count in B2C (greater than 1000)? You can see the user count lower than 1000 in the Azure AD blade -> Users and groups -> Overview.

    11 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →

    We are working on offering a set of Power BI reports with analytics about your Azure AD B2C tenant, including: user counts, active users, registrations, and conversion rates. These reports will be available as a Power BI content pack.

    There’s a private preview of this feature. If you have a subscription to Power BI Pro and want to join the preview, send an email to aadb2cpreview@microsoft.com with the name of your B2C tenant.

    /Sergio

  13. Support Github identity

    Would be great to extend the list of identity providers with GitHub, Azure AD and other identity providers to make our end-customers life easier.

    10 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →

    This is available in private preview and we’re actively looking for customers to try it out and give us feedback.
    If you’re interested, contact us at aadb2cpreview@microsoft.com with the following info:
    – TenantName (x.onmicrosoft.com)
    – Description of your app and why GitHub is relevant
    – Estimated user count (total to the app and specific to GitHub)

  14. REST API callout

    Support for calling REST APIs at the start and end of end user sign-up, sign-in and other flows.

    8 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  15. Risk based conditional access for b2c

    In order to reduce user friction the product should have conditional access programing to allow a safe sign in without asking to mutch information and avoid sending to much sms tokens

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base