Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. AD Application Proxy: Enable home realm discovery using domain hint

    It would be nice to have an option to be able to set a domain hint when we are exposing internal web applications using the AD Application proxy. This way we can direct user to our own ADFS federation page without going through the generic sign-in page first.

    16 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  1 comment  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  2. Changes in MyAccess and MyApps

    1. In MyAccess portal, change the view by Catalogs and not by Access Packages
    2. combine MyApps and MyAccess portals for better user experience
    3. Add an option to add Logo and company icon to MyApps and MyAccess that the end user will know he in the right place (the new myapps portal)
    15 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  3. Where is application registered in Azure Active Directory?

    I registered a new application in https://apps.dev.microsoft.com and afterwards it says "This application will be registered in the Azure Active Directory instance used to manage your xxxx@yyyy.zzz account." I can't see it anywhere.

    How about providing a link to it instead of hiding it away where I can't find it, that is if it is even actually visible.

    15 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →

    Alan, if I understand correctly, you are saying you cannot see the converged apps you registered on apps.dev.microsoft.com in the Azure Portal. Converged apps cannot currently be managed in the Azure Portal, even though they are registered in the Azure AD tenant listed in the message. If you would like to manage converged apps in the Azure Portal, please post that as an idea/suggestion or vote for it once the post exists.

  4. Support for Salesforce Permission Set Group in the Salesforce Connector

    Would be great to add the support for Salesforce Permission Set Group in the Salesforce Connector.

    14 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  2 comments  ·  Provisioning to Applications  ·  Flag idea as inappropriate…  ·  Admin →
  5. Azure AD Cloud Provisioning: Add support for device sync

    Currently devices are not synchronized by Cloud Provisioning, not having that makes it unable to do Win10 hybrid device join as the computer need to authenticate to AAD.

    From my point of view this is the Nr. 1 topic to implement.

    14 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  2 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add support to manage MIM Sync engine remotely from webportal and powershell

    It would be nice to be ale to manage the MIM sync Engine from remote like you can with the portal part. The need for RDP and local RPC client directly on the server is not good

    14 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Microsoft Identity Manager  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow dynamic permission set assignment in Salesforce provisioning

    Right now AAD supports a "Permission Sets"attribute, however this is not usable. Salesforce users have multiple Permission Sets, which are dependent on their O365 groups. For example, members of the O365 group "IT Services Team" would get the permission set "IT Services" in Salesforce. Until AAD's Salesforce connector supports mapping Permission Sets based on group membership in AAD, most organizations will not be able to use AAD for Salesforce provisioning.

    13 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  Provisioning to Applications  ·  Flag idea as inappropriate…  ·  Admin →
  8. Enable PIM assignment for a guest user in a specific directory

    We use powershell to activate PIM for users, but when we change to a specific directory, the get-privilegedroleassignment cmdlet still lists the roles available in the "home" directory, rather than the directory that you're currently in..

    connect-pimservice -TenantName <XXXX>

    has no effect on the get-privilegedroleassignment command

    13 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  1 comment  ·  Privileged Identity Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. Create Custom Controls for Azure AD conditional policies without offline process

    First of all thank you very much for the Custom Controls functionality for Azure AD.
    I just found through an Azure Support channel that today, you need to contact Microsoft to become a "valid" provider for custom controls.
    It would be great if you could make the registration process online and automated as I see a lot of potential for customers to want to implement their own validation logic during the authentication pipeline.

    Having to offline register with Microsoft in order to have a compatible service will make it much harder to push this feature forward.

    13 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow admins to unlock user accounts

    Admin SSPR allows password reset. User unlock in this same portal would be helpful.

    Thanks for your consideration -Zack

    13 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  11. Remove SCSM dependency for MIM Reporting

    Installing SCSM is time consuming and too much of a product when clients only need it for MIM Reporting.
    Also, when it comes to flowing custom attributes to the DW in order to customize the reports, it gets a bit tricky and also time consuming.

    13 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Microsoft Identity Manager  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for your feedback. We have heard the concerns that deploying System Center Service Manager and Data Warehouse are a high barrier to getting reports from MIM, so we are currently working on improvements to the hybrid reporting integration that will enable building reports on password resets and group membership changes in MIM to be much more straightforward. Thanks, Mark Wahl

  12. Customized message for approved access packages

    When access package requests are being approved, the user receives a generic email informing of "You now have access to XYZ".
    It would improve the service vastly if the contents of this "approved-mail" could be customized with further instructions for where the user may access the resources they have been assigned.

    As it is now, the user even get's a misleading button in the email saying "Get started" which just leads back to the My Access portal.

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  Entitlement Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. Ability to search on all Azure resources and resource groups in the "Resource filter" experience

    Azure resources/resource groups search in PIM doesn’t search my entire pool of resources /resource groups. It only searches by page. I have to click "load more" 15+ times to find some of my resource groups which is a horrible UX and seems more like a bug to me.

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  Privileged Identity Management  ·  Flag idea as inappropriate…  ·  Admin →
  14. Please support Group Managed Service Accounts for Azure AD App Proxy

    Please support Group Managed Service Accounts for Azure AD App Proxy. Without it we have to manage the Kerberos Constrained Delegation Settings for each App Proxy Connector separately. A misconfiguration at this setting has a fatal security impact so we would really appreciate to do it once per connector group.

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  15. Integrate site mapping for Samanage App

    I am provisioning users from AAD to Samanage and I am trying to map the AD attribute "physicalDeliveryOfficeName" to the Samanage "site" attribute. This mapping is currently not supported and I would find it useful.

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Provisioning to Applications  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add the ability to temporarily block a published app (published with an AAD Proxy) during its maintenance hours

    We start publishing our on premise web applications into MyApps with Azure Active Directory proxies. But our applications have weekly or even daily maintenance operations. In this case those apps are not working. It will be great if we can grey out an application during specipic periods on myapps to make sure we won't have any issue with our users. The idea would be to gray out the application for the end users during a given period so that they can not launch it from Myapps.

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  17. Make Search Scopes exportable

    Make Search scope results (i.e. Search results / lists) in the MIM Portal exportable to Excel and/or CSV-files. Include all columns specified in the Search Scope.

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Microsoft Identity Manager  ·  Flag idea as inappropriate…  ·  Admin →
  18. Extend All Create aspx sites in FIM Portal to allow prefill RCDC's

    Extend all Create aspx sites (like CreateCustomizedObject.aspx, CreatePerson.aspx and so on) in FIM Portal to allow additional Parameters for init values in RCDC.

    Like:
    CreatePerson.aspx?EmployeeType=internal?......
    or
    CreateCustomizedObject.aspx?type=myCustomType&display=myCustomType?SomeReferenceAttribut=GUID

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Microsoft Identity Manager  ·  Flag idea as inappropriate…  ·  Admin →
  19. UocListView support for sorting

    Extending UocListView with an other Property like Sorting, to define a custom sort. It should support functionality like ascending and descending. This should be possible for String and DateTime attributes

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Microsoft Identity Manager  ·  Flag idea as inappropriate…  ·  Admin →
  20. Azure Active Directory License assignment

    It appears to not do a recursive search of the groups you assign AAD Basic and Premium too. Please add the ability to do recursive group license assignments.

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Licensing  ·  Flag idea as inappropriate…  ·  Admin →
1 2 5 7 9 15 16
  • Don't see your idea?

Feedback and Knowledge Base