How can we improve Azure Active Directory?

← Azure Active Directory

Support HSTS HTTP Strict-Transport-Security on Azure AD Application Proxy

Support HSTS HTTP Strict-Transport-Security on Azure AD Application Proxy. Currently the Azure Application Proxy does not support the Strict-Transport-Security header. Please make App Proxy support this and maybe other customizable headers for DHS BOD 18-01 compliance. https://cyber.dhs.gov/bod/18-01/ The On-prem solution (Web Application Proxy) is also not compliant.

12 votes

Sign in

(thinking…)

Sign in with:

Microsoft

Forgot password?

Create a password

Signed in as (Sign out)

We’ll send you updates on this idea

W Spencer shared this idea · March 28, 2019 · Flag idea as inappropriate… · Admin →

started ·

AdminAzure AD Team (Product Owner, Microsoft Azure) responded · July 23, 2020

We’re working on a feature to enable this as a setting on an application. If you would like this enabled for your tenant as part of a preview please reach out to aadapfeedback@microsoft.com.

Show previous admin responses (1)

1 comment

Add a comment…

Sign in

(thinking…)

Sign in with:

Microsoft

Forgot password?

Create a password

Signed in as (Sign out)

Submitting...

An error occurred while saving the comment

Jon Sauter commented · July 20, 2020 15:01 · Flag as inappropriate

This is still flagged as 'under review' but appears to have been implemented in the product. This causes problems for applications that are not using HTTPS internally when the user connects to the application directly from on-prem. If HSTS is going to be a feature of App-Proxy then there needs to be a toggle for it (at the tenant- and/or at the application-level).

Submitting...

Azure Active Directory: Application Proxy

Searching…

No results.
Clear search results

Give feedback
- (General Feedback) 4,763 ideas
- ACE Tools 63 ideas
- Additional Services 318 ideas
- Analytics Platform System 14 ideas
- API Apps 1 idea
- API Management 557 ideas
- Automation 481 ideas
- Azure Active Directory 4,282 ideas
- Azure Active Directory Application Requests 264 ideas
- Azure Advisor 31 ideas
- Azure Analysis Services 170 ideas
- Azure API for FHIR 10 ideas
- Azure App Configuration 35 ideas
- Azure Arc 18 ideas
- Azure Backup 450 ideas
- Azure Blockchain Service 8 ideas
- Azure Bot Service 74 ideas
- Azure Cloud Shell 337 ideas
- Azure Confidential Compute 2 ideas
- Azure Container Instances 133 ideas
- Azure Container Registry 83 ideas
- Azure Cosmos DB 226 ideas
- Azure CycleCloud 3 ideas
- Azure Data Explorer 135 ideas
- Azure Data Share 9 ideas
- Azure Database for MariaDB 14 ideas
- Azure Database for MySQL 52 ideas
- Azure Database for PostgreSQL 118 ideas
- Azure Database Migration Service 69 ideas
- Azure Databricks 165 ideas
- Azure Dev Spaces 9 ideas
- Azure Digital Twins 29 ideas
- Azure Event Grid 53 ideas
- Azure FarmBeats 11 ideas
- Azure Functions 211 ideas
- Azure FXT Edge Filer 0 ideas
- Azure Governance 175 ideas
- Azure HPC Cache 0 ideas
- Azure IoT (Hub, DPS, SDKs) 294 ideas
- Azure IoT Central 146 ideas
- Azure IoT Device Catalog 13 ideas
- Azure IoT Edge 74 ideas
- Azure IoT Security 0 ideas
- Azure IoT Solution Accelerators 45 ideas
- Azure Key Vault 165 ideas
- Azure Kinect DK 57 ideas
- Azure Kubernetes Service (AKS) 248 ideas
- Azure Lighthouse 25 ideas
- Azure Management Groups 26 ideas
- Azure Maps 55 ideas
- Azure Marketplace 412 ideas
- Azure Media Services 228 ideas
- Azure Migrate 50 ideas
- Azure mobile app 263 ideas
- Azure Monitor 188 ideas
- Azure Monitor- Alert Management 140 ideas
- Azure Monitor-Application Insights 704 ideas
- Azure Monitor-Log Analytics 945 ideas
- Azure NetApp Files (ANF) 22 ideas
- Azure Pack 276 ideas
- Azure portal 2,069 ideas
- Azure Red Hat OpenShift 12 ideas
- Azure Remote Rendering 4 ideas
- Azure Reservations 189 ideas
- Azure Resource Manager 511 ideas
- Azure Search 267 ideas
- Azure Security Center 254 ideas
- Azure Sentinel 119 ideas
- Azure Service Health 32 ideas
- Azure SignalR Service 14 ideas
- Azure Spatial Anchors 26 ideas
- Azure Sphere 77 ideas
- Azure Spring Cloud 0 ideas
- Azure Stack HCI 1 idea
- Azure Stack Hub 187 ideas
- Azure Synapse Analytics 335 ideas
- Azure TCO Calculator 29 ideas
- Azure Time Series Insights 20 ideas
- Batch 36 ideas
- Batch AI 10 ideas
- Biztalk Services 14 ideas
- Blockchain 53 ideas
- Cache 31 ideas
- Change Tracking 12 ideas
- Cloud Services (Web and Worker Role) 274 ideas
- Cost Management 266 ideas
- Cross region move for Azure resources 11 ideas
- Customer Insights 13 ideas
- Customer Lockbox for Microsoft Azure 1 idea
- Data Catalog 163 ideas
- Data Factory 930 ideas
- Data Lake 351 ideas
- Data Science VM 23 ideas
- Diagnostics and Monitoring 194 ideas
- Event Hubs 35 ideas
- Global Infrastructure 44 ideas
- HDInsight 129 ideas
- Lab Services 318 ideas
- Logic Apps 1,625 ideas
- Machine Learning 179 ideas
- Mobile Engagement 19 ideas
- Networking 1,286 ideas
- Notification Hubs 35 ideas
- Project Bonsai 17 ideas
- Scheduler 42 ideas
- Scripting and Command Line Tools 101 ideas
- SDK and Tools 138 ideas
- Security and Compliance 94 ideas
- Service Bus 196 ideas
- Service Fabric 298 ideas
- Signup and Billing 1,676 ideas
- Site Recovery 277 ideas
- SQL Data Sync 67 ideas
- SQL Database 799 ideas
- SQL Managed Instance 137 ideas
- SQL Server 10,259 ideas
- SQL Server - Big Data Clusters 40 ideas
- Storage 949 ideas
- StorSimple 26 ideas
- Stream Analytics 252 ideas
- Support Feedback 266 ideas
- System Center Data Protection Manager 144 ideas
- Update Management 165 ideas
- Virtual Machines 1,623 ideas
- Web Apps 539 ideas
Microsoft Azure