How can we improve Azure Active Directory?

← Azure Active Directory

Support HSTS HTTP Strict-Transport-Security on Azure AD Application Proxy

Support HSTS HTTP Strict-Transport-Security on Azure AD Application Proxy. Currently the Azure Application Proxy does not support the Strict-Transport-Security header. Please make App Proxy support this and maybe other customizable headers for DHS BOD 18-01 compliance. https://cyber.dhs.gov/bod/18-01/ The On-prem solution (Web Application Proxy) is also not compliant.

16 votes

W Spencer shared this idea · Mar 28, 2019 · Flag idea as inappropriate… · Admin →

started ·

AdminAzure AD Team (Product Owner, Microsoft Azure) responded · Jul 23, 2020

We’re working on a feature to enable this as a setting on an application. If you would like this enabled for your tenant as part of a preview please reach out to aadapfeedback@microsoft.com.

Show previous admin responses (1)

1 comment

An error occurred while saving the comment

Jon Sauter commented · July 20, 2020 3:01 PM · Flag as inappropriate

This is still flagged as 'under review' but appears to have been implemented in the product. This causes problems for applications that are not using HTTPS internally when the user connects to the application directly from on-prem. If HSTS is going to be a feature of App-Proxy then there needs to be a toggle for it (at the tenant- and/or at the application-level).

Submitting...

Azure Active Directory: Application Proxy

Searching…

No results.
Clear search results

Give feedback
- (General Feedback) 6,635 ideas
- Additional Services 325 ideas
- Analytics Platform System 20 ideas
- API Apps 0 ideas
- API Management 638 ideas
- Automation 515 ideas
- Azure Active Directory 5,050 ideas
- Azure Active Directory Application Requests 275 ideas
- Azure Advisor 32 ideas
- Azure Analysis Services 187 ideas
- Azure API for FHIR 12 ideas
- Azure App Configuration 45 ideas
- Azure Arc 27 ideas
- Azure Automanage 4 ideas
- Azure Backup 540 ideas
- Azure Blockchain Service 11 ideas
- Azure Bot Service 35 ideas
- Azure Certified Device 15 ideas
- Azure Cloud Shell 367 ideas
- Azure Cognitive Services 43 ideas
- Azure Confidential Compute 1 idea
- Azure Container Instances 165 ideas
- Azure Container Registry 97 ideas
- Azure Cosmos DB 276 ideas
- Azure CycleCloud 5 ideas
- Azure Data Explorer 209 ideas
- Azure Data Share 11 ideas
- Azure Database for MariaDB 18 ideas
- Azure Database for MySQL 70 ideas
- Azure Database for PostgreSQL 155 ideas
- Azure Database Migration Service 78 ideas
- Azure Databricks 271 ideas
- Azure Dev Spaces 10 ideas
- Azure Digital Twins 20 ideas
- Azure Event Grid 66 ideas
- Azure FarmBeats 12 ideas
- Azure Functions 235 ideas
- Azure FXT Edge Filer 0 ideas
- Azure Governance 196 ideas
- Azure HPC Cache 0 ideas
- Azure IoT (Hub, DPS, SDKs) 325 ideas
- Azure IoT Central 153 ideas
- Azure IoT Edge 87 ideas
- Azure IoT Security 0 ideas
- Azure IoT Solution Accelerators 45 ideas
- Azure Key Vault 173 ideas
- Azure Kinect DK 66 ideas
- Azure Kubernetes Service (AKS) 295 ideas
- Azure Lighthouse 30 ideas
- Azure Management Groups 23 ideas
- Azure Maps 74 ideas
- Azure Marketplace 456 ideas
- Azure Media Services 255 ideas
- Azure Migrate 61 ideas
- Azure mobile app 359 ideas
- Azure Monitor 252 ideas
- Azure Monitor- Alert Management 158 ideas
- Azure Monitor-Application Insights 795 ideas
- Azure Monitor-Log Analytics 996 ideas
- Azure NetApp Files (ANF) 31 ideas
- Azure Pack 297 ideas
- Azure portal 2,196 ideas
- Azure Purview 157 ideas
- Azure Quantum 0 ideas
- Azure Red Hat OpenShift 12 ideas
- Azure Remote Rendering 10 ideas
- Azure Reservations 182 ideas
- Azure Resource Manager 556 ideas
- Azure Search 289 ideas
- Azure Security Center 309 ideas
- Azure Sentinel 116 ideas
- Azure Service Health 41 ideas
- Azure SignalR Service 17 ideas
- Azure Spatial Anchors 30 ideas
- Azure Sphere 82 ideas
- Azure Spring Cloud 3 ideas
- Azure Stack HCI 7 ideas
- Azure Stack Hub 202 ideas
- Azure Synapse Analytics 457 ideas
- Azure TCO Calculator 30 ideas
- Azure Time Series Insights 30 ideas
- Batch 36 ideas
- Batch AI 10 ideas
- Biztalk Services 14 ideas
- Blockchain 55 ideas
- Cache 41 ideas
- Change Tracking 12 ideas
- Cloud Services (Web and Worker Role) 272 ideas
- Cost Management 342 ideas
- Cross region move for Azure resources 11 ideas
- Customer Insights 13 ideas
- Customer Lockbox for Microsoft Azure 1 idea
- Data Catalog 178 ideas
- Data Factory 1,217 ideas
- Data Lake 355 ideas
- Data Science VM 24 ideas
- Diagnostics and Monitoring 202 ideas
- Event Hubs 42 ideas
- Global Infrastructure 44 ideas
- HDInsight 133 ideas
- Lab Services 374 ideas
- Logic Apps 1,827 ideas
- Machine Learning 231 ideas
- Mobile Engagement 19 ideas
- Networking 1,435 ideas
- Notification Hubs 36 ideas
- Project Bonsai 30 ideas
- Scheduler 43 ideas
- Scripting and Command Line Tools 102 ideas
- SDK and Tools 148 ideas
- Security and Compliance 104 ideas
- Service Bus 206 ideas
- Service Fabric 304 ideas
- Signup and Billing 1,781 ideas
- Site Recovery 297 ideas
- SQL Data Sync 68 ideas
- SQL Database 877 ideas
- SQL Managed Instance 153 ideas
- SQL Server 10,682 ideas
- SQL Server - Big Data Clusters 47 ideas
- Storage 1,010 ideas
- StorSimple 26 ideas
- Stream Analytics 271 ideas
- Support Feedback 276 ideas
- System Center Data Protection Manager 152 ideas
- Update Management 187 ideas
- Virtual Machines 1,693 ideas
- Web Apps 630 ideas
Microsoft Azure