Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

How can we improve Azure Active Directory?

← Azure Active Directory

Support HSTS HTTP Strict-Transport-Security on Azure AD Application Proxy

Support HSTS HTTP Strict-Transport-Security on Azure AD Application Proxy. Currently the Azure Application Proxy does not support the Strict-Transport-Security header. Please make App Proxy support this and maybe other customizable headers for DHS BOD 18-01 compliance. https://cyber.dhs.gov/bod/18-01/ The On-prem solution (Web Application Proxy) is also not compliant.

16 votes

W Spencer shared this idea · March 28, 2019 · Flag idea as inappropriate… · Admin →

started ·

AdminAzure AD Team (Product Owner, Microsoft Azure) responded · July 23, 2020

We’re working on a feature to enable this as a setting on an application. If you would like this enabled for your tenant as part of a preview please reach out to aadapfeedback@microsoft.com.

Show previous admin responses (1)

1 comment

An error occurred while saving the comment

Jon Sauter commented · July 20, 2020 15:01 · Flag as inappropriate

This is still flagged as 'under review' but appears to have been implemented in the product. This causes problems for applications that are not using HTTPS internally when the user connects to the application directly from on-prem. If HSTS is going to be a feature of App-Proxy then there needs to be a toggle for it (at the tenant- and/or at the application-level).

Submitting...

Azure Active Directory: Application Proxy

Searching…

No results.
Clear search results

Give feedback
- (General Feedback) 7,140 ideas
- Additional Services 326 ideas
- Analytics Platform System 20 ideas
- API Apps 0 ideas
- API Management 659 ideas
- Automation 535 ideas
- Azure Active Directory 5,331 ideas
- Azure Active Directory Application Requests 287 ideas
- Azure Advisor 35 ideas
- Azure Analysis Services 189 ideas
- Azure API for FHIR 14 ideas
- Azure App Configuration 49 ideas
- Azure Arc 27 ideas
- Azure Automanage 11 ideas
- Azure Backup 613 ideas
- Azure Blockchain Service 12 ideas
- Azure Bot Service 35 ideas
- Azure Certified Device 16 ideas
- Azure Cloud Shell 368 ideas
- Azure Cognitive Services 70 ideas
- Azure Communication Services 23 ideas
- Azure Confidential Compute 2 ideas
- Azure Container Instances 169 ideas
- Azure Container Registry 101 ideas
- Azure Cosmos DB 292 ideas
- Azure CycleCloud 6 ideas
- Azure Data Explorer 222 ideas
- Azure Data Share 12 ideas
- Azure Database for MariaDB 18 ideas
- Azure Database for MySQL 76 ideas
- Azure Database for PostgreSQL 162 ideas
- Azure Database Migration Service 80 ideas
- Azure Databricks 300 ideas
- Azure Dev Spaces 11 ideas
- Azure Digital Twins 20 ideas
- Azure Event Grid 67 ideas
- Azure FarmBeats 14 ideas
- Azure Functions 244 ideas
- Azure FXT Edge Filer 0 ideas
- Azure Governance 207 ideas
- Azure HPC Cache 0 ideas
- Azure IoT (Hub, DPS, SDKs) 337 ideas
- Azure IoT Central 159 ideas
- Azure IoT Edge 96 ideas
- Azure IoT Security 0 ideas
- Azure IoT Solution Accelerators 45 ideas
- Azure Key Vault 179 ideas
- Azure Kinect DK 71 ideas
- Azure Kubernetes Service (AKS) 312 ideas
- Azure Lighthouse 32 ideas
- Azure Management Groups 24 ideas
- Azure Maps 77 ideas
- Azure Marketplace 464 ideas
- Azure Media Services 260 ideas
- Azure Migrate 76 ideas
- Azure mobile app 367 ideas
- Azure Monitor 265 ideas
- Azure Monitor- Alert Management 164 ideas
- Azure Monitor-Application Insights 814 ideas
- Azure Monitor-Log Analytics 1,012 ideas
- Azure NetApp Files (ANF) 34 ideas
- Azure Object Anchors 0 ideas
- Azure Pack 298 ideas
- Azure Portal 2,240 ideas
- Azure Purview 189 ideas
- Azure Quantum 0 ideas
- Azure Red Hat OpenShift 13 ideas
- Azure Remote Rendering 10 ideas
- Azure Reservations 188 ideas
- Azure Resource Manager 566 ideas
- Azure Search 301 ideas
- Azure Security Center 328 ideas
- Azure Sentinel 115 ideas
- Azure Service Health 46 ideas
- Azure SignalR Service 17 ideas
- Azure Spatial Anchors 31 ideas
- Azure Sphere 81 ideas
- Azure Spring Cloud 3 ideas
- Azure Stack HCI 8 ideas
- Azure Stack Hub 204 ideas
- Azure Synapse Analytics 498 ideas
- Azure TCO Calculator 30 ideas
- Azure Time Series Insights 33 ideas
- Azure Web PubSub service 1 idea
- Batch 41 ideas
- Batch AI 10 ideas
- Biztalk Services 14 ideas
- Blockchain 55 ideas
- Cache 43 ideas
- Change Tracking 14 ideas
- Cloud Services (Web and Worker Role) 275 ideas
- Cost Management 362 ideas
- Cross region move for Azure resources 11 ideas
- Customer Insights 13 ideas
- Customer Lockbox for Microsoft Azure 1 idea
- Data Catalog 181 ideas
- Data Factory 1,311 ideas
- Data Lake 356 ideas
- Data Science VM 24 ideas
- Diagnostics and Monitoring 204 ideas
- Event Hubs 44 ideas
- Global Infrastructure 44 ideas
- HDInsight 138 ideas
- Lab Services 388 ideas
- Logic Apps 1,908 ideas
- Machine Learning 242 ideas
- Mobile Engagement 19 ideas
- Networking 1,488 ideas
- Notification Hubs 37 ideas
- Project Bonsai 31 ideas
- Scheduler 43 ideas
- Scripting and Command Line Tools 103 ideas
- SDK and Tools 150 ideas
- Security and Compliance 106 ideas
- Service Bus 210 ideas
- Service Fabric 304 ideas
- Signup and Billing 1,806 ideas
- Site Recovery 299 ideas
- SQL Data Sync 68 ideas
- SQL Database 900 ideas
- SQL Managed Instance 154 ideas
- SQL Server 10,817 ideas
- SQL Server - Big Data Clusters 48 ideas
- Storage 1,043 ideas
- StorSimple 26 ideas
- Stream Analytics 271 ideas
- Support Feedback 276 ideas
- System Center Data Protection Manager 152 ideas
- Update Management 187 ideas
- Virtual Machines 1,723 ideas
- Web Apps 666 ideas
Microsoft Azure