Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Customer-owned domains

    Run Azure AD B2C's sign-up & sign-in pages under a custom domain, for e.g., login.contoso.com, instead of login.microsoftonline.com.

    866 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    129 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →

    Due to various technical limitations, the first iteration of the customer-owned domains functionality will not be available for a few more months. We will provide an update as soon as we can get a more specific ETA.

    If you are looking to use custom domains to use javascript, we are now looking to enable that experience by providing a new (non-customizable) domain. Please look for updates here: https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/15493536-add-support-for-javascript-inside-the-custom-ui-br

    /Parakh

  2. Programmatically register B2C applications

    I want to be able to call a Graph API to register new B2C applications

    210 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    21 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  3. Go Direct to Password Reset from Sign-In/Sign-Up

    The Sign-in only policy allows the user to go directly to the password reset.

    The Sign-in/Sign-Up does not allow this. The user gets redirected back and you have to handle AADB2C90118.

    Reference: https://stackoverflow.com/questions/41497158/azure-ad-b2c-self-service-password-reset-link-doesnt-work

    While this flow is useful for some people the opposite is also true. Please allow me to specify the password reset policy in my sign-in/sign-up policy so the round trip is not required if I don't want it.

    154 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    40 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  4. Custom password complexity

    Allow the ability to set different password complexities for local accounts in a B2C tenant.

    111 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    15 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  5. 68 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add a common (multi-tenant) Azure AD Identity Provider

    An idp that can be used to set up the AAD "common" tenant, which does home realm discovery (customer types in their email address and the real tenant is looked up) to find the actual AAD tenant. This would allow any customer with an AAD account in any AAD tenant (that has not disallowed it to be used with the common tenant) to authenticate.

    46 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  7. 44 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  8. AADB2C: Add multiply reply URLs with the same domain

    If you create an Azure Active Directory B2C and then add an Application for your Web API, your Web API will only be able to receive tokens from a client that shares the same Application ID.

    Currently, building a Web API that is accessed from several different clients is not supported.

    This means that if you want to add different clients, you can configure them with the restriction that redirect URLs must all belong to the same domain.

    But when you try to add them, for example:
    https://client1.domain.com

    https://client2.domain.com

    I receive an error saying that the reply URLs are not…

    44 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    13 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →

    It is possible to add multiple reply URLs within the same domain, unfortunately the experience is a bit clunky and we’re working on fixing this.

    At this time, in order to achieve this a setup with client1.domain.com and client2.domain.com as redirect URIs, you must first add the overarching domain as a redirect URI and then add the sub-domains, like so:

    1) https://domain.com
    2) https://client1.domain.com
    3) https://client2.domain.com

    Check out this article for more info:
    https://docs.microsoft.com/en-us/azure/active-directory/active-directory-v2-limitations#restrictions-on-redirect-uris

  9. AADB2C: Support Twitter

    B2C currently supports authenticating with various social networks, but not Twitter. Please consider supporting Twitter as well.

    30 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  10. Return social IdP's native access tokens back to the app

    Return social IdP's native access tokens (for e.g., Facebook access tokens) back to the app.

    20 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  11. Attribute Validation with Azure Functions.

    Would like the capability to provide method which allows post-validation for attributes using Azure Functions. It could be setup as a post-validation policy as well, which could specify the Azure Function(s) required to validate the attributes attached to it.

    12 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  12. Support Github identity

    Would be great to extend the list of identity providers with GitHub, Azure AD and other identity providers to make our end-customers life easier.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →

    This is available in private preview and we’re actively looking for customers to try it out and give us feedback.
    If you’re interested, contact us at aadb2cpreview@microsoft.com with the following info:
    – TenantName (x.onmicrosoft.com)
    – Description of your app and why GitHub is relevant
    – Estimated user count (total to the app and specific to GitHub)

  13. REST API callout

    Support for calling REST APIs at the start and end of end user sign-up, sign-in and other flows.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  14. B2C analytics and reporting

    It would be great if there was some kind of reporting or/and analytics for B2C in Azure. For example can we find the successful user sign-ins or the total user count in B2C (greater than 1000)? You can see the user count lower than 1000 in the Azure AD blade -> Users and groups -> Overview.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →

    We are working on offering a set of Power BI reports with analytics about your Azure AD B2C tenant, including: user counts, active users, registrations, and conversion rates. These reports will be available as a Power BI content pack.

    There’s a private preview of this feature. If you have a subscription to Power BI Pro and want to join the preview, send an email to aadb2cpreview@microsoft.com with the name of your B2C tenant.

    /Sergio

  15. Risk based conditional access for b2c

    In order to reduce user friction the product should have conditional access programing to allow a safe sign in without asking to mutch information and avoid sending to much sms tokens

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for your feedback! We are excited to announce that Risk-based Conditional Access for B2C is currently in private preview. We will keep you updated when it becomes available in public preview and general availability.

  • Don't see your idea?

Feedback and Knowledge Base