Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Azure AD App Proxy support for "Provider Hosted App" and passing "Query String" to Provider Hosted App

    Support for publishing "Provider Hosted App" and passing "Query String" to Provider Hosted App using the Azure AD App Proxy.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  2 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow conditional access evaluation without azure pre-authentication

    We have several apps and web services on premise that we would like to be evaluated for location and other factors without any authentication provided by the user. In other words we want to be able to prevent access from non-us locations to some of our web services where the caller is unable to authenticate.

    Example: https://webservice.domain,com on premise where there is no authentication required we still want to use azure ad proxy to reach that application and prevent any access from a non-us location using conditional access. Sinc

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add support for other encodings in URL Link Translation like ISO standard 8859-1

    Consider adding support for other encoding types in URL Link Translation feature as this will make it easier to adopt the feature.

    Ex. ISO standard https://en.wikipedia.org/wiki/ISO/IEC_8859-1

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  1 comment  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  4. For Enterprise Applications SSO with IWA/KCD configuration in Azure provide better SPN handling for multiple back-end servers

    For Enterprise Applications SSO with IWA/KCD configuration in Azure, either add support for multiple SPNs for representing multiple back-end servers using round robin DNS, or for Wildcard Application publishing, allow the wildcard SPN in Azure to ignore the mismatched SPN on the back-end servers/application, to support multiple back-end servers, via DNS round robin.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  5. Disable option to create Conditional Access Policy when Passthrough authentication is enabled

    When Passthrough Authentication is enabled for an app published through App Proxy, the authentication process is offloaded to the Idp the company uses.
    Because of that, authentication requests cannot be evaluated for Conditional Access.
    Thus, turning on Passthrough, should automatically prevent users from creating CAP for the application. Currently, the What-If tool will show that the policy will apply when in reality it won't.
    This documented here :
    https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/application-proxy-faq

    This behavior already exists for Single-sign on

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  6. App Proxy for Intranet API

    We are using App Proxy for intranet API publication.
    The usage flow is below.

    1. SSO to applications SAML cooperating AzureAD.
    2. Use the SSO authentication token to hit the App Proxy API embedded in the application.

    On that basis, I am troubled below.
    · It can not be executed unless you access the API beforehand on the screen.
    I implement the following as HTML.
    <object data = "~ msappproxy.net / api /" type = "text / json" style = "visibility: hidden"> </ object>
    <input type = "button" value = "test" onclick = "postAPI ('~ msappproxy.net / api /')">
      
    · The…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  7. More simple configuration between Dynamics Nav and Azure Active Directory

    Allow more simple application single sign-on between Azure Active Directory and Dynamics Nav i.e. use similar application as application proxy to create the federation between nav and azure ad.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow App Service Certificates to be used on App Proxy endpoints

    Rather than procuring our own certificates, allow us to use certs provisioned on ASC with App Proxy. It should handle renewal and rekeying automatically as well.

    Importantly this would allow us to get a single wildcard cert to front all of our app proxy instances and never have to worry about cert expiry again!

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  9. Support for client certificate authentication

    To protect the HTTPS connection we user TLS Mutual Authentication (2-way certificate pinning) but Application Proxy doesn't provide support for that.

    How difficult it will be?

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  1 comment  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
2 Next →
  • Don't see your idea?

Feedback and Knowledge Base