Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Organize member list view for groups

    Is there a way to organize the members within a hybrid or cloud only group? I have a few groups who have more than one page of users who I would like to view in a chronological order similar to how users populate in Azure Active Directory.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow the ability to search from IAM at the subscription level and see all downstream access.

    If I (or another) add user/identity access at a granular resource or resource group level I should be able to see that access when I search from the IAM blade at the subscription level.

    For customers with large support organizations that have many engineers that need different levels of access and having to keep track of who/what you gave access at what level is a bit unreasonable.

    I should be able to simply search from the top/subscription level and see what all access is granted to a user/identity so it can be removed when it is no longer needed.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  3. Synchronizing Managed Service Accounts from OnPremise to Azure ActiveDirectory

    I wish there is a way to synchronize managed service accounts(MSA) from onpremise to Azure Active Directory, There are many third party applications where we are using the MSA's auth for the apps on-premise . Now we have needs to connect to Azure SQL Database and they can't connect it using the existing auth. I think currently there is no way to sync the MSA's from onpremise to Azure Active Directory.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  4. Please expose non interactive logins logs to customers

    We look to setup alerts for security events. AAD Risk event "Impossible Login" though consumes non interactive login events that are not visible to customers so its not possible to create an event.

    If there are two interactive login's and the second deemed a risk event because of impossible travel we can create an event looking for the risk field in the sign-in logs but if the second event is a none interactive login you can't create an alert, we can't see this event.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  5. This is not an idea but a feedback

    I find the idea of entering the OTP everytime I login ,very absurd. atleast you should not ask for OTP on the same system which I was logged

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  6. azure ad app Required permissions dependency

    Presently when you create a azure ad app and app the api in Required permissions. It requires that app the api has be in specific order to use the KnownClient setting for Creating the service principal in Consumer Tenanat. Please make check the internal dependency of Required api before creating the service Principal.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  7. option to prevent users to consent to third party tenants

    Admins can today block the users ability to grant consent to applications. However, this will not block users from consenting to being invited into third party tenants as guests.

    I suggest that Azure AD should get a “external access” feature where Azure AD admins can choose (per user/group) to either;
    - Allow users to access all external tenants as guests
    - Allow users to access selected external tenants as guests
    - Allow users to access selected external tenants and require admin approval for all other external tenants
    - Users are not alloed to access external tenants (but admins are allowed…

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  8. Date in German group expiration e-mail has a wrong format

    See attached file. The E-Mail is in German except the date. Instead of "March 09, 2019" it should be "09. März 2019".

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow the Group Review Process owner to be changed through the GUI or Powershell

    The current Azure Group review process automatically sends out an email when the scheduled task to the review the group members is activated. This email contains the owner of the task as a contact for the "reviewer" to contact if they have questions, and this owner may no longer be the correct contact. It would be useful to be able to change the owner on reviews so that the reviewer can be referred to the help desk, instead of having to delete the review and re-create the review which changes the review schedule

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  10. azure active directory

    please give azure active directory the ability to add columns and make it sortable

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  11. Very very confusing- too many options. No other e-mail account requires this- Terrible.

    Very very confusing- too many options. No other e-mail account requires this- Terrible.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  12. Signing in


    1. Signing in for the first time everyday is a trouble. I have to type my user ID, password and then the page refreshes as if I did not type the password. I have to type the password again and only then it moves on to the second step of the authentication.


    2. Another problem is - if multiple windows are open, every window and even sometimes, few more links from each page - also seek the 2-step verification. So even if I signed in on tab 1 in my IE window; in the very next moment, the tab 2 in same…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  13. Enterprise State Roaming - swap mouse left/right

    For left-handed people, it is useful if the mouse settings (lef/right button) can be included.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  14. Make Authenticator push for approval rather than type in a code

    DuoMobile has a push function which makes it infinitely easier to use than Authenticator. When you try to log in, you can choose either to put in the 6 digit code or a a push notification, with which an alert pops up on your phone and you can approve it with one click instead of opening the app, finding the code, typing in the code. This takes so much longer and is a pain if you are doing it daily or multiple times a day

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  15. I don't have a idea, explain the advantage of using authenticator.

    To clarify, I just want to know the advantage of this app and what it will eliminate.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  16. Update Azure AD DS Documentation - Prevent Accedental Deletes

    Update documentation to include a functionality warning when managing OU's to include:

    If the account that created the OU (default owner) is deleted, there are no longer any accounts/groups assigned to the OU that would allow access to managing the OU. Access to the object is not allowed until permissions are explicitly granted to provide full access rights to another user or security group for the object.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  17. Speed it up.

    It's slow to start, and the cursor disappears or freezes.
    Why must I see that annoying popup every time I log on, and the meaningless marketing gobbledegook when I click on "learn more".
    Does this also cause the annoyng "We're having trouble signing you out" when I logout of MS Outlook?
    Why must I give you permission to store my email, and notify me about "product updates" in order to post a complaint?

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  18. "Stay Signed In" Screen

    To save power, I log out and shut down my computer every day. Every time I sign in the next day, I am offered the option of "Stay signed in?" Every time I select "No". Every time I tick the box that says "Don't show this again". Despite this, I am offered this screen every single time I sign in. What part of "Don't show this again" don't you understand? Can we just get rid of this unnecessary, unwanted, third screen? Or at least one that responds correctly to my request "Don't show this again".
    PS Cookies are enabled.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  19. 2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  20. Why do I need to authenticate every time I access explore.ms when connected to VPN?

    Why do I need to login every time I access explore.ms when connected to VPN?

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base