Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Common OpenID Connect discovery endpoint should not contain invalid URL

    The OIDC discovery endpoint for the common tenant ( https://login.microsoftonline.com/common/.well-known/openid-configuration ) has an invalid URL as the issuer attribute. The issuer must a valid URL, but it contains curly brances: 'https://sts.windows.net/{tenantid}/'. This can cause problems in libraries such as Nimbus OAuth 2.0 SDK, which parse and validate this attribute. The braces should either be URL-encoded or a different placeholder should be chosen.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  2. Prevent registered apps from disappearing from portal

    The apps that I registered in the Microsoft Registration Portal (MRP) are suddenly gone. I can see them in the Azure Portal, and manage Azure AD apps, but converged apps are only seen in Application registrations. From that place I am unable to manage settings for them.
    This also happens with newly registered apps in MRP to me and to my colleague, as soon as app is created it is gone from MRP.
    When inspecting the web page there are errors in Console:

    0cac2641-217e-404f-b402-ae7f6d97a3a7:1 Failed to load resource: net::ERR_FILE_NOT_FOUND
    MeControl.js:1 Uncaught TypeError: Failed to execute 'postMessage' on 'Window': The provided…

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  3. navigating azure AD V1 and V2 is a nightmare

    just spent a couple of days getting an app to authenticate against multiple-tenants.

    And now the graph api can't use my app registrations from Azure AD, and there gotcha's EVERYWHERE on V2.
    WOW

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  4. Document now to configure Azure AD to be a SAML 2.0 identity provider for a SAML 2.0 service provider, for SSO against Office365 credentials

    I found https://docs.microsoft.com/en-us/azure/active-directory/active-directory-saas-custom-apps but the Azure AD admin interface I get via my Office365 admin isn't consistent with the documentation and I can't find the documented interface. Elsewhere, I find documentation that says this can be done (e.g. https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-how-applications-are-added) but no instructions for how to configure the integration.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  5. 6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  6. Cannot enter valid url as Native Application redirect uri

    When I enter urls like http://localhost:8080/register or even http://google.com I get an error stating the url must have the format {scheme}://{domain}/{path}

    Changing http to test (e.g. test://localhost:8080/register) causes the validation to succeed.

    Because of this it is not possible to set a redirect uri for native applications.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  7. Managed Service Identity needs new shorthand. MSI is taken

    Please please get an abbreviation checker at Microsoft. MSI is already a thing. Desktop isn't quite that dead yet. I have a hard enough time keeping up, without stepping on the same 3 letter from the same company meaning completely different things!

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  8. Authentication on Azure AD through command-prompt (no browser scenarios)

    When it comes to web-applications and developer experience, AAD SAML federation is a huge improvement over ADFS. What is missing, is support for command-prompt use-cases (console apps, cli or PowerShell scripts). ADFS allows a user who is authenticated in AD to post a AuthN request to ADFS and acquire SAML response, all through command-prompt. But this is nearly impossible using AAD. If AAD could provide a library/PS-cmdlet or some way to authenticate a user without a browser and only through command-prompt, it would be a huge improvement.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  9. NPM package for Azure AD authentication in Angular2+ apps

    There are currently a lot of npm packages written by developers to make it easy to authenticate angular apps against Azure AD. But the reality is most of the packages are outdated and with many issues with each version of angular. It will be great if MS can release a ngx module for authentication against Azure AD and provide good support.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  10. WHERE can I find Client Secret for API settings that comes with Client ID?

    WHERE can I find Client Secret for API settings that comes with Client ID?

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  11. App registrations Redirect URI - Allow disable on a redirect uri entry

    Hi,

    It would be great if there was an enable / disable checkbox for redirect uri's.

    As a developer I am constantly adding / deleting the localhost redirect uri.

    Regards,
    Graham O'Riley
    Netdocs

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  12. Developers blocked from using the new application registration owner role in the portal

    Developers will be forced to use the App Registration Portal (https://apps.dev.microsoft.com/) for managing Azure Active Directory applications or PowerShell, when the feature "Block Portal Access" is enabled to block normal users from snooping around in Azure Active Directory settings using the portal. This is very inconvenient for developers that would like to use the Azure Portal.

    Even with the "Application Registration Owner" role assign the users are still denied access to the app registration.

    Either create a exception list for the Azure AD Portal block feature or allow the users with the "Application Registration Owner role" access to…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  13. Publish React and View sample using Azure AD

    In general, developers tend to use Angular, React and View to develop SPA, but in the following page, only refer Angular sample. If there is React and View sample, I believe many developer will save time and can use Azure AD in the app.
    https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-developers-guide

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow me to share the management of my applications with others

    I can't believe there's no way for me to add other managers to my application! What happens if I get hit by a bus?! Does my whole company suddenly lose access to the app that's been registered?

    This needs to be made available yesterday!

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  15. Increase redirect URI limit

    I have registered an app at apps.dev.microsoft.com ..Is there any way to add more than 20 redirect urls? I have many customers with subdomains and I need my app to work in every subdomain. Currently im able to add it in only 20 subdomains

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  16. Delegated permissions not working

    I have registered an application at the application registration portal (apps.dev.microsoft.com) and configured it to use delegated permissions (specifically "Files.Read.All", "Sites.Read.All" and "User.Read") which are marked as "User can consent".
    In one tenant (used for development) the app works exactly as expected, asking the user to consent in the first access. However, in the client environment (I registered another app in their tenant, with the exact same configurations), the user is not asked to consent the permissions, instead it is shown a message:
    "{App name} needs permission to access resources in your organization that only an admin can grant. Please…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  17. app reply address does not update

    Under "apps.dev.microsoft.com" app url redirect does not update despite deleting old app entry. Trying to create quick prototype for client thinking of migrating to O365 and therefore only using the trial version for now.

    To update reply address, it requires login into azure. Permissions are limited for trial version and therefore unable to update "reply address".

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add Windows Store as a platform to an existing app in Application Registration Portal

    Hi,

    I had a UWP app working with OneDrive, allowing users to read and write to a file.

    Then I accidentally deleted my app from the Application Registration Portal and now any OneDrive related code throws an authentication error.

    How can I re-register my app with the Registration Portal to get it working with OneDrive again?

    I can add anew app but cant see a way of getting the Windows Store platform back. All my other apps have this platform by default.

    I've attached an image illustrating the platform that I want to add.

    Thanks for any help anyone can…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  19. Cannot save web platform added to app in Application Registration Portal

    Whether I create an app on
    https://identity.microsoft.com/portal/register-app
    or edit an existing app on
    https://identity.microsoft.com/#/appList
    I cannot add a web platform. The Save button on the registration page is always disabled. Only the Discard Changes button works.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  20. I cannot see my app after registering in apps.dev.microsoft.com, but I see it in the Azure AD Portal

    Unable to get app to show up on apps.dev.microsoft.com/#appList after trying to 'Add' Azure AD Only application. My registrations show up in the Azure AD portal.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base