We have a custom IDp on old ACS and use ADAL v1 to auth a desktop app. We need to use new thinks of ADAL v2 or newer versions.
We already have this app in production so we realy need a way to use Azure b2c with our custom identity provider. In fact we want the feature of custom Idp in Azure AD in order to substitute ACS.50 votes
We’re starting our scoping and planning of adding enterprise IdPs to Azure AD B2C.
To help us better prioritize things, I’d like to ask you guys to narrow down this ask into any of these items below (or create a new one if neither of these match what you’d like to see).
If the reply url contains a # sign, Azure AD doesn't redirect the token back to the configured reply url but to the root.
Configured reply url: http://localhost:8050/#/login/13 votes
URL fragments in the redirect URL are not supported in OAuth 2.0 (or OpenID Connect).
The OAuth 2.0 spec (RFC 6749) Section 3.1.2, in reference to the redirection endpoint:“The redirection endpoint URI MUST be an absolute URI as defined by [RFC3986] Section 4.3. The endpoint URI MAY include an “application/x-www-form-urlencoded” formatted (per Appendix B) query component ([RFC3986] Section 3.4), which MUST be retained when adding additional query parameters. The endpoint URI MUST NOT include a fragment component."
A second thing I notice is that you seem to be invoking the Implicit Grant flow (“response_type=id_token”, or “response_type=id_token token”), which is why the id_token (and possibly access_token) are being returned as URI fragments (“#id_token=…”) and not query string parameters (“?id_token=…”).
— Philippe Signoret
Cory, could you add a bit more to this idea. Perhaps a use case.
i think allow open ldap direct query to Azure Directory1 vote
Azure Active Directory, given it’s cloud nature has adopted cloud technologies, specifically a REST API.
To query Azure Active Directory, you should use the Azure Active Directory Graph (https://azure.microsoft.com/en-us/documentation/articles/active-directory-graph-api/) or the Microsoft Graph (https://graph.microsoft.io – newer API, preferred but doesn’t have all the functionality yet)
The authentication experience is a complete nightmare1 vote
We’d love to get some more details but got no response from you.
Feel free to create new entries with detailed asks/feedback that we can answer/address.
It's extremely complicated even for a software engineer to work on this platform. Not something, which can be called user friendly. I tried to operate a vital machine from my MAC and I had to give up. Just to give you an idea that I have been working in IT since last 7 years and still it's outside my scope. Just imagine what it would be to a person who is even even less technical than me.
It's only meant for geeks and no user friendliness.1 vote
We’d love to get some more details on what challenges/difficulties you ran into.
Could you create more specific UserVoice entires that outline the scenarios that you’re finding complicated?
Recent announcement about ADAL library for WP 8.1 is great but a version for Silverlight should also be available.1 vote
We do not have any plans to support Silverlight.
You can find the list of platforms we are investing in here:
I want to be able to use my own API key's for Google, Yahoo, etc in Access Control service, so that when the Identity Provider asks the user if it trust my app, it will ask about mydomain.com and not mydomain.accesscontrol.windows.net. It will also allow my app to lookup more information about the user. Please implement something closer to Janrain engage.1 vote
The Azure Active Directory team has aligned its resources behind services in Azure Active Directory. This effort will eventually replace functionality available in ACS. The blog post – http://blogs.technet.com/b/ad/archive/2013/06/22/azure-active-directory-is-the-future-of-acs.aspx – provides a high-level overview of this transition. The ideas posted around ACS have been collected and passed to the team. We will close out ideas posted around ACS to return votes used on this topic. Please feel free to post additional ideas here, and/or email me directly – email@example.com.
The Azure Active Directory team greatly appreciates the feedback. We look forward to hearing from the community as much as possible. It is one of the essential ways we can continue to create and enhance our service offerings to meet your needs. Thank you.
- Don't see your idea?