Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

We have a new log in experience integrated with Azure AD, and we strongly recommend you log in with your Azure AD (Office 365) account. If your UserVoice account is the same email address as your Azure AD account, your previous activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

How can we improve Azure Active Directory?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Update UserType from portal

    Be able to see and change the userType from the portal.
    (This is only available in Powershell : example: change from Guest -> member, in order to see the directory as an external user.)

    Set-MsolUser -UserPrincipalName xxxhotmail.com#EXT#@xxxhotmail.onmicrosoft.com -UserType Member

    214 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    11 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →

    Updating the status to indicate that this is a valid suggestion and in our backlog for the future. Please keep the comments/votes coming, knowing more about how you intend to use this helps us prioritize and design better features.

    /Elisabeth

  2. B2B Guest User Expiration

    Looking for the functionality where you can schedule Azure B2B users to exist in your tenant for a predetermined period of time. This would operate similarly to the O365 Groups expiration functionality that exist today. Additionally, managers would be allowed to extend these periods of time and automated reminders would be sent to the manager of these users.

    117 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    14 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →

    We do have some capabilities in this space by using either Access Reviews (https://docs.microsoft.com/en-us/azure/active-directory/governance/manage-guest-access-with-access-reviews) or the newly-released-to-preview Entitlement Management feature (https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-overview).

    If neither of those fulfill your requirements, please add a comment with your scenario for the feature to help us prioritize and design it better.

    /Elisabeth

  3. Add support for webhooks when users are invited, added, removed from Azure AD + Azure AD B2B Collaboration

    Currently it is not possible to receive a notification from Azure AD when a user has been invited (through B2B Collaboration) or added directly through Graph API or the portal.

    60 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  4. remove b2b user when host account is removed

    We use Azure B2B extensively. However where B2B users have been into our directory and the user has left the third party organisation and thus had their account removed does not clean up the guest account records in our directory.

    Over time this leaves thousands of 'orphaned' guest accounts in our directory, with no ability for our administrators to identify which accounts are orphaned. and thus numbers of guest users in our our directory expands over time infinity

    Azure AD should automatically in the in the event of a user object being removed from the third party directory remove the…

    26 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →

    This is in our backlog, but votes and comments about how you would expect this to work are very helpful to our planning/designing the feature so please keep them coming.

    Also, for some scenarios in this space Access Reviews (https://docs.microsoft.com/en-us/azure/active-directory/governance/manage-guest-access-with-access-reviews) can be a good way of removing users who no longer need access, including those who don’t have accounts anymore. (Thanks Shawn for pointing that out for everyone!)

    /Elisabeth

  5. Bring through external user profile fields when using B2B

    Currently, when you invite someone from another AzureAD, using the B2B process, only their DisplayName and EmailAddress comes through (both of which are actually provided in the B2B CSV file).

    It would be very useful if more profile information could be retrieved, possibly with the user's authorisation.

    In particular, details like Firstname, Lastname and Country, would be a useful start, but potentially more profile fields (address, phone numbers, title, etc) would be ideal.

    24 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  6. customize B2B signup process

    When working with partners it is critical to have customized and company specific branding and experience.

    complete customization verification emails and domain name in signup URL

    23 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  7. Can i use Azure AD B2B collaboration together with Azure AD B2C within one tenant?

    For external customers we will use Azure AD B2B to login in and for external users (from custom domains i.e. Hotmail.com, Outlook.com) we would like to use Azure AD B2C to log on.

    So, one tenant with Azure AD B2B extension and Azure B2C extension coexisting.

    20 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  8. Azure AD B2B better support for users who don't know their organisation has O365

    We invite quite a lot of external guests into our SPOnline tenant. Originally via the (old Azure portal) bulk add (CSV) B2B process, but more recently via the (new Azure portal) invite guest user B2B/B2C process.

    We're getting more and more B2B users that fit into one or more of the following:

    1. Don't know their organisation has O365
    2. Don't know their O365 login (it's not always their email address)
    3. Their organisation/domain is registered for O365, but they don't have a license.
    4. Have O365, but aren't syncing their AD with AzureAD.
    5. Aren't able to get their…

    18 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  9. Who created guest user

    Hi,

    Currently i have no possibility to see who created a guest-user, except going through the audit-logs.
    Maybe the User inviting the guest could be automatically set to the "Manager" attribute(which is currently not available for guest users).

    Then the monthly review of created guest-accounts would be much easier to handle, as you could ask the inviter/manager if still needed.

    16 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  10. Extension attribute for Guest accounts

    Dear,
    is there any way to have extension attributes on Guest account(s)? Any plan to support it in the future?

    Thanks in advance.
    Best regards,
    Petr Weiner

    15 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow all and future users from guest tenant to automatically be added as guest users.

    Allow all and future users from guest tenant to automatically be added as guest users without invitation email. This would mimic the classic AD trust.

    13 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  12. Invitation (or import) Security Groups from other tenant

    It would be great if we can import Security Groups from other tenant using Azure B2B.

    13 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  13. Azure Active Directory, Guest User invite. Allow Group/Distribution lists

    Azure Active Directory, Guest User invite. Allow Group/Distribution lists.

    You can not add a guest user email address if its a distribution list. You have to use a "user" email address, ticket REG:117081816209241. This is would be useful to invite clients to manage certain objects (our example is keyvaults). People come and go and change positions. So using a distro list makes sense here. Using a "shared" mailbox is possible but why extra overhead of an additional mailbox and license.

    12 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  14. Additional information for Azure B2B shadow user during invite creation

    Allow us to add more information about the Azure B2B shadow user before sending Azure B2B invite

    12 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  15. Intune Ap Protection for Azure B2B users

    I have app and I am using Intune app protection and every thing is working fine. I have few azure B2B users.
    I also read some app configuration policies.
    My question is how I will read the app configuration policies for my Guest users.

    10 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  16. Mail Enabled External Users - Allow UserType=Member to be Mail Enabled - Allow Inviter to Control Mail Enable/ShowInAddressList on invite

    Consider the following scenario. You have a sister company or other company with their own AzureAD tenant, for which you want your users to be able to collaborate. You invite those users to your AzureAD tenant. Depending on how you do so, those external users may be Users or may be Mail Enabled Users.

    These External Users may now collaborate with your users using SharePoint or other AzureAD connected business apps, but if you're users are regularly collaborating with these external users, wouldn't it be great if you could make it easy for your users to find them in the…

    10 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  17. Restrict Azure B2B Guest Users from viewing Group members in https://myapps.microsoft.com

    We would like to restrict B2B Guest users from viewing Groups that they are part of, or from viewing the Members inside those Groups.

    Currently, the feature to turn this off (Under Groups - General - Self Service Group Management - Restrict Access to Groups in the Access Panel) exists for ALL the users in the directory and not for the Guest users only. Hence, If we turn this off, then the internal users won't be able to leverage the Self service group membership feature. And if we keep this on then we will end up letting the Guest users…

    8 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  18. B2B Review permission clarification

    During the 1st login of a guest user account, the user needs to go through the Privacy policy agreement and consent those permissions. It states that "The organization <Company> would like to:
    Sign you in
    Read your name, email, and perhaps photo"

    The use of the word email has confused some of our customers - they do not want to let us to read their emails. Please use email address instead.

    8 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  19. Enable full Language customization for Azure B2B

    Azure AD B2B sends verification code emails to external guests only in english. There is no possibility to change language & design? Besides, if the external user has to set the new passwort for his MSA/AAD, the page is in english and cannot be customized as well. Any plans on this? Or any other idea to get this working in local language? Any plans when there will be a possibility to customize the design? Thanks a lot!

    8 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  20. Prevent guest users from seing security groups/content through Access Panel.

    In B2B setup guest users can see the members of a security group used for e.g an app through the Access Panel. This is unfortunate as they may be competitiors or membership exposes information that is not supposed to be public.

    I am aware that you can turn of group view for all users in the access panel, but the access panel is also a nice feature.

    B2C will also solve it, but not a good option for many cases.

    Could it be solved with a property hidden or secret only open for internal og owners/admins?

    7 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5
  • Don't see your idea?

Feedback and Knowledge Base