Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Azure AD B2B collaboration :- MSA mailbox should not be provisioned for users accepting invitation.

    Whenever a guest user is invited, if he/she has a live account, the redemption process is completed after the consent, but if he/she is using a gmail or any other provider, the user account is created in live database.
    If this is limited to having a set of claims for a user object I think its fine , but for some reason a mailbox is also getting provisioned in MSA.

    So real time experience, I have a gmail id - testuser@gmail.com which I was using on gmail and know after getting invited by any tenant, I can use this id…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  2. fga

    hh s

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow guest users to acces VM in Azure in combination with AADDS

    I hope this can be done so I do not have to look for 3th party solutions.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add an Enterprise app for Single Sign on for OpenShift

    Create an Enterprise app for Single Sign-on for the OpenShift service https://www.openshift.com/

    We currently access OpenShift via AD DS LDAP however we need more flexibility for internal and 3rd party access (Azure AD Cloud only account from our tenant and Federation)

    The current app in the gallery is Password Vault not SSO

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add an Enterprise app for Seismic

    Create an Enterprise app for Single Sign-on for the Seismic service https://seismic.com/ According to the Seismic documentation it supports Azure AD however it would be easier if there was an app in the gallery

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add an Enterprise app for Symphony IM

    Create an Enterprise app for Single Sign-on for the Symphony IM service https://symphony.com/ I successful created a custom app for SAML SSO however it would be easier if there was an app in the gallery

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  7. Very good

    Very good

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  8. "What is Azure AD B2B collaboration?" documentation

    Your "What is Azure AD B2B collaboration?" page has two copies of the same screenshot, which is wrong for the "Authorization policies protect your corporate content?"

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  9. B2B Integration pack for VS2017

    B2B Integration pack is available for only VS2015. When it is released for VS2017 we can have Only VS2017. Now i'm using two versions VS2015 for B2B and for Azure functions i'm using VS2017.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  10. Choose SaaS app for invite in UX

    Provide an option to select an alternative saas app within the Azure Active Directory Portal for the Azure B2B invite or/and solve the issue surrounding the Azure Access Panel / MyApps.

    Issue: https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/19738183-support-conditional-access-for-myapps-microsoft-co

    @Sarat

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  11. Send As Option for B2B Invite Email

    Different Admins create B2B accounts so the invite emails will have a different sender which also displays the Admin account details.

    Send As option would allow a consistent name to be displayed for all B2B invites - shared mailbox for example which also prevents privileged account E-Mail Address details from being included in the email

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  12. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  13. Add all options to bulk user import as well

    With Guest user invitation I can set user name, group, role, job title as well, with bulk import I do not have these options.
    I especially miss the group option, since I want to add them to a group during the invitation step, so I do not have to revisit the users and assign them afterwards.
    With bulk import it actually takes more time to import users because of this.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  14. Automatically sync users from one Azure AD to Azure AD

    Hi,

    Can we have an inbuilt Azure AD functionality to sync user from one or multiple azure ad to a central Azure AD (shared tenant) so that it removes the overhead burden of creating and deleting user in central Azure AD.

    You already have the concept ready it's just you need to provide an in-house functionality. (https://docs.microsoft.com/en-us/azure/active-directory/app-provisioning/scim-graph-scenarios)

    Also the available functionality like whitelisting the complete domain in B2b is not of great help because users leaves the home tenant and we don't have any sign of it also we need additional attribute like (Phone No. / Country /…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  15. Custom userinfo endpoint for Azure AD B2B

    We need to be able to override the userinfo endpoint in the tenant's OIDC metadata file. In our case we need the userinfo endpoint to be able to return userinfo from multiple sources. The current endpoint (https://graph.microsoft.com/oidc/userinfo) naturally only returns data from Azure AD. Our custom userinfo endpoint would be an api that we develop and host ourselves, protected with Azure AD. This would allow us to stay compliant with OIDC at the same time as we would get to customize userinfo to a greater extent, and even return aggregated userdata from multiple sources (such as LOBs)

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  16. If you are using federation authentication and the user doesn’t already exist in Azure AD, the user cannot be invited. In order to resolve t

    If you are using federation authentication and a user invited as guest to a tenant doesn’t already exist in Azure AD, the user cannot be invited. In order to resolve this issue, the external user’s administrator must synchronize the user’s account to Azure Active directory. The error message given the user, when the user attempts to accept the invite to the new tenant is 'an unexpected error occured'. This error message cost us a lot of time trouble shooting

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  17. For the user export function, I would also need the column source, especially for guest users this is a key attribute.

    For the user export function, I would also need the column source, especially for guest users this is a key attribute.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  18. Automated GuestInvites or Tenant Federation

    We got customers, that work very close with several partner tenants. Instead of the current B2B self-service invite process, they look for a solution to automatically provision, update and deprovision guests from selected tenants in their tenant.
    Currently the only solution we can deliver this feature is by leveraging Microsoft Identity Manager (MIM) and Graph API Apps to synchronize AzureAD Tenants. Thes works very well if we only integrate a few tenants.
    If we would get this functionality out-of-the box, so that e.g. Tenant X just request Tenant Y to synchronize user objects as guest. And of course after Tenant…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  19. Aš galiu padėt bet ne visą gyvenima

    Kas nedirba mielas vaike tam ir duonos dout neteikė.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  20. Username when connecting tenants

    When 2 Azure tenants are connecting, if the external tenant users use their email to set up the account, it puts their email as the username in your tenant. Azure should update your tenant with their actual upn instead of email.

    When they goto connect they need to use thier upn to log in but that information is not shown in your tenant and so you can not help them log in. They also can not reset the password because the email that shows as their username is not a valid account in your Azure AD Users.

    This seems to…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base