Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  2. Implement additional Security Header for login.microsoftonline.com

    Some of the new HTTP headers can be very useful protection against certain type of attacks. Although their use is not necessarily widely spread in some cases, we want to try to be more proactive especially as we are moving websites from on-prem to Azure + AAD. For both On-Prem & Azure cloud, there was a change in our internal security policy and we are now working with our development teams across all products to implement security headers to help tighten our websites’ security.

    From what I can tell and as of now, below are the ones currently being implemented. …

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  3. roadmap

    Since recently an AAD release history is available: https://docs.microsoft.com/en-us/azure/active-directory/whats-new

    Can there also be a roadmap with features, similar as with O365? The current Azure roadmap for Identity is not up-to-date https://azure.microsoft.com/en-us/roadmap/?category=security-identity

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  4. Purge inactive registered devices on Azure

    It would be useful if old devices that haven't been seen for a period of time could be automatically purged from the list of a user's registered devices. It looks like when devices are reset or different insider builds installed Azure/Intune doesn't do a good job of identifying it as a previously seen device. I found I had lots of duplicates for the same device with different build numbers and was hitting the maximum device limit (set to 20) which prevented further devices being registered. If this can't be done automatically, it would be useful to be able to run…

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  5. Improve granular control of password policy

    Following the recent re-write of NIST's password guidelines, could we have better granular control of the password policies in place for a tenant. Namely, I would like to see the option to increase the minimum number of characters (it gets exponentially harder to ***** passwords using brute force attack when passwords are 10 charcters long or more instead of 8 characters), reduce the number of failed logins to less than 10 (say 3) before a user is blocked and have passwords checked against a list of known common passwords. These settings should be available in Office365 control panel as well…

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  6. Azure AD v2 endpoint: Allow to edit or provide custom Redirect URI for mobile applications

    Currently, the Application Registration Portal sets the Redirect URI to urn:ietf:wg:oauth:2.0:oob when developers add a Mobile platform.

    This leaves developers with only two options of Redirect URI. They can use urn:ietf:wg:oauth:2.0:oob or the generic https://login.microsoftonline.com/common/oauth2/nativeclient

    The former option breaks many existing OAuth libraries, which do not support hierarchical URIs.

    The second option causes a problem if the developer chooses to use the browser device instead of a WebView for authentication. Google recommends using the browser (https://developers.googleblog.com/2016/08/modernizing-oauth-interactions-in-native-apps.html).

    The problem is that after the user signs in and the flow returns to the redirect URI, the user is presented with…

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  7. When associating an O365 AD to Azure AD it fails silently if prereqs are not meet.

    Following the instructions here:
    Associate an Office 365 tenant with an Azure subscription
    https://azure.microsoft.com/en-us/documentation/articles/billing-add-office-365-tenant-to-azure-subscription/

    there are a handful of prerequisites, however the system silently fails if you miss the prereqs and attempt to do the associating.

    Request: have the system do an automated check that all the prereqs are meet before attempting the association, or if it fails, provide detailed information as to what needs to be resolved.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  8. Provide native security services and policy interception in the AppFabric

    Provide native security services in AppFabric such as XML firewalling (structure, grammar, semantics, algorithms, injections, etc), similarly like other XML virtual appliances .
    Ideally, it would great if interception can be implemented between client and the end service by calling Worker / Web Role on Azure to perform this functionality (an possibly policy enforcement) – Customer may or may not to choose to deploy this solution at their own cost. The firewall can be reference implementation on codeplex and / or fully managed service provided by Microsoft.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
    under review  ·  Anonymous responded

    Your idea has been sent to the appropriate Program Manager for review. Thank you for your input.

  9. Request to leave other Azure AD tenant

    Currently, to leave an Azure AD tenant, the user needs to "sign in" to leave the organization from access panel. However, if the account has been locked or disabled in the guest tenant, he is unable to leave this tenant from his side any more. Or user has to contact the guest tenant GA.

    Could we have a feature: “request to remove from directory" , so that it would notify to remove the user from the guest directory.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  10. More picture steps

    Why can’t you have more pictures per each step of the process. This 2nd Authenticator idea is very unfriendly. Re-think or redesign this system’s login process, pls!

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  11. Azure AD - All Groups list - New columns - Number of members & object ID

    I think it would be interesting to have new columns to be displayed in the AAD groups list:
    Number of members and the group object ID.

    Those two columns could be activated or not via the columns button.

    Thanks.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow an enterprise-ca issued certificate for Secure LDAP

    Currently MS Support has told me that I can only use a certificate purchased from a third-party CA or a self-signed CA for Secure LDAP.

    AADDS used to allow a certificate issued by my internal CA, but this has apparently changed after the migration to the new Azure portal.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  13. Unhelpful "This request has a value that is not valid." Error

    Updating properties (REPLY URL, permissions to other applications) in the Active Directory Application configure menu fails with unhelpful "This request has a value that is not valid." with no further information.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  14. radius

    A method to authenticate WLAN or LAN users through 802.1x (RADIUS) using Azure AD

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  15. Restrict Access to Attributes in AAD

    Just as we can with on premise AD, it would be great to be able to restrict certain attributes in AAD so that only certain users could view them.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  16. Merge onmicrosoft account between Azure and Office 365 Business

    Provide the ability to merge several microsoft accounts. Currently I have to log in with more than one account to manage my portals.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  17. Have a preview button for doing custom branding. Sign-In page illustration not displaying.

    After one has selected the desired files required for custom branding, A preview button will help greatly when it comes to time saving, and also it can show whether the applied images are taken or not, I have had countless times when I upload a image for the Sign-in page illustration, apply it, and when using an in-private session to see the result, just to find the illustration hasn't been loaded, and have to repeat the entire process. really frustrating.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  18. Are we able to find out all users and their last logged in date in AAD? A report feature is preferred

    I need to access how Active my AAD users are. Not sure if there is any Report feature that can churn out all users and their last logged in time. Cause base on this. i can tell how LONG has he/she not logged in.

    Appreciate your help pls :(

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  19. Azure AD Audit Logs - On-Premise AD Group Membership Changes

    Azure Active Directory audit logs do not show the details of on-premise Active Directory group membership changes. While these changes could be viewed in on-premise AD logs, it would be nice to be able to leverage the easy to use Audit Logs UI and logging analytics capabilities within Azure.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  20. coin master free spin and coins links

    https://www.freespinandcoins.com/
    Coin Master Daily Free Spins and coins. Just click on URL and get free 20 and more spins and coins. Coin Master daily Links

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base