Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Azure AD v2 endpoint: Allow to edit or provide custom Redirect URI for mobile applications

    Currently, the Application Registration Portal sets the Redirect URI to urn:ietf:wg:oauth:2.0:oob when developers add a Mobile platform.

    This leaves developers with only two options of Redirect URI. They can use urn:ietf:wg:oauth:2.0:oob or the generic https://login.microsoftonline.com/common/oauth2/nativeclient

    The former option breaks many existing OAuth libraries, which do not support hierarchical URIs.

    The second option causes a problem if the developer chooses to use the browser device instead of a WebView for authentication. Google recommends using the browser (https://developers.googleblog.com/2016/08/modernizing-oauth-interactions-in-native-apps.html).

    The problem is that after the user signs in and the flow returns to the redirect URI, the user is presented with…

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  2. When associating an O365 AD to Azure AD it fails silently if prereqs are not meet.

    Following the instructions here:
    Associate an Office 365 tenant with an Azure subscription
    https://azure.microsoft.com/en-us/documentation/articles/billing-add-office-365-tenant-to-azure-subscription/

    there are a handful of prerequisites, however the system silently fails if you miss the prereqs and attempt to do the associating.

    Request: have the system do an automated check that all the prereqs are meet before attempting the association, or if it fails, provide detailed information as to what needs to be resolved.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  3. Provide native security services and policy interception in the AppFabric

    Provide native security services in AppFabric such as XML firewalling (structure, grammar, semantics, algorithms, injections, etc), similarly like other XML virtual appliances .
    Ideally, it would great if interception can be implemented between client and the end service by calling Worker / Web Role on Azure to perform this functionality (an possibly policy enforcement) – Customer may or may not to choose to deploy this solution at their own cost. The firewall can be reference implementation on codeplex and / or fully managed service provided by Microsoft.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
    under review  ·  Anonymous responded

    Your idea has been sent to the appropriate Program Manager for review. Thank you for your input.

  4. More picture steps

    Why can’t you have more pictures per each step of the process. This 2nd Authenticator idea is very unfriendly. Re-think or redesign this system’s login process, pls!

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow an enterprise-ca issued certificate for Secure LDAP

    Currently MS Support has told me that I can only use a certificate purchased from a third-party CA or a self-signed CA for Secure LDAP.

    AADDS used to allow a certificate issued by my internal CA, but this has apparently changed after the migration to the new Azure portal.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  6. Change Background colour of Access Panel Page (myapps.microsoft.com)

    Admins should be able to configure the background color of the myapps.microsoft.com portal.
    (Note: Not talking about the Login Page)

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  7. Unhelpful "This request has a value that is not valid." Error

    Updating properties (REPLY URL, permissions to other applications) in the Active Directory Application configure menu fails with unhelpful "This request has a value that is not valid." with no further information.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  8. radius

    A method to authenticate WLAN or LAN users through 802.1x (RADIUS) using Azure AD

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  9. Restrict Access to Attributes in AAD

    Just as we can with on premise AD, it would be great to be able to restrict certain attributes in AAD so that only certain users could view them.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  10. Have a preview button for doing custom branding. Sign-In page illustration not displaying.

    After one has selected the desired files required for custom branding, A preview button will help greatly when it comes to time saving, and also it can show whether the applied images are taken or not, I have had countless times when I upload a image for the Sign-in page illustration, apply it, and when using an in-private session to see the result, just to find the illustration hasn't been loaded, and have to repeat the entire process. really frustrating.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  11. Are we able to find out all users and their last logged in date in AAD? A report feature is preferred

    I need to access how Active my AAD users are. Not sure if there is any Report feature that can churn out all users and their last logged in time. Cause base on this. i can tell how LONG has he/she not logged in.

    Appreciate your help pls :(

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  12. Adding standard provisioning for SAP Cloud Platform Identity Provisioning Service SAP CP IPS

    It would be nice if there was a readily available mechanism for provisioning users from Azure AD into SAP Cloud Platform Identity Provisioning Service (SAP CP IPS).

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  13. Administrative Unit

    Expand Azure Active Directory Administrative Unit feature to other role/services (e.g. Exchange/SharePoint Online Administrator, MFA settings in O365).
    Only User Management / Helpdesk(Password Manangement) role is not enough.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  14. To stop automatically translate något förståeligt to something som ær skrap

    Be able to turn off automatic translation since it makes the text unreadable. Jag hoppas att jag gjort mig förstådd? Anyhuu, the English to Svenska översättningen är under all kritik. För att kunne ge intryck av att vara ett seriöst företag så kan men verkligen inte använda sig av ord som "quintesentially". I think the original author and or editor of the article's would be fly förbannade.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  15. Azure AD - All Groups list - New columns - Number of members & object ID

    I think it would be interesting to have new columns to be displayed in the AAD groups list:
    Number of members and the group object ID.

    Those two columns could be activated or not via the columns button.

    Thanks.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  16. SAML Token Attributes Preview

    It would be extremely helpful for diagnostic purposes to be able to preview the SAML response for an application. I've been able to do this with my Okta and Centrify customers. Ideally after creating an application and setting the SAML attributes to include I would click "Test" or "Preview", select a user in the director and view what the full SAML XML document would look like. It really helps in catching any errors ahead of deploying the application.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow different login branding customizations per-app

    As developers look more and more to Azure App Services to host custom developed SaaS/multi-tenant apps with Azure AD auth, it would be great to enable login page customizations on a per-app basis.... just like MS do :D

    An excellent explanation of this can be found here: http://stackoverflow.com/questions/43105050/custom-branding-for-login-on-a-azure-ad-multi-tenant-app

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add view of monthly active users for all apps in the company

    Show list of all apps and their active monthly users, not just the top 5.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    planned  ·  0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  19. Make it possible for users to view own devices and bitlocker recovery keys on account page.

    Make it possible for users to view own devices and bitlocker recovery keys on account page.

    Would also be nice as an administrator to easily get a list of all joined devices, the user and the bitlocker recovery keys for each device. Today recovery keys and devices are really located deep in the UI.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  20. Allow configuring custom SAML-based apps without AzureAD Premium

    SAML-based apps in the AzureAD marketplace can be implemented without an AzureAD premium subscription. However, I cannot set up my own SAML-based app (for example for a SaaS app not listed in the AzureAD gallery) without a premium subscription. This feels wrong to me - please allow adding custom saml-based apps without a premium subscription.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base