Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. OAuth password flow

    Document the username/password OAuth2 flow. The documentation at https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-protocols-oauth-code shows the implicit and authorization code flow but does not contain any information or setup instructions for the username/password flow

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  2. Speed up background processing

    This goes for all Azure AD processes, including Azure AD Connect and Device management.

    Changes made to Azure AD sometimes take an extremely long time to process; changing a computer's name, changing a person's name, adding a new computer and waiting for the name to show up in Azure AD so that you can add them to a group; I've waited as long as 24 hours for changes to be reflected in Azure AD.

    All processing jobs need to run quicker for Azure AD.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  3. Invoice

    As with most companies, receipts are required for purchases.
    Why is it so difficult to find a copy of the invoice for what I have been charged and paid for?
    This should be easy but there are red herrings everywhere and the admin account magically changes to my account.
    Please fix this mess and make it easy to access or .. email a copy of the invoice to a nominates mailbox!
    I know I am not the only one that struggles with your overly complicated interface

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  4. Completely integrate Office 365 Azure AD Premium subscription with Azure

    After purchasing an Azure AD Premium P1 license and attempting to open the Azure AD admin center, I found that I had to separately sign up for an Azure subscription. I am a little concerned about the apparent disconnect between Office 365 vs. Azure infrastructure, subscriptions, support, and what seems to be everything else about the 2 systems. This disconnect makes me nervous that one system/subscription doesn’t know anything about the other, and I will therefore have to keep track of them separately and pay for them separately. I’m hopeful (but not expecting) that my Office 365 account and payment…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  5. Enable / Fix the display of Bitlocker Recovery Key in AAD Preview

    Bitlocker Recovery Key only shows in Classic Portal. Example: Surface Hub recovery key can be seen in AAD classic portal but not AAD preview

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  6. Azure Active Directory - New Users Syntax Failure

    When the error message indicates [Invalid characters or syntax for a user name] it should then either show the correct syntax or provide a link to requirements.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  7. Cloud App Discovery: Add-on's used by apps (flash, java etc)

    It would be great to be able to identify extensions used by the apps discovered. Which sites uses java and flash etc.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  8. How the reply url comparer for AAD app works

    I working with SSO (multi-tenant authentication) and using AAD app with multiple "Reply urls".
    I found interesting behavior with ws federation authentication:
    when I set reply url in the AAD app like "https://domain/level1"
    then I can succesfully use "wreply" attribute like "https://domain/level1/AnyThingThere",
    but I think this is wrong behaior, because "https://domain/level1" not equal to "https://domain/level1/AnyThingThere".

    some extra information:
    - wtrealm: "https://domain/level1"
    - Sign-on URL: "https://domain/level1/SignIn"
    - App ID URI: "https://domain/level1"

    I don't understand the behavior of reply url comparer.
    So, There are questions I have:
    1.…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  9. Linkedin authentication provider - Azure

    Please add linkedin as authentication provider within azure. Microsoft own linkedin so see no reason why you cant make this happen.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  10. Provide API access to ESR to allow our developers to leverage the platform to roam settings

    Our developers who are writing applications for our company could leverage ESR if there was an API available to read/write data to this store.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  11. user and roles management

    Hi, I was not able to add a global admin via the new portal. Thus, our head of development in Vietnam was not able to create a SQL server. When I switched to the old portal, it did work. Had there been a hint somewhere, I could have avoided unnecessary work. In general, the old admin portal is much easier and more intuitive than the new one. Not sure why you guys are not implementing those feature in the new portal and/or give better guidance.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  12. Newest Prerelease Version of ADAL not work with android an uppercase returnUri

    [Moved from App Service forum - is this resolved?]

    If there are uppercase characters in the returnUri of the Active Directory Client Application. The Authentication with ADAL Prerelease Version 3.4.206191646 with Xamarin on Adnroid does not work. There will be an error after the consent page.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  13. Irregular sign in activity should display what's normal before the triggered event

    The report "Irregular sign in activity" should show what's normal, and detailed why this was triggered.

    If it's a atypical location: What is the typical?
    Signed in from a location distant from the previous location: What was the previous?

    If you have hundreds of users, sending just this list to an administrator is not sufficient.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  14. Provide alternate path or help when removing features. E.g. URL to Grant Access

    We use to have a "URL to Grant Access" in the WAAD application configuration page. This has been removed recently (March 2014) and there is no documentation or help to explain what is the new way of granting access to other WAADs.

    Even the documentation still specifies this "URL to Grant Access".

    Please help!

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
    under review  ·  Anonymous responded

    Your suggestion has been passed on to the appropriate Program Manager.

  15. Bulk import/export should use the same id shown in the device info pages/export

    Bulk import/export use the objectid but this is not given in the UI for a device, only the ADdeviceid. So either the info screen and other export should include both or the bulk operations should be based on the ADdeviceid

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  16. Azure AD Audit Logs - On-Premise AD Group Membership Changes

    Azure Active Directory audit logs do not show the details of on-premise Active Directory group membership changes. While these changes could be viewed in on-premise AD logs, it would be nice to be able to leverage the easy to use Audit Logs UI and logging analytics capabilities within Azure.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  17. Request to leave other Azure AD tenant

    Currently, to leave an Azure AD tenant, the user needs to "sign in" to leave the organization from access panel. However, if the account has been locked or disabled in the guest tenant, he is unable to leave this tenant from his side any more. Or user has to contact the guest tenant GA.

    Could we have a feature: “request to remove from directory" , so that it would notify to remove the user from the guest directory.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  18. Jira addon: Allow control of SAML session timeout

    Please allow Jira admins the ability to control the session timeout.
    Currently Sessions who logged using the SSO Jira Azure plugin have to login every single time they open a new window.
    While comparing between User/Pass login cookies and SSO login cookies, It looks like the Jira addon doesn't add "seraph.rememberme.cookie" (saves the sesssion) at all which is causing this bug.

    looks like this is related to https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/36443992-keep-sso-user-signed-in-into-jira issue

    com\microsoft\atlassianplugin\jira\servlet\JiraSSOLoginServlet.class:376 should add another session attribute to save the user's session

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  19. Azure AD services to support User Defined Routes.

    I deal with a great deal of small businesses which don't always have the IT resources to support enterprise level services such as Active Directory. All too often do I see AD domains setup with a single server running far too many services such as AD, SQL, File , Print, etc. Azure AD as a service gives you the ability to run AD in a highly redundant fashion without having to managed the servers. However it only works in Azure and only based on the default routes which only Azure has access too. I'm trying to build an environment which…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature

  20. Keep user signed in

    Why do I have to continuously sign in, even if I put my computer to sleep? I always tick the "keep me signed in for 30 days" but it doesn't work, It's like my signed in session times out immediately. It's very annoying and time-consuming. I just want to be able to access my apps and work!

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base