Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

How can we improve Azure Active Directory?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Access Reviews: Apply to new groups and/or multiple groups

    It would be VERY beneficial to apply an Access Review policy to new groups as they are created, eliminating the management overhead of creating new policies AFTER each group created.
    Also, if a Access Review Policy could be applied to multiple groups at a time, Access Reviewmanagement overhead would be reduced.

    12 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      3 comments  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →
    • Access review for subscription

      Expand access reviews to support Azure Subscription and Resources for explicit assigned identity.

      4 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        1 comment  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →

        Thanks for the suggestion!

        Could you please expand on this scenario – Are you referring to review the Azure subscriptions that you own, or review a user on the list of Azure subscriptions s/he has? Thanks!

      • Add Manager Option to Reviewers in Access Reviews

        Our organization requires Managers to approve access to Applications. Please give the option to require a manager to approve application access via the Access Reviews option.

        4 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          1 comment  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →

          Hi Justin, thanks for the feedback! It will definitely be helpful to have managers as the reviewers, there is a “manager” attribute in AAD’s user profile, but it’s currently a string only. We are working to improve the architecture first, then we can leverage the data to automatically assign managers to be reviewers. If you have any more feedback or questions on this, feel free to comment on this thread or email accessreviews@microsoft.com.

        • change risk event level

          Give us the ability to lower or raise the Risk Level on Risk events. I would like to specifically be able to change Sign-ins from unfamiliar locations to Low due to a high volume mobile workforce.

          3 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            1 comment  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →
          • Access review

            There should be a validation message to check the end date before or equal start date.

            3 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              2 comments  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →
            • Access reviews should also apply to Directory access

              Access Reviews should let you review guest users access on the directory level. Using a dynamic group with all guest users in it, I should be able to have access reviews DELETE the user from the Azure Active Directory rather than just removing the user from a group.

              1 vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →
              • Disasterous

                Junk it! I've been trying for 1/2 hour. By the time I've sent in a code sent to me, I've received 3 or 4 more new codes. None of them work. Infuriating. Junk it and let me get to my email which is important! Such incompetence... What's the use of sending you my cofc account, I can't get in to read it. **** such incompetence.

                1 vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →
                • 1 vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →
                  • access review sharepoint online

                    extend access reviews to sharepoint online sites

                    1 vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      1 comment  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →
                    • Download the User's list in Alerts for Azure AD

                      At the moment we are not able to download the information with the users listed in Azure AD roles - Alerts. It would be very helpful if we had this option as we have in Access Reviews.

                      1 vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        1 comment  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →
                      • PIM Access Reviews Emails Alerts

                        Would be great having the opportunity to edit or add a message into the Email sent by Azure.
                        Eg. When someone has the role membership denied by a role owner, the user should get the email WITH the reason and not just the email saying that the has been removed.

                        Also would be great allowing the GA's to add a message or create the reminders by themselves AND schedule it.

                        1 vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          0 comments  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →
                        • This link, in your automated email, does not lead to any "troubleshooter" than can be "run"

                          This link, in your automated email, does not lead to any "troubleshooter" than can be "run"

                          1 vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            2 comments  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →
                          • Blocking. This system is out of control for producers as well as the users

                            The system is irreversible
                            Uncontrolled by the concerned body
                            Disfunctional
                            Boring excessively
                            Can you say yes or no?????

                            1 vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →
                            • Access Reviews: Skip review if no members are eligable for review

                              If a group is empty the owner still get's an email to complete a review, this is confusing as they don't know what to do when they click the link to the review as there are no actions to complete. Access Review should be smart enough to know that an email to the manager is not necessary if there are no members to review.

                              1 vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →
                              • Access review - domain admin & Global Admin

                                Hi,

                                Would be great if Access Reviews could include the on-prem group Domain Admins, and the Cloud based group GLobal Admins. Right now this is not possible.

                                1 vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →

                                  Thank you John for the feedback! My understanding is that you are referring to access reviews of privileged roles in the PIM experience.

                                  In regards to reviewing on-prem group Domain Admins, historically, groups like that were blocked by AAD connecto for not sending them to AAD, so they are filtered out.

                                  For cloud based group Global Admins, you can review global admins in the current PIM experience, these 2 articles should help you get started –
                                  docs.microsoft.com/en-us/azure/active-direc..

                                  docs.microsoft.com/en-us/azure/active-direc..

                                  If you have any more questions – feel free to email accessreviews@microsoft.com

                                • Don't see your idea?

                                Feedback and Knowledge Base