Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Access package policy for dynamic assignment

    The ability to have a policy to dynamically assign access packages automatically to users, based on criteria / filters is very important, as this will greatly improve an organizations ability to provide a set of default access packages to their users based on division, company, etc.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  2 comments  ·  Entitlement Management  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow on behalf of requests for manager approval

    The existing manager approval is great, but often a manager would like to be able to assign certain permissions before the user has his first working day.

    An option allowing a manager to request access packages on behalf of their direct reports, or for a manager to assign their direct reports access packages that have a manager approval policy linked to it, would greatly improve the manager experience.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Entitlement Management  ·  Flag idea as inappropriate…  ·  Admin →
  3. NDA / DPA Requirenments

    We have a large number of independent companies (legal entities).Each company is obliged to sign an NDA with each supplier whose employees we authorize in the tenant. The purpose of the data processing must be defined by a DPA between a company and the supplier.

    DPA Suplier <> Company.Data could perhaps be implemented at Access Package level

    NDA Suplier <> Company could perhaps be implemented at the catalog level

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Entitlement Management  ·  Flag idea as inappropriate…  ·  Admin →
  4. NDA / DPA Requirenments

    We have a large number of independent companies (legal entities).Each company is obliged to sign an NDA with each supplier whose employees we authorize in the tenant. The purpose of the data processing must be defined by a DPA between a company and the supplier.

    DPA Suplier <> Company.Data could perhaps be implemented at Access Package level

    NDA Suplier <> Company could perhaps be implemented at the catalog level

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Entitlement Management  ·  Flag idea as inappropriate…  ·  Admin →
  5. Entitlement Management, Graph API: Filtering on nested objects.

    Filtering on nested objects with Graph API in Entitlement Management is currently very limited and is thus also limiting the flexibility by programmatically scripting Automation runbooks.

    Example:
    Filtering on "requestorSettings/scopeType" is not supported. This would be good to have in order to filter out assignmentPolicies that are for example admin-add only.

    https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies?$filter=requestorSettings/scopeType eq 'NoSubjects'

    Returns:
    "error": {
    "code": "InvalidFilter",
    "message": "OData query is invalid: Filter 'requestorSettings/scopeType Equals NoSubjects is not supported. .",

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Entitlement Management  ·  Flag idea as inappropriate…  ·  Admin →
  6. Entitlement Management Role enhancements

    We have some usages of applications and SharePoint that entail a large number of roles and individuals can be members of lots of them. At this point, we'd have to create a package for each role and grant access to individuals for each one.

    I'd like the ability to create a package that's tied to the underlying applications. Then define the package roles that correlate to various roles in the underlying applications (And one package role could be multiple application roles, like multiple SharePoint groups). And finally, allow for users to select 1 or more of the roles of the…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Entitlement Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. Support License Assignment on Entitlement Management

    Currently, we are using assignment to group method for office 365 license.
    I hope enhance our administration for license assignment task.

    If you support to license assignment on entitlement management, we are able to complex license assignments for restrict access users.
    (ex. only e-maill access, device managment only, etc.)

    I hope support the entitlement management to the license resource.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Entitlement Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Make Entitlement Management part of Identity & Threat Protection

    Currently, it's only comming to AAD P2, but it would make sense to have it in Identity & Threat Protection as well.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Entitlement Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. Integrate Entitlement Management with MyApps

    It would be great integrate Entitlement Management with the MyApp portal.

    Example:
    1) User navigates to the MyApps portal and clicks on "+Add app"
    2) Within Entitlement Management, there are a number of applications that the user is already entitled too, but require either approval or a licence.
    3) These applications are listed within the "+Add app" section.
    4) User selects an application within this section, which then starts the approval process within Entitlement Management. It would be a great user experience to be redirected to the MyAccess portal, or this is done transparently.
    5) User and approvers receive emails…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Entitlement Management  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base