Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Return SAML IDP's native SAML assertion back to the app

    Return SAML IDP's native SAML assertion (for e.g., ADFS) back to the app so it can be used to call other apps authenticated by the SAML IDP.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  2. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  3. OU slelction in Azure AD Connect

    Currently Azure AD Connect is not having an option to export the selected OU's and Sub OU's for reporting purpose. It would be helpful if we have an option to export the list of OU's selected in Sync scope.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  4. This SUCKS. I'm trying to get the authentication app to work on my Samsung Galaxy S8

    I've got the authentication installed, but when I want to set up the first account, it wants the QR code. When I try to get the QR code, it wants the verification code first. If I had the verification code, I wouldn't need all the rest of this ****! I'm sick of going in circles! I can't verify that its me unless you let me in to verify. The only choices its giving me is to use the authenticator app on my phone! Aaaargh!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  5. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  6. Block sign in for new guests

    We have implemented a process inviting guests to Azure AD. We want also use the anonymous link feature within SharePoint with a restriction who can use this feature. But this allows those users also to invite guests.
    It would be great to have a switch within the "External collaboration settings" area, to set that all new invited guest are automatically blocked. Within our process, we could enable legitimate guests, while others are blocked for sign in.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2B  ·  Flag idea as inappropriate…  ·  Admin →
  7. add a delete_profile policy, so a user can delete his own profile for the specific active directory

    add a delete_profile policy, so a user can delete his own profile for the specific active directory

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  8. Support Chrome Credentials Passing API for SAML SSO

    Using Azure AD SAML SSO with G Suite, when logging into a Chrome OS device after completing the Azure AD sign in you need to enter your password in to a Chrome dialog. Google has an API available to SAML vendors to bypass this extra step: https://www.chromium.org/administrators/advanced-integration-for-saml-sso-on-chrome-devices

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  9. Support tags for Azure AD Domain Services

    Considering adding support for Azure Tags in Azure AD Domain Services. Azure Ad Domain Services is nearly to only service that does not support tags in Azure.

    @Erin

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  1 comment  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow a person with security administrator role AND user administrator role to be able to reset password for the user in the identity protec

    Allow a person with security administrator role AND user administrator role to be able to reset password for end users in the identity protection blade (after he has ealuated the risk events).

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Clean up old sync errors

    (Note: I was directed here by the Azure Support Twitter profile)
    The Sync Errors page shows errors for objects which no longer exist, neither in our on-premise AD nor the Azure AD (these were accounts I created on a new AD created purely for testing; even the AD no long exists).

    The sync error however remains and now I get an email every Monday telling me just that. I don't see a way to mark this error as "handled" or otherwise delete it, as it is a false-positive.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect Health  ·  Flag idea as inappropriate…  ·  Admin →
  12. Unbind info

    Need to proved clear instructions for those
    using macs who are bound to Microsoft without
    their consent or permission.
    We are not employees, we are losing business.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Poder aplicar los dos pasos tanto en la PC (uso en el hogar) Lapto fuera del hogar.

    Que pueda aplicar los dos pasos cuando uso la PC en mi hogar, y aplicarla tambìen cuando uso la Lapto fuera del hogar. (estudios, oficina, viajando, etc)

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  14. Office 365 dont lose access

    This process makes it impossible for MSPs for SMB to setup users easily.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  15. mfa

    sign-in log improvement for MFA info.
    It would be helpful to identify which application (defined in a conditional access policy) has triggered the MFA for a particular sign-in activity.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  16. This sucks!!! Very confusing and time consuming! What code do I use to get into the first log in?

    Why not just Keep It Simple Silly??? The is too time consuming to do on our own time, and it is frustrating for some of us!!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  17. Adding Authenticator App Timeout

    Adding Authenticator app fail every time with timeout for new setup in new experience in Czech Republic.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow the user to unenroll from MFA

    After Two-Way auth is enabled (aka.ms/mfasetup) there is no turning back from the users perspective.
    The users should be given an option "Remove" from the attached screenshot, which is again at the aka.ms/mfasetup.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  19. Allow Authenticator app in administrator password reset policy

    The default (and enforced) password reset policy for Administrative accounts does not allow the use of Authenticator (either codes or notifications), forcing instead the use of external email and either call/sms.

    From my perspective Authenticator seems a more secure choice than either of these two enforced methods.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  20. Allow the creation of more than one Managed Domain on different subscription.

    The idea of replacing our IaaS DC servers with managed domains is great, but how can we not create a second domain, if we have different subscriptions, i.e. different VNet and there is no communication between them??

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    triaged  ·  0 comments  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base