Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. WE as a world will need a build for AUS system set up of inclusivity Nintendo coins

    CENSUS, PAYMENT, PROCESS, Receivables: Spendingaling ding:
    Working on process accountability of KISS product, Keep it simple sweetie
    Have made you a team of emojies will send you a photo. Oh thank you my friends. Will be in touch it's called bridging the gap...…..

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  2. Exposing an API for ADDS Health status (RSS Feed...)

    We need to centralize health status of all Azure Services in our main monitoring dashboard. Could you expose the ADDS Health Status information of our ADDS Instances via an API or a RSS Feed ? The idea is to capture it with a logic app and add it to a custom log in Log Analytics. An official Log Analytics solution would be even better.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    need-feedback  ·  1 comment  ·  Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
  3. Incorporate SAML tokens into the multi-redirect URL option in the Azure Portal.

    For SAML-based authentication, we have multiple applications running in the SAP Fiori Launchpad. Our customer would like to leverage multiple hostnames to resolve to different applications. In order to provide SAML SSO, MS Azure multi-redirect URL option would need to incorporate SAML tokens into the Azure Portal.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  4. SSPR APIs to create or update challenge questions

    It would be good to have APIs to update the challenge questions and response for SSPR. in that way, it can be integrated with an existing user self - registration solution.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  5. Include AD structure (OUs) in filtering rules

    I would like to be able to set different filter conditions for different OUs (e.g. Sync all groups in OU A, but only groups with a particular attribute in OU B). Because OUs are not a filtering rule option, filters apply equally to all in-scope OUs. This is an issue for us, especially when you consider that Distribution Lists and Groups are also classified as the same object type (group) for filtering purposes.

    P.S. I chose MIM as the Category because AAD Connect isn't listed, and I believe they use the same filtering engine.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  6. Zorg bij de overgang naar een ander systeem voor een fatsoenlijke begeleiding.

    Zorg bij de overgang naar een ander systeem voor een fatsoenlijke begeleiding.
    De studenten en docenten hebben geen idee meer waar en hoe de software opgehaald moet worden.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Licensing  ·  Flag idea as inappropriate…  ·  Admin →
  7. ดีมาก

    ตามความต้องการใช้งาน

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  8. [Static website] openId connect plugin / guidance

    In MVC, we have Microsoft OpenId Connect / Owin to secure the application using Hybrid flow with a Single Page Application on the front end.

    The request is to have capabilities to move from MVC SPA (self hosted VM) to Serverless (Azure blob + Azure function as backend) to do Hybrid flow authentication. Impicit flow is not secure, so that option is out for Serverless Architecture.

    An explicit guidance explicitly how to handle state and nonce / a nuget package plugin would be great.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  9. When I call the voice is in Spanish from Spain and askes to hit a key on my cell phone that I do no understand. Is she saying hit the yellow

    I am trying to change my password. When I call the voice is in Spanish from Spain *I live in Colombia( and askes to hit a key on my cell phone that I do no understand. Is she saying hit the yellow key? la teclada amarrilla? If so, which one is that?

    And then it does not give time to even hit keys.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow Azure AD B2C Tenant to Link to EA or Sponsorship Subscription

    During testing on Azure AD B2C, we found that the Tenant cannot be linked to a Enterprise Agreement or Azure Sponsorship Subscription - it requires a Pay-As-You-Go Subscription due to some billing requirements.

    Since we cannot create Pay-As-You-Go Subscription under our main Account due to our Enterprise Agreement, this means that we are likely forced to create a new Azure Account/Tenant that is dissociated from our Enterprise Agreement account in order to test Azure AD B2C - this is not really a sustainable approach for Production usage.

    Azure AD B2C should be improved to allow billing to draw from an…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  11. Manage Federation Error: Cannot Deploy ADFS or ADFS Proxy If Wildcard Cert Is Already Set

    This is causing us ENORMOUS headaches. We already have federation set up and are using a wildcard cert. Now we cannot use the "Deploy ADFS" or "Deploy ADFS Proxy" in the Azure AD Connect tool: It says the certificate is already set (it is), we enter the password for the cert, and we get an error that states the cert doesn't have a suitable subject name. We've been using this wildcard cert for years, and haven't seen this error before in Azure AD Connect (version 1.2.70). This is a major problem as we use this tool to centrally deploy farm…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  12. When you say 'We've sent a notification to your mobile device. Please respond to continue.' you can specify by which method you have send it

    When you say 'We've sent a notification to your mobile device. Please respond to continue.' you can specify how you have send it. If by sms, I cannot receive sms because I'm abroad and it doesn't work for some reason. I have MS authentificator app, which doesn't show anything and it is not linked to this web profile anyhow, which can also be improved.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  13. Yeni telefon numarası

    Yeni telefon numarası tanımlamak istiyorum. Fakat eski numaram aktif olmadığı için doğrulama kodu alamıyor ve office 365 e bağlanamıyorum.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  14. Free Software to Convert Outlook OST file into PST file

    For the conversion task users can convert single as well as multiple files as per folder free of cost. It backing all the version MS Outlook version 97, 98, 2000, 2002, 2003, 2007, 2010, 2013, 2016 and 2019. Before the conversion task, it displays the preview of recovered mailbox included with emails, inbox, outbox, sent-items, deleted-items, drafts, contacts, calendars, notes etc. The users can export their data into several file formats like PST, HTML, EML, EMLX, vCal, vCard, MSG, and MBOX. Apart from its support cloud-based application Office365 & Live Exchange Server. It gives an accurate result than your expectation.…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  15. Prevent user from reset Password with same mobile phone - app & message

    Today a user can use the same mobile phone for password reset by using text message / phone call and authenticator app...

    To view the text message, answer the call and / or accept the push notification it is not necessary to unlock the phone.

    So what's the use of forcing two methods for password reset?

    We need an option to prevent user from reset password by using app notification and phone message / call. The Authenticator App could access the mobile phone number, used by the device and the admin should have the option to prevent accepting push notifications…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  16. Option without double verification.

    I really hate having to answer a phone call or text in order to sign into my email every time

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  17. conditional access device state include: only "all device states" available

    In conditional access rules in the device state part, you can only include all device states. We need to have the possibility to select the different device states: 1. hybrid azure ad 2. conform, 3. Not hybrid azure ad and not conform.

    Background:
    1. For Hybrid Azure AD devices, we want to allow Browser Access to all Office 365 Services.
    2. For not Hybrid Azure AD devices, we want to allow Browser Access only to Exchange Online.
    When we have These two rules and a not Hybrid Azure AD devices is using a browser to acces outlook.office.com (Exchange Online), this…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  18. Authentication app should show the IP address and App that is generating the authentication challenge.

    The Approve/Reject popups in the app should contain more information so the user can tell what app and what IP is triggering the approval request. We recently had a user click Approve on a challenge that should have been rejected because the user said there are so many requests. See what device, IP and app is causing the Approve/Reject challenge would help the user identify valid requests (and there are many of these) from those that should be rejected.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  19. Allow encryption of ADFS SAML claims to AAD, using self-owned certificate.

    I would like the SAML claims sent from O365 RP encrypted by a self-owned certificate. The problem I see is that there is no way for AAD to decrypt the claim. Please when can this feature be supported?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  20. Recovery does not work

    Please fix this app for recovery. I switch phones a lot for work purposes and MS Authenticator is bad for Backup/Recovery. I can backup to iCloud and it backs up one account. I'm now moving to LastPass Authenticator until MS can fix the recovery option.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base