Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. MFA- Please give the availability to allow my IOS device / MS Authenticator to be device joined to multiple AAD's.

    For instance, my personal IOS mobile is enrolled at my company to protect the data within the corporate O365 applications (Exchange/Outlook, Onedrive, etc). MFA is configured as Authenticator only (Notification and Verification).
    My only issue is the device can only MFA enroll as a device in corporate, and not on my personal AAD. My mobile IOS proves to be challenging when attempting to access my personal email, and other O365 application data. I feel this would be solved by adding more MFA AAD registrations, since Microsoft marketing seems to push O365 services to a larger environment than just corporations and…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow for logical arrangement of Conditional Access rules (Move Up/Down on the list)

    Allow for logical arrangement of Conditional Access rules (Move Up/Down on the list)

    Rule set becomes very confusing, when we cannot make logical arrangement of the rules. I would like the ability to move the rules up and down in the UX.

    https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/19344295-ability-to-group-azure-conditional-access-rules

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  3. This is ********.

    I can't keep running back to my car to get an authentication text on my phone and then running back into work. It should be authenticate one time and done.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  4. Initial Access Code for MS authenticator

    Hello. SASS PASS offers gated access (three tries) to two factor codes. However the MS APP does not have this feature. This is a big issue as any one who has the phone is able to view the codes. Please add an additional security code before anybody is allowed to access the accounts protected by the authenticator.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Identity Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. rename Active Directory

    It would be nice and more friendly if we can rename the Azure Active Directory.

    At the moment, I have to create a new Active Directory and then switch to the new Active Directory.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Providing compliance information about gallery apps(e.g. HIPPA / PCI compliance)

    e.g. HIPPA compliance status, PCI compliance status, etc.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  9. Tagging applications

    As an admin, I want to be able to tag applications

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  10. "Stay Signed In" Screen

    To save power, I log out and shut down my computer every day. Every time I sign in the next day, I am offered the option of "Stay signed in?" Every time I select "No". Every time I tick the box that says "Don't show this again". Despite this, I am offered this screen every single time I sign in. What part of "Don't show this again" don't you understand? Can we just get rid of this unnecessary, unwanted, third screen? Or at least one that responds correctly to my request "Don't show this again".
    PS Cookies are enabled.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  11. There is an issue with the AD>User> Add User

    There is an issue with the "AD>User> Add User", I selected the directory role as Global administrator. But there is no option to change it back as "User" back. No option to save (ok button not enabled)

    Please take care of this

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Spell "organisation" correctly. As in "Taking you to your organisation's sign-in page"

    Spell "organisation" correctly. As in "Taking you to your organisation's sign-in page"

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  13. Azure AD, Enterprise Apps 'All Applications' just hangs

    I'm trying to manage an enterprise app in the Azure Portal. When I go into Azure AD, then Enterprise Apps, the 'All Applications' tab just sits there with a spinner. I can go to the overview tab and add an app, but I can never get back to it again via the 'All Applications' tab.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. REST Operation code samples for LogicApp

    https://docs.microsoft.com/en-us/rest/api/logic/#rest-operation-groups

    Please provide samples to use the above REST operations for a ********.
    Even having admin permission the API's expecting authorization for it.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  15. Would be great if there was a UI for changing User Types, as for a month I have been going back and forth with tech support on Powershell.

    A form select field accessible by only account owners/admins allowing for the change of User Types in the Active Directory. This field can be placed on the User Profile panel.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Cloud Identity - Disable/Enable Directory Sync Progress Indicator

    From MS Customer.
    6000 users sync'd to O365/Azure. Disabled DirSync and needs to know how long it will take.

    Research showed that there are two distinct operations
    During Disable:
    get-msoluser -all and look at last DirSync timestamp - when blank, phase one is complete.
    Change attribute of user object, UPN and when you can change one UPN you can change more information for all objects.

    We would like a set of commands, health analyzer or something that indicates the progress.

    Can an article be publically available that describes the different phases of what is happing on-premise and in Azure?

    Thank…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  17. Please add a new AAD directory user role to allow users to register their apps on the directory without being a global administrator.

    There are multiple product teams who would like to register their app on the AAD. At this point, there is no directory role on AAD that allows users to register the apps without being a Global administrator role on the directory. The other option at the directory level is to allow all users in the directory to have access to register their apps on the directory (This is not a good option to enable on an enterprise AAD).

    A directory role to register apps on AAD would help a lot.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  18. Stop allowing AzureAD group names be case sensitive

    I was using New-AzureADGroup to create new security groups and found out that the AzureAD group names are case sensitive. I ended up with 2 groups with the same spelling with just a case difference in one character. I believe this will cause usability issue down the road. You can see the commands I used in the attached file.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  19. Azure connector sync issues

    We are trying to auto provision Salesforce users using Azure AD connector. We want certain attributes like ManagerId and Department to be in sync with AD always. So we had set that to "Always" in the set up. But our observation says that, when these values are changed in AD, it is updating to the new values in Salesforce. But if these values are changed in Salesforce, they are not getting overwritten with the values from AD in Salesforce. Which means, now they are out of sync.
    Since we have set that to "Always", we expect these attributes to be…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Provisioning to Applications  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the input. The way the service works today we leverage the delta query API provided by AD graph to constantly check for changes and apply them to the target application. We are aware of changes in Azure AD and have a way of reflecting them in the target application. We don’t have a way today of getting changes directly from Salesforce but are looking at how we can make this possible.

  20. Azure Active directory user provisioning screen

    Non-gallery app user provisioning in AAD:

    When I make changes to notification email address or if I do not put in a email address, the test fails and customer is unable to save the configuration. This is clearly a bug in the system, since the error resolves if they delete the non gallery app and recreate the same and add in the new email address.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base