Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  2. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  3. Automatic User Provisioning to Oracle ERP - Sync Rules Must be Documented

    SSO was configured and tested Ok for 25 users in an Azure Group that was assigned to the Enterprise App DevOneERP in Azure.
    These 25 users existed in ERP and all tested SSO ok.

    Provisioning was enabled with No scoping rules and started.
    On the first synchronization 25 users in Azure were Matched with 25 existing users in Oracle ERP.
    Azure set all 25 users in ERP to Inactive, so Locking the Users out.
    The MS documents need to describe the Sync Rules that Azure will apply and what the updates in ERP will be.

    I would like some help…

    0 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Provisioning to Applications  ·  Flag idea as inappropriate…  ·  Admin →
  4. MFA Blade RBAC

    The OATH tokens can be activated only by Global Administrator at the moment which is really hard to dispatch the hardware tokens. If there is a RBAC role, it can be assigned to HelpDesk and get the OATH tokens activated on demand.
    The support of OATH tokens released in 2018 but RBAC is not yet in place.

    0 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  5. Make Azure Application Proxy available in South Africa North Region

    Make Azure Application Proxy available in South Africa North Region, latency is just to high when you have your connector server running on premises. US is 250ms + and Europe is 150ms +. With this kind of latency application proxy will just be to slow to use in South Africa.

    0 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →
  6. You need to provide a way within teams for users to chck status of inv. guests outside of the organization & to be able to resend notificati

    You need to provide a way within teams for users to check status of invited guests outside of the organization and to be able to resend notifications and manage them to some extent

    0 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add application name (and/or IP) to MFA prompt

    Hi,

    Currently the MFA prompt on the mobile device is very limited in the amount of information being shown. My users are getting prompts sometimes out of the blue, and they don't if those are legitemate or fraudulent.

    Legitemate prompts that are asynchronous from users:
    - Outlook on some computer needing to provide MFA again after X days
    - Outlook on mobile needing to provide MFA again

    Fraudulent:
    - Somebodies password was phished.

    The idea is to add some more context information to the MFA prompt in the authenticator app:


    • Application name requesting MFA, or

    • IP Address / geolocation, or
    0 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  8. Register app deployed to Windows Virtual Machine

    My app is deployed on a Azure Windows Virtual Machine right now. I am trying to switch from AD authentication/authorization to AAD authentication/authorization.
    So I have read some documents about AAD, but I did not find some articles about how to register the app that is deployed on Windows VM. Hope could provide some related useful documents.
    Secondly, how to assign a group and users for this app(that was deployed on Win VM), hope anyone could provide some links to me.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  9. Make it possible to use Office365 customAttribute fields in Azure Dynamic Groups for cloud only tenants

    In order to use Office 365 customAttribute1..xx fields in Dynamic Group logic, the attributes have to be written back to on-prem via AD Connect and then synced back to the cloud. That is silly. These attributes originate in the cloud. Why not allow them to be visible in Azure?

    0 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Groups/Dynamic groups  ·  Flag idea as inappropriate…  ·  Admin →
  10. Reply URL property for SAML configuration should allow to set url with "http" prefix

    Specification of SAML protocol doesn't require that reply url should be only with "https"prefix and many of intranet applications can have "http" prefix so I don't understand this limitation.

    0 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  11. In working with MS Graph, need ability to load tenant with test data

    Make it easier to test with demo data. We've provided a demo tenant but it might be helpful to allow devs to prepopulate msdn dev tenants with the demo data.

    0 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Implement Microsoft Graph SDK for C# support for Odata filters

    Microsoft Graph SDK for C# should support Odata filters

    0 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Better organize current MS Graph documentation on endpoint version

    Microsoft Graph documentation would be easier to navigate if user could easily switch between v1.0 and beta docs (e.g., with a dropdown or links between relevant content in each endpoint), rather than two completely separate navigation trees in the left nav menu.

    0 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Offer way to determine in MS Graph whether user is global admin

    There's no documentation on the correct way to determine if a user is a global admin. This needs to be documented.

    0 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Offer modern REST APIs for building powerful Outlook-enabled applications

    Outlook APIs and Microsoft Graph are limiting certain scenarios by not providing APIs for shared or delegated calendars. Users need modern REST APIs to build powerful Outlook-enabled applications.

    0 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow globaloverride the default telephone number format currently

    Allow global administrator to override the default telephone number format set by Azure. Many users in United States need this format, --xxxx, NOT +country code followed by 10 digits.

    0 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  17. Not make an entire process just to change a process

    make a link that says forgot password

    click said link

    link gives you option for security question or backup email to be sent to

    password is received and you save time reading an entire page and watching a 3 minute video to figure out how to reset the password

    0 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow Dev AAD for MSDN subscriptions so you can learn test with own AAD and not the Company one that is tied to the MSDN Subscription

    As most companies lock down access to the Corporate AAD, when you have a MSDN subscription you are limited to be able to test AD join etc... for testing and development subscriptions so it would be useful to have a 2nd/test AAD to be able to use when testing and developing solution off the corporate AAD

    0 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. 0 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. 0 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base