Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Please consider if a backup of the config settings of the Azure sync tool including the OU filtering be stored in Azure. So that when the AD

    Please consider if a backup of the config settings of the Azure sync tool including the OU filtering be stored in Azure. So that when the AD sync connects after authentication from the on-prem server , then a check is made with the existing config layout , with a prompt to either use existing config layout if exists or continue with manual entry of config layout. Then after any changes made to display the differences before confirming updating with Azure AD. This helps as a precaution to avoid loss of complete service functionality with user dependencies.

    In the event the…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  2. Power BI report access mgmt using self-service SG controls

    It would be helpful to have a pattern outlined specifically for PowerBI report publishing in enterprises. Use of SGs to grant report access (whether published as apps or not), and self service SG mgmt. and approvals using Azure AD. This needs to scale to 100s or 1000s of reports, so visual display and finding of reports then requesting opt-in access via associated SG would be needed.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  3. Subscription information not coming up for internal subscriptions.

    With the settings in the Azure subscription modified, as owner of internal subscriptions, I am unable to perform a simple search for a given subscription (which hasn't been renamed) in the directory of my subscriptions.
    How can this functionality be restored? The article https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-how-subscriptions-associated-directory#feedback doesn't indicate how to to treat internal subscriptions.
    Thanks

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  4. Https://google.com

    Azure only log in no wiki no git hub etc

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  5. logout

    Add Server Side Logout for MSA accounts. Once added have Azure Application Service (Easy Auth) logout call MSA's Server Side Logout to complete the flow.

    Current work around is to execute both Easy Auth Logout and MSA Logout via https://login.microsoftonline.com/common/oauth2/v2.0/logout?postlogoutredirect_uri=mysite

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  6. AAD certificate for CA policy for Admin access

    AAD certificate for CA policy for Admin access. Like Mcas has a certificate for additional authentication. the ask is AAD CA to support that too and supply an tenant azure certificate generated at CA policy for Admin access. tenant azure certificate generated can be used for many things.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow for specific exclusion of Non-hybrid Trusted devices

    have ability to Exclude non hybrid trusted devices in Conditional Access Policies. You can exclude Hybrid Joined or Compliant, but cant exclude Non Joined. This would provide the ability to create a policy that would exert conditions such as MFA at trusted locations on non trusted devices while still having an allowance for non mfa access for Trusted location and trusted device.

    Current set up triggers both policies and creates lockout.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
  8. 2 Step

    Stop with the phone verification and auto password garbage. I take 8 months off, out of country and the US phone has an issue here so when I finally bother to access my O365, MNP and other accounts, I have some nonsensical lockout. One of them will not be accessible until Oct 4. If we can become partners, and my profile also includes venture capital focusing on wireless chip tech, I think we don't all need to have our security imposed upon us. Better part of a week and one account is still locked. Was a hoot waiting from 1am…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  9. Azure AD Dynamic Group doesn't allow to add more the 42 device entry

    Azure AD Dynamic Group doesn't allow to add more the 42 device entry

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  10. Sync your settings - ON/OFF on Mouse Settings to keep Left/Right handed selection

    Sync your settings - ON/OFF on Mouse Settings to keep Left/Right selection

    Hi, I would like if you could add a ON/OFF toggle button for the Mouse Settings in the "Sync your Settings" windows, this would permit end user like me to turn it OFF without loosing all the other settings that are synched. Also this would permit me, to configure as many PC that I want with the Right handed selected, and also to configure as many PC that I want with the Left handed selected, without having to swap the button each time that I change of PC.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  11. You could try sending the message before posting that you didn't get a response.

    I've listed my home email because I can't access my sabre mail. I got a message on my phone and acknowledged but got a message that I had not responded. I tried three or four more times but never got another message on the phone.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  12. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  13. Azure B2C Support for Notification through mobile app and Verification code from mobile app verification methods

    Its very strange that all the verification methods available in Azure Multi-Factor Authentication is not there in B2C.

    Is there a roadmap to bring in it ? Many clients are moving to different providers only because of the lack of this ..

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  14. Support authentication from a google chrome extension

    Is it possible to implement authentication flow from a google chrome extension? I am trying to enter the chrome-qualified URL to one of the redirect URLs but it shows error. Can you help?

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  15. Få mere damer som vil ha kuk

    Skulle ønske det var flere jenter fra 18 og utover som søker etter menn klar for å stille opp på minuttet klare bilder for sexuel aktiviteter som kan være av forskjellige typer og egenskaper

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  16. Custom attributes back in the claims

    Is it possible to get Custom attributes back in the claims of the id_token returned by the ROPC policy

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  17. how to implement single sign in for outlook, SFB and OFB application.

    how to implement single sign in for outlook, SFB and OFB application.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  18. App Registration Portal throws GraphException when adding custom redirect URI

    Steps to reproduce the problem:

    Open https://apps.dev.microsoft.com/#/appList
    Click an application to go to https://apps.dev.microsoft.com/#/application/...
    Click Platforms -> Add Platform. Click Native Application.
    Click Save. This succeeds.
    Click Platforms -> Native Application -> Custom Redirect URIs -> Add URI.
    Type in the URI: myscheme://microsoftauth
    Click Save. This error appears:

    There's a temporary problem
    Exception of type 'Microsoft.AppRegPortal.Providers.Graph.GraphException' was thrown.
    Error Info: Thu, 06 Sep 2018 00:08:29 GMT | BAASs | Wvw9V

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  19. REST API common tenant is broken

    Scenario: I have 2 microsoft accounts. A personal account and a school account. The school account login process is 2 stage involving a redirect to a second login page. If an app uses: https://login.microsoftonline.com/common/oauth2/v2.0/authorize, I am supposed to be able to choose an account however, it jumps directly to the second stage of logging into my school account.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  20. Extend workflow capabilities for Azure AD Identity Protection

    It would be great it the "Users flagged for risk" reports/events would support extended workflow capabilities (e.g. like the action workflows in Windows Defender Security Center):


    • Ability to assign an event so that other AD admins can see if/who is taking care

    • Ability to comment on an event (e.g. during resolution or as a final closure comment)

    • History of all actions on an event including timestamps and user information of who did what

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Identity Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base