Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. azure active directory

    Is there any way that Microsoft can replicate Azure Active Directory to complete the same functions that Active Directory does on Prem. and what I mean by that is add/remove columns such as city, state, etc... or is there already something there that I dont see. Anyway, I think it would be great feature to add.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  2. Azure MFA OATH Tokens

    when importing csv of oath tokens they show up in myapps.microsoft.com as Authenticator App. Would be good to enter custom name or last 4 digits of serial number.

    When you have testing and or users with multiple tokens no way to know which one you are deleting/changing

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  3. Integrate with Microsoft Flow for Customizing Emails and Approvers

    Right now, you can only do out of the box emails and approvals. Integrating as an application from flow will allow you to create different approval processes as needed; and customize email messages as needed.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Access Reviews  ·  Flag idea as inappropriate…  ·  Admin →

    Hi Justin, thanks so much for the feedback! We currently use AEO (Azure email orchestrator) for sending emails, I can see how Flow can be helpful here, will look into it with the team, thanks for the suggestion! Do you know any services customizing their emails using Flow? I would love to know!

    /Fionna

  4. MFA Phone Numbers Verification or Encryption in DB

    It would be beneficial to be able to enforce that multiple users are not using the same phone number for MFA within the on-prem MFA server.

    Additionally due to privacy concerns, it would be beneficial if the phone number field were encrypted in the database such that admins are unable to retrieve them in clear text from the server.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  5. Change Sign-ins from infected devices title to Sign-ins from suspicious IP

    Change Sign-ins from infected devices title to Sign-ins from suspicious IP. The title of this detection is inaccurate, it is actually when a sign in has been detected from a suspicious IP. Improved wording would be appreciated.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  6. MFA Limit the Amount of One-Time Bypasses Allowed

    It would be nice if it were possible to limit the amount of one-time bypasses a user can issue themselves within a 24 hour period. Because a user is able to login to the MFA User Portal using security questions when they do not have access to their primary MFA device, someone can essentially bypass MFA altogether by using security questions and issuing themselves a one-time bypass as many time as they want. This also violates PCI compliance in that it doesn't meet the criteria that "MFA should be implemented so that authentication mechanisms are independent of each other."

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  7. Have a Built in Feature for Creating Custom Roles

    Have a built in feature to easily allow creation of custom roles, rather than having to put together scripts each time you want to create a new user role specific to task

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Role-based Access Control  ·  Flag idea as inappropriate…  ·  Admin →
  8. Unique Sender

    We have been reported by our users that the MFA codes are being sent by totally different numbers. Although we know that this is an expected behaviour, it would be good to consider at least calling the senders in the same way, and if possible not Microsoft, but an agnostic name.

    It would also be good to be able to customise the message with a custom text to offer a better user experience.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  9. B2C email

    Support "click to finish Registratoin" instead of input a code.
    The lessen the burden of the user. Very important to Mobile App.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  10. Complain

    It is an nonsense! You have make more difficult for my sign in but gives me nothing help! now I can not sign in at all ! What I can do?

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Terms of Use  ·  Flag idea as inappropriate…  ·  Admin →
  11. MFA Verification Method, "Call to phone", The user answers the call and presses #. This should be a configurable option to use different key

    Sometimes the users' local phone system reserves the "#" key for a special purpose on incoming calls. Meaning that the touch tone sound is not passed onto the caller, in this case the MFA incoming call. Currently, MFA doesn't allow changing this to use a different key. This should be configurable (to use a different key) in the same way that the voice message being played is configurable.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  12. Multiple accounts on AWS integration with Azure AD

    The article for AWS integration with Azure AD doesn't talk about adding a couple of attribute manually to map the role and provider roles in AWS.

    https://blog.flux7.com/aws-best-practice-azure-ad-saml-authentication-configuration-for-aws-console

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  13. Azure MFA Server On Prem - Disallow Phone Extensions or Specific Phone Numbers

    PCI compliance puts services like soft-phones and VOIP as a risk for use with Multi-Factor. The reason being, if an employee has a soft-phone on a laptop that was stolen and their multi-factor is sent to the phone associated with that soft-phone, then both primary and secondary factors are on the same device, thus it is not true multi-factor.

    To mitigate this, it would be nice if we could disallow phone extensions and/or specific ranges of phone numbers (i.e. office phone numbers) from being used as valid options in the MFA server. Has anyone come across this scenario? If so,…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  14. Make it function

    perhaps this could work and we could have the right data stored. When it goes wrong, we can contact someone with sufficient rights to correct your mistakes

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  15. Uma bosta o cara que criou esse aplicativo tá com a mãe na zona,não melhora não ajuda em nada as pessoas que desgraça essa ferramenta

    Pra que melhorar a vida das pessoas se podem piorar né ,aí um inbecil teve a ideia de criar o autenticador, que merda

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  16. To advertise all items

    Mwotha advertisement app now is available all countries.it is Best Site used across the world for Advertisement.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  17. Fix AD Connect Health remediation in the portal so it actually works

    I have a handful of users who had AAD accounts first. We then added a server in office and created accounts on it. We installed AAD Connect and synced the domain. The users all now have duplicates in AAD. Sync recognized this issue and the UI offers a fix, but the fix ALWAYS fails with a generic error message offering no recourse. Please fix the fix.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure AD Connect Health  ·  Flag idea as inappropriate…  ·  Admin →
  18. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  19. open-source adconnect / mim

    ADconnect also known as MIM are the primairy tools for syncing AD or other accounts. Yet the do not seem to get much attention from Microsoft developers. I'm talking about the basic sync engine, not the portal service. It basically works, but its lacking quite a lot of features that would make the life of our customers better. Thing like alerting, and being able to manage the connectorspace when something goes wrong. Remove an outstanding delete or add one if needed without needing to delete the entire connector space. Adding a scheduler into the gui, Things usefull to fix corrupted…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Microsoft Identity Manager  ·  Flag idea as inappropriate…  ·  Admin →
  20. TRYING TO LOG INTO A WEBSITE USING THIS MICRO SOFT SIGN IN, MAJOR PAIN **********

    LET ME GO TO THE WEBSITE WITHOUT LOGGING IN????? THAT WOULD BE A GREAT IDEA

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base