Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Providing compliance information about gallery apps(e.g. HIPPA / PCI compliance)

    e.g. HIPPA compliance status, PCI compliance status, etc.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  3. There is an issue with the AD>User> Add User

    There is an issue with the "AD>User> Add User", I selected the directory role as Global administrator. But there is no option to change it back as "User" back. No option to save (ok button not enabled)

    Please take care of this

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Spell "organisation" correctly. As in "Taking you to your organisation's sign-in page"

    Spell "organisation" correctly. As in "Taking you to your organisation's sign-in page"

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
  5. Azure AD, Enterprise Apps 'All Applications' just hangs

    I'm trying to manage an enterprise app in the Azure Portal. When I go into Azure AD, then Enterprise Apps, the 'All Applications' tab just sits there with a spinner. I can go to the overview tab and add an app, but I can never get back to it again via the 'All Applications' tab.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. REST Operation code samples for LogicApp

    https://docs.microsoft.com/en-us/rest/api/logic/#rest-operation-groups

    Please provide samples to use the above REST operations for a ********.
    Even having admin permission the API's expecting authorization for it.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Developer Experiences  ·  Flag idea as inappropriate…  ·  Admin →
  7. Would be great if there was a UI for changing User Types, as for a month I have been going back and forth with tech support on Powershell.

    A form select field accessible by only account owners/admins allowing for the change of User Types in the Active Directory. This field can be placed on the User Profile panel.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Cloud Identity - Disable/Enable Directory Sync Progress Indicator

    From MS Customer.
    6000 users sync'd to O365/Azure. Disabled DirSync and needs to know how long it will take.

    Research showed that there are two distinct operations
    During Disable:
    get-msoluser -all and look at last DirSync timestamp - when blank, phase one is complete.
    Change attribute of user object, UPN and when you can change one UPN you can change more information for all objects.

    We would like a set of commands, health analyzer or something that indicates the progress.

    Can an article be publically available that describes the different phases of what is happing on-premise and in Azure?

    Thank…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
  9. Please add a new AAD directory user role to allow users to register their apps on the directory without being a global administrator.

    There are multiple product teams who would like to register their app on the AAD. At this point, there is no directory role on AAD that allows users to register the apps without being a Global administrator role on the directory. The other option at the directory level is to allow all users in the directory to have access to register their apps on the directory (This is not a good option to enable on an enterprise AAD).

    A directory role to register apps on AAD would help a lot.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  10. Stop allowing AzureAD group names be case sensitive

    I was using New-AzureADGroup to create new security groups and found out that the AzureAD group names are case sensitive. I ended up with 2 groups with the same spelling with just a case difference in one character. I believe this will cause usability issue down the road. You can see the commands I used in the attached file.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  11. Azure connector sync issues

    We are trying to auto provision Salesforce users using Azure AD connector. We want certain attributes like ManagerId and Department to be in sync with AD always. So we had set that to "Always" in the set up. But our observation says that, when these values are changed in AD, it is updating to the new values in Salesforce. But if these values are changed in Salesforce, they are not getting overwritten with the values from AD in Salesforce. Which means, now they are out of sync.
    Since we have set that to "Always", we expect these attributes to be…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Provisioning to Applications  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the input. The way the service works today we leverage the delta query API provided by AD graph to constantly check for changes and apply them to the target application. We are aware of changes in Azure AD and have a way of reflecting them in the target application. We don’t have a way today of getting changes directly from Salesforce but are looking at how we can make this possible.

  12. Azure Active directory user provisioning screen

    Non-gallery app user provisioning in AAD:

    When I make changes to notification email address or if I do not put in a email address, the test fails and customer is unable to save the configuration. This is clearly a bug in the system, since the error resolves if they delete the non gallery app and recreate the same and add in the new email address.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. I lost my password to my main account and can't get passed the 2nd varification due to the fact that the listed email is no longer active.

    Please incorporate additional verification options, such as the Microsoft Authenticator, or perhaps having an option to provide an email account that is still active. If it is not too much trouble I would greatly appreciate it.
    In Health
    Milan Popich

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Warum kommt beim ersten mal anmelden immer eine Fehlermeldung. Man muss immer einen zweiten Versuch starten.

    Warum kommt beim ersten mal anmelden immer eine Fehlermeldung. Man muss immer einen zweiten Versuch starten.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Work natively with ValidateAntiForgeryToken

    Plugging in ADB2C to an existing MVC website breaks all of the forms that should use ValidateAntiForgeryToken attributes.

    Whilst the work-around is relatively easy, it should support it out of the box by exposing the additional claim type.

    A claim of type 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier' or 'http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider' was not present on the provided ClaimsIdentity. To enable anti-forgery token support with claims-based authentication, please verify that the configured claims provider is providing both of these claims on the ClaimsIdentity instances it generates. If the configured claims provider instead uses a different claim type as a unique identifier, it can…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  B2C  ·  Flag idea as inappropriate…  ·  Admin →
  16. Workable SSO integration

    Hi there

    We would really benefit from a Workable SSO integration.
    https://www.workable.com/

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  17. Can the default sync interval from Azure AD to the SaaS application which is 20 mins, be modified? If yes, how?

    The default user identity sync interval between Azure AD and SaaS app (example: salesforce) is 20 mins. This default value should be modifiable.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
  18. How do I disable / remove my email address from the sync heartbeat errors?

    There doesn't seem to be a way to turn off emails when there are heartbeat failures? Am I missing something?

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure AD Connect Health  ·  Flag idea as inappropriate…  ·  Admin →
  19. Improve Inutne for PC - export PC list

    It can't export devices list with Powershell from Intune module.

    The cmdlet Get-MsolGroupMember can only export the Group members but I need the Device members.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
  20. Sort out your menus

    So all I want is to find the azure milti factor portal.. it's not here.. mmmm.. so I google it and I have to sign in the classic portal. Why ? Fix it.. oh - couldn't find the portal anyway so total waste of my time. Fail Microsoft and we pay you for hundreds of licenses for O365 and this is what I have to deal with.

    Azure is marketed a lot but I have no interest in actually doing anything with it. I also tell my guys not to bother with any Azure certification because its still a beta…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Admin Portal  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base