We are still working on this one. We’re always passing your feedback along, but make sure you reach out to AAD as well so they hear your voice directly!
Sorry for the confusion around Microsoft Graph AAD integration. It won’t allow you to connect AAD events to Event Grid just yet, but you can get some AAD related events directly from Graph to work with: https://docs.microsoft.com/en-us/graph/overview-major-services#users-and-groups
We have work in progress to enable directory extension attributes from the Enterprise apps UI. You can use PowerShell to get unblocked: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-claims-mapping
In the comments, Ross has shared a link to a forum where you can find the exact policy.
Now this is quite funny, This feature was available through Azure Portal for Easy Admnistration, Now it moved back to powerHELL
Just to provide an update, we are close to launching a private preview. We are in the final testing stages for this feature. We will have another update in the next few weeks with instructions on how to join the private preview.
We have restarted work on this feature. However, we don’t have a date for public preview yet.
We are in the process of planning this feature and hope to have a preview available by the end of november. In the meantime, could you please respond to firstname.lastname@example.org with your responses to the following questions:
- If you had a “password change” policy, what kind of information would you like to get back once the policy has been executed?
- Would you prefer to have a policy that forces you to sign in first, and then asks you to change the password, or one that let’s you do it all on the same page?
- Would you want an email to get sent out to the user whenever the password is changed?
We have started the planning for this feature and hope to have a preview by the end of the calendar year. In the meantime, could you respond to email@example.com with the answers to the following questions:
- In which scenarios do you plan to force the user to change his/her password?
- What kind of information (if any) would you like to get back if the user goes through the reset flow?
- Do you currently or plan to track which users have reset their password?
Due to various technical limitations, the first iteration of the customer-owned domains functionality will not be available for a few more months. We will provide an update as soon as we can get a more specific ETA.
Should also support OpenID-Connect
Thank you, Anthony. Please see if this example provides a suitable workaround in the meantime – https://github.com/Azure/api-management-policy-snippets/blob/master/Snippets/Get%20OAuth2%20access%20token%20from%20AAD%20and%20forward%20it%20to%20the%20backend.policy.xml
Should also support OpenID-Connect
1 vote0 comments · Azure Active Directory Application Requests » Single Sign-On · Flag idea as inappropriate… · Admin →
If not already, please fill out this app request form at http://aka.ms/aadappsurvey so we can follow up with you. Thanks!
Thank you. We will examine the experience of duplicate sign ups across Identity providers. Would performing this check by using the email address be sufficient?
BTW, Linking multiple provider accounts to one user is in our roadmap and we’ve already achieved it in preview…
We look forward to your feedback
We have released the public preview for this feature! Learn more about how to use it here: https://docs.microsoft.com/azure/active-directory-b2c/active-directory-b2c-setup-oidc-azure-active-directory
We have a sample for this use case here: https://github.com/azure-ad-b2c/samples/tree/master/policies/invite
Let us know what you think and if this fits your use case.
We continue evaluating several alternatives to provide full email customization. We are actively working on an alternative.
Unfortunately we do no yet have an ETA.