We are still working on this one. We’re always passing your feedback along, but make sure you reach out to AAD as well so they hear your voice directly!
Sorry for the confusion around Microsoft Graph AAD integration. It won’t allow you to connect AAD events to Event Grid just yet, but you can get some AAD related events directly from Graph to work with: https://docs.microsoft.com/en-us/graph/overview-major-services#users-and-groups
We have work in progress to enable directory extension attributes from the Enterprise apps UI. You can use PowerShell to get unblocked: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-claims-mapping
In the comments, Ross has shared a link to a forum where you can find the exact policy.
Now this is quite funny, This feature was available through Azure Portal for Easy Admnistration, Now it moved back to powerHELL
We have restarted work on this feature. However, we don’t have a date for public preview yet.
We are in the process of planning this feature and hope to have a preview available by the end of november. In the meantime, could you please respond to email@example.com with your responses to the following questions:
- If you had a “password change” policy, what kind of information would you like to get back once the policy has been executed?
- Would you prefer to have a policy that forces you to sign in first, and then asks you to change the password, or one that let’s you do it all on the same page?
- Would you want an email to get sent out to the user whenever the password is changed?
We have started the planning for this feature and hope to have a preview by the end of the calendar year. In the meantime, could you respond to firstname.lastname@example.org with the answers to the following questions:
- In which scenarios do you plan to force the user to change his/her password?
- What kind of information (if any) would you like to get back if the user goes through the reset flow?
- Do you currently or plan to track which users have reset their password?
Due to various technical limitations, the first iteration of the customer-owned domains functionality will not be available for a few more months. We will provide an update as soon as we can get a more specific ETA.
Should also support OpenID-Connect
Thank you, Anthony. Please see if this example provides a suitable workaround in the meantime – https://github.com/Azure/api-management-policy-snippets/blob/master/Snippets/Get%20OAuth2%20access%20token%20from%20AAD%20and%20forward%20it%20to%20the%20backend.policy.xml
Should also support OpenID-Connect
1 vote0 comments · Azure Active Directory Application Requests » Single Sign-On · Flag idea as inappropriate… · Admin →
If not already, please fill out this app request form at http://aka.ms/aadappsurvey so we can follow up with you. Thanks!
Thank you. We will examine the experience of duplicate sign ups across Identity providers. Would performing this check by using the email address be sufficient?
BTW, Linking multiple provider accounts to one user is in our roadmap and we’ve already achieved it in preview…
We look forward to your feedback
We have a sample for this use case here: https://github.com/azure-ad-b2c/samples/tree/master/policies/invite
Let us know what you think and if this fits your use case.
We continue evaluating several alternatives to provide full email customization. We are actively working on an alternative.
Unfortunately we do no yet have an ETA.
We definitely recognize the popularity of this feature, and we discuss it constantly during the planning phases. However there are certain technical limitations in the system that add a large amount of development cost. Because of the cost and the fact that there is a workaround available, other features get prioritized over this one.
That being said, please keep voting for it. The popularity of the feature does help bring it up and makes us reconsider every time.
Apologies for the delay.
We’re doing some research both on the specifics of this ask as well as what it would take to support this.
Is the ask here to do the same thing that regular Azure AD does (see: https://blogs.technet.microsoft.com/enterprisemobility/2014/12/18/azure-active-directory-now-with-group-claims-and-application-roles/) or is are there different requirements around this for Azure AD B2C?