AdminAzure AD Team
(Software Engineer, Microsoft Azure)
My feedback
-
301 votes
We plan to start work on this in the next 6 months. Please note we don’t have timing on when it would be available for customers.
An error occurred while saving the comment -
30 votes9 comments · Azure Active Directory Application Requests » Single Sign-On · Flag idea as inappropriate… · Admin →
Thanks for your app request. If not already, please fill out this app request form at http://aka.ms/aadappsurvey so we can follow up with you. Thanks!
An error occurred while saving the comment This app is published in the gallery. You can find the details at https://azuremarketplace.microsoft.com/marketplace/apps/cisco.meraki-vmx?tab=Overview
-
343 votes
Currently, we are not aware of any plans from Windows Server for this capability. We’ll continue to work with Windows Server to revisit this in the near future
An error occurred while saving the comment Dan - the capability you are referring to is already available. We call it Hybrid AAD Join. You'll need to deploy AAD Connect and enable sync between your AD and AAD to get to that state. Please refer to our documentation on Hybrid AAD Join for that
-
2,428 votes
We’re currently evaluating an option that will provide the functionality offered by nested groups, but removes the complexity nested groups adds. We appreciate your patience on this ask and want to ensure we deliver a solution that benefits all of our customers. Below are use cases that we’d like for you to stack rank, with #1 being priority for you. We thank you for the continued comments and feedback.
Use case A: nested group in a cloud security group inherits apps assignment
Use case B: nested group in a cloud security group inherits license assignment
Use case C: nesting groups under Office 365 groups -
3 votes
An error occurred while saving the comment Hi Victor,
It sounds like there is a difference in the way the tenants are set up. In one, the toggle for "Users can consent to apps accessing company data on their behalf" is likely set to no, meaning that no end user can consent to any 3rd party app. To allow users to consent, this toggle should be set to yes.
Hope that helps!
-
6 votes
An error occurred while saving the comment Hi Mathyn,
http:// and https:// schemes are not supported in custom redirect URIs for native apps. If you would like to use those schemes, you should add a web platform.
Hope that helps!
-
52 votes
We would like more specifics on this scenario. How would you user to self identify for MFA?
AdminAzure AD Team (Software Engineer, Microsoft Azure) shared this idea ·
-
51 votes
This is possible through custom policies (see documentation below). We are planning to bring it into built-in policies within the next 6 months.
https://docs.microsoft.com/azure/active-directory-b2c/active-directory-b2c-setup-commonaad-custom
/Parakh
AdminAzure AD Team (Software Engineer, Microsoft Azure) shared this idea ·
-
3 votes1 comment · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →
An error occurred while saving the comment Azure AD Application Proxy doesn't perform any separate authentication - the preauthentication will be determined by what you have configured and what is available through AAD. Moving this to the MFA team to consider.
Best,
Harshini -
371 votes
Currently, you can use “App Registration” blade in the Azure Portal (outside of the Azure AD B2C blades) to register an apps that define application permission and the register apps that use client credentials to request these. The caveat is that this is done using the same mechanism that you’d use in regular Azure AD.
Ideally we’d have a first class experience for this in the Azure AD B2C blades or at least have an Azure doc that walks you through the experience I just summarized, so I’m leaving this feature ask open.
It would be great if you guys can add comments with your feedback. What scenarios areyou trying to achieve? Does the approach above help you achieve what you want to achieve? Does the experience to do so work for you guys and if not, what would you like to see?
An error occurred while saving the comment @Eric Jutrzenka, please open an issue in the Git sample (https://github.com/AzureADQuickStarts/B2C-GraphAPI-DotNet/issues) so that we can help you there. Most likely you are hitting the wrong endpoint. You should using https://login.microsoftonline.com/<tenantId>/oauth2/authorize (without v2.0).
-
1,007 votes
We’ve recently picked up this work again and apologize for the lack of updates.
The approach we previously pursued did not work well and we’re re-pivoting to a different solution that will enable custom domains to be easier to set up and manage.
We hope to have this ready for a public preview late-2020 or early-2021.
An error occurred while saving the comment We're still in early enough stages that we can't provide anything more concrete than our target of summer 2017. We'll narrow this down as we get a better sense on the date around this.
/Saca
An error occurred while saving the comment First iteration won't include an API surface for configuring this, only through the portal.
The first iteration will also have a limit as to how many custom domains are allowed per tenant (looking at somewhere between 1 and 5 )/Saca
AdminAzure AD Team (Software Engineer, Microsoft Azure) shared this idea ·
-
2 votes
Can you elaborate on your scenario? Why do you want to link your B2C Facebook identity provider using the same Facebook client ID and secret as your IOS/Android apps?
/Sam
An error occurred while saving the comment Hi Bhami,
Can you email us at AADB2C@microsoft.com. We would like to understand your scenario more specifically and why you need to have an individual Facebook app for each of your platforms.
/Sam
-
1 vote1 comment · Azure Active Directory Application Requests » Single Sign-On · Flag idea as inappropriate… · Admin →
An error occurred while saving the comment If you're the app developer and want to support SSO with Azure AD. Please go to this article to get more information: https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-authentication-protocols
Azure AD supports SAML 2.0, OpenID connect, WS-Fed and OAuth 2.0. If you haven't implemented any of the protocols I'd suggest to take a look at the OpenID connect libraries we provide to developers.
If you're an IT pro and want to request an app to be integrated in AAD gallery: in addition to this post, please fill out this form: http://aka.ms/aadappsurvey
Thanks,
Luis -
15 votes
Alan, if I understand correctly, you are saying you cannot see the converged apps you registered on apps.dev.microsoft.com in the Azure Portal. Converged apps cannot currently be managed in the Azure Portal, even though they are registered in the Azure AD tenant listed in the message. If you would like to manage converged apps in the Azure Portal, please post that as an idea/suggestion or vote for it once the post exists.
-
163 votes
We are in the process of planning this feature and hope to have a preview available by the end of november. In the meantime, could you please respond to aadb2cpreview@microsoft.com with your responses to the following questions:
- If you had a “password change” policy, what kind of information would you like to get back once the policy has been executed?
- Would you prefer to have a policy that forces you to sign in first, and then asks you to change the password, or one that let’s you do it all on the same page?
- Would you want an email to get sent out to the user whenever the password is changed?An error occurred while saving the comment Thank you for the feedback guys, keep it coming.
We've got enough information to get a better sense on the ask. This will remain unplanned at least for this half of the year. We'll provide an update as we come out of our next planning cycle in the middle of this year./Saca
AdminAzure AD Team (Software Engineer, Microsoft Azure) shared this idea ·
-
43 votes
An error occurred while saving the comment Bill, no plans in the immediate future for this. We're currently prioritizing other items that have higher demand.
-
2 votes
An error occurred while saving the comment Thanks for the feedback! We are investigating.
Could you please provide some additional information? You can follow these steps:
1. Open the site in the browser of your choice
2. Go through the process to create an app
3. Wait until it fails and you see the error message
4. Open your browser’s development tools
5. Click on the console tab
6. Get the value for $config.correlationId and localStorage.ai_session -
66 votes9 comments · Azure Active Directory Application Requests » User Provisioning · Flag idea as inappropriate… · Admin →
We are focusing our provisioning integrations on standard based SCIM integrations. Once the app supports SCIM we can quickly onboard to our platform.
Learn about SCIM – https://Aka.ms/SCIMOverview
Request the app to be added in our gallery for provisioning (if it supports SCIM) – https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-app-gallery-listing
AdminAzure AD Team (Software Engineer, Microsoft Azure) supported this idea ·
-
3 votes3 comments · Azure Active Directory Application Requests » Single Sign-On · Flag idea as inappropriate… · Admin →
An error occurred while saving the comment Thanks Michael for the update. Please feel free to reach out to us when the ISV is ready for SSO
/Luis
An error occurred while saving the comment Thanks for your suggestion. Be aware that we may need to contact you to proceed with the app request.
-
8 votes3 comments · Azure Active Directory Application Requests » Single Sign-On · Flag idea as inappropriate… · Admin →
Thanks for your app request. In order to evaluate your request, can you please fill out this app request form at http://aka.ms/aadappsurvey? It will help us prioritize the request and be able to follow up with you.
/Luis
An error occurred while saving the comment Thanks for your suggestion. Be aware that we may need to contact you to proceed with the app request.
Thank you for your interest in Azure AD B2C in Australia. I am excited to inform that we are planning to have data residency in Australia. We plan to start work on this in the next 6 months. Please note we don't have timing on when it would be available for customers.