Marking this as part of our backlog. The votes and comments about how you would use this are really helpful, please keep voting/commenting if this is an interesting scenario for you.
/ElisabethRichard Harrison commented
It would also be helpful if the usertype is member instead of guest if fields like EmployeeID would be retrieved through the process. Since these users are a part of our 'organization' not guest I would like to see more information.
6 votes0 comments · Azure Active Directory Application Requests » User Provisioning · Flag idea as inappropriate… · Admin →
767 votes160 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →
This feature is now on the roadmap. The MFA team is planning to adjust admin roles or create a new role that will allow delegation of MFA registration and credentials to an admin role.
Due to various technical limitations, the first iteration of the customer-owned domains functionality will not be available for a few more months. We will provide an update as soon as we can get a more specific ETA.
We’re continuing to investigate options for adding this support. There are technical challenges to overcome in order to make this happen. We thank you for all your valuable comments so far, and welcome any additional feedback you have on what are the most important use cases involved with these scenarios.
We continue evaluating several alternatives to provide full email customization. We are actively working on an alternative.
Unfortunately we do no yet have an ETA.
We definitely recognize the popularity of this feature, and we discuss it constantly during the planning phases. However there are certain technical limitations in the system that add a large amount of development cost. Because of the cost and the fact that there is a workaround available, other features get prioritized over this one.
That being said, please keep voting for it. The popularity of the feature does help bring it up and makes us reconsider every time.
Apologies for the delay.
We’re doing some research both on the specifics of this ask as well as what it would take to support this.
Is the ask here to do the same thing that regular Azure AD does (see: https://blogs.technet.microsoft.com/enterprisemobility/2014/12/18/azure-active-directory-now-with-group-claims-and-application-roles/) or is are there different requirements around this for Azure AD B2C?
252 votes29 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →
The MFA team is currently working on adding get/set/read/delete abilities for StrongAuthentication data to the Graph API.
RichardRichard Harrison commented
Any ETA on this capability. My organization is considering moving to a new AAD tenant for marketing and legal reasons. I would like to use Microsoft Graft to extract current AAD user MFA information using Get and then reload users in new AAD tenant and use Set functionality to reapply MFA configuration settings avoiding requiring entire AAD user community reregistering for AAD MFA. Will this be possible once the Graph API exposes MFA data??? ETA please
37 votes4 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →