AdminAzure AD Team
(Product Manager, Microsoft Azure)
My feedback
-
4 votesplanned · 2 comments · Azure Active Directory » SaaS Applications · Flag idea as inappropriate… · Admin →
An error occurred while saving the comment -
1 vote
AdminAzure AD Team (Product Manager, Microsoft Azure) shared this idea ·
-
3 votes
AdminAzure AD Team (Product Manager, Microsoft Azure) shared this idea ·
-
1 vote
AdminAzure AD Team (Product Manager, Microsoft Azure) shared this idea ·
-
1 vote
AdminAzure AD Team (Product Manager, Microsoft Azure) shared this idea ·
-
14 votes
Thanks for the feedback. Currently, this capability is unplanned but please keep voting to help us prioritize.
Thanks,
LuisAdminAzure AD Team (Product Manager, Microsoft Azure) shared this idea ·
-
7 votes
Thanks for the feedback, we will review
/Arvind
An error occurred while saving the comment As a workaround, you can use the Non-Gallery feature to configure the app: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/configure-single-sign-on-non-gallery-applications
-
25 votes
Thank you for your feedback, some of the suggestions are already available:
- Ability to rename applications
- Provide visibility of what users created an application: You can use audit activity reports: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-reporting-activity-audit-logsRegarding the other suggestions, I’ll update this once it’s a planned feature. In the meantime, keep the voting coming so we can prioritize this higher.
/Luis
Program ManagerAn error occurred while saving the comment Regarding "Allow applications in Azure AD to be organised into folders so business units who work in this space can 'claim' applications" - We are exploring enabling tagging applications. Would a capability where we allow free-form tagging be helpful to address this? That way you can "tag" applications based on the business unit.
/Arvind
Program Manager
It totally makes sense. We don't have an explicit option in the Azure AD portal or APIs to export service principals (Enterprise apps) and app objects (App registration), but you could use the servicePrincipal APIs (https://docs.microsoft.com/en-us/graph/api/resources/serviceprincipal?view=graph-rest-1.0) and application API (https://docs.microsoft.com/en-us/graph/api/resources/application?view=graph-rest-1.0) to retrieve the information store there with all its dependencies.
Current limitations I can think of:
- You can't export secrets. Only the public part can be exported
- Some SAML related settings for service principal (Enterprise apps). Settings like PreferredSingleSignOnMode, ApplicationTemplateID, singleSignOnSettings. Since this are new properties expose in the resource, we're working on a mechanism to expose these properties from existing apps created before this year.
- Claims mapping policies created via UI. We also have a work item for exposing the policies.
Let me know if you see any other gap using those APIs.
Luis