Bill Hughes
My feedback
-
887 votes127 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →
We’re really pleased to let you know that we’ve released the first authentication method APIs to public preview:
https://docs.microsoft.com/graph/api/resources/authenticationmethods-overview
So far there are APIs for managing phone numbers and password resets. When phone numbers are set with the API, the user can use that number for MFA and SSPR (as allowed by your tenant’s policy).
The team is hard at work at building out APIs for all of the other authentication methods, and we’ll update the response here as they’re released.
Bill Hughes
supported this idea
·
-
9 votes0 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →Bill Hughes
supported this idea
·
-
14 votes0 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →Bill Hughes
supported this idea
·
-
1,064 votes90 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →
For requiring additional factors with Windows Hello for Business, please see – https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock
For why PIN is better than a password, please see https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-why-pin-is-better-than-password
For Authenticator app sign in to Azure AD, please see https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-phone-sign-in
As always, other feedback is welcome
/Ravi
Bill Hughes
supported this idea
·
-
29 votes2 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →Bill Hughes
supported this idea
·
-
39 votes5 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →Bill Hughes
supported this idea
·
-
6 votes1 comment · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →Bill Hughes
supported this idea
·
-
205 votes
We hear you loud and clear! We know this is a frequent ask and we do have this on our backlog. Unfortunately, I don’t have a timeline to share right now.
Bill Hughes
supported this idea
·
-
231 votes
We have restarted work on this feature. However, we don’t have a date for public preview yet.
An error occurred while saving the comment Bill Hughes
supported this idea
·
-
915 votes117 comments · Azure Active Directory » User Creation, Deletion, and Profile Management · Flag idea as inappropriate… · Admin →
Thank for letting us know this is important to you. This is something we are considering, but there is no timeline yet. We would love to hear more about the specific scenarios that this is needed for, so keep providing info.
Bill Hughes
supported this idea
·
-
6 votesBill Hughes
supported this idea
·
-
5 votes0 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →Bill Hughes
shared this idea
·
-
15 votesstarted · 1 comment · Azure Active Directory » Conditional Access · Flag idea as inappropriate… · Admin →Bill Hughes
shared this idea
·
-
116 votes
We have a private preview of this feature available. If you are interested in joining, please contact aadb2cpreview@microsoft.com with the name of your tenant.
/Sam
Bill Hughes
supported this idea
·
-
998 votes
We’ve recently picked up this work again and apologize for the lack of updates.
The approach we previously pursued did not work well and we’re re-pivoting to a different solution that will enable custom domains to be easier to set up and manage.
We hope to have this ready for a public preview late-2020 or early-2021.
Bill Hughes
supported this idea
·
-
5 votesunder review · 0 comments · Azure Active Directory » Privileged Identity Management · Flag idea as inappropriate… · Admin →Bill Hughes
shared this idea
·
-
73 votesstarted · 5 comments · Azure Active Directory » Conditional Access · Flag idea as inappropriate… · Admin →Bill Hughes
supported this idea
·
-
163 votes
We are in the process of planning this feature and hope to have a preview available by the end of november. In the meantime, could you please respond to aadb2cpreview@microsoft.com with your responses to the following questions:
- If you had a “password change” policy, what kind of information would you like to get back once the policy has been executed?
- Would you prefer to have a policy that forces you to sign in first, and then asks you to change the password, or one that let’s you do it all on the same page?
- Would you want an email to get sent out to the user whenever the password is changed?Bill Hughes
supported this idea
·
-
1,123 votes
We continue evaluating several alternatives to provide full email customization. We are actively working on an alternative.
Unfortunately we do no yet have an ETA.
Bill Hughes
supported this idea
·
-
73 votes
Thanks for your suggestion. This is under review and in our backlog but initially you will see this capability show up in AD FS in Windows Server 2016.
/ Brjann Brekkan
Bill Hughes
supported this idea
·
The ability to programmatically register B2C applications would provide the ability to allow continuous integration / continuous deployment to provision the B2C applications in real time and is something we are looking to utilize in our deployments.