Microsoft Rescinds New Login Behavior for Azure Active Directory Portal

Microsoft has temporarily rolled back an Azure Active Directory login portal change that it had instituted earlier this month.

The change was supposed to make the login process more intuitive for end users by using portal images or "branding" in a specific way. The idea specifically aimed to clarify business-to-business (B2B) scenarios in which a user logs into Azure AD through their portal to access another company's applications.

Microsoft had originally instituted the change because organizations didn't like the B2B experience or "logic," according to Ariel Gordon, a principal program manager in the Identity Division at Microsoft.

"For example, when a Contoso user would sign in to a Fabrikam website, all of the branding used to switch to Fabrikam, losing context of the destination," Gordon explained in comments to Microsoft's original April 7 announcement. "The new logic ensures that all users, including business guests, can keep track of the destination."

However, today Microsoft admitted in an announcement that its portal branding switch didn't work for many of its customers. It was sprung on them, too.

"We learned that we took many you by surprise and did not give you enough time to alert and train your employees about the change," said Alex Simons, director of program management at Microsoft's Identity Division.

Microsoft has now rolled back this new login portal branding behavior. It's promising to provide "advance notice" to its business customers of future such changes. Apparently, organizations didn't get a notice of the coming changes in their management portals.

Microsoft claimed it had tested the new Azure AD portal behavior with business customers beforehand, but it's now promising to "incorporate a Preview period" to get feedback before relaunching it. Lastly, Microsoft promised to give a 30-day notice about its Azure AD "disruptive design changes."

The portal change is still part of Microsoft's plans. It is part of an effort to "reconcile the branding logic between Azure AD and Microsoft accounts, as a prerequisite to merging the two login experiences later this year," Gordon explained.

Based on early comments, it seems that Microsoft's login portal change had the effect of wrecking the portal branding experiences that organizations had already set up. Commenters also complained about having no documentation on the change, and that Microsoft Support personnel didn't know about it or just directed them to read Microsoft's April 7 blog post.

In his April 7 comments, Gordon said that Microsoft planned to bring the new Azure AD portal logic to "SharePoint and OWA." One caveat is that the new login behavior depends on applications sending "login traffic to tenanted login endpoints, e.g.," he added.

Microsoft currently doesn't support the new login portal branding behavior for non-Microsoft applications, but Gordon commented that Microsoft was "working on it." The new behavior also doesn't permit customization of the login portal's message to either use a work or school account, which one commenter said "doesn't make sense" for corporate environments.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.


  • Skytap on Azure Service Adds Options for Apps Running on IBM Systems

    Applications that use IBM Power processors in "on-premises" datacenters can now be moved to Microsoft Azure datacenters via a "Skytap on Azure" service, according to Thursday announcements by both Microsoft and Skytap.

  • Microsoft Didn't Remove the SMB1 Protocol from Windows

    Microsoft explained in a Wednesday announcement that it didn't actually remove Server Message Block 1 (SMB1) from Windows releases.

  • Exchange Online Users Get More Caveats on Basic Authentication's End in October

    Microsoft on Tuesday offered more details on its plans to end Basic Authentication in Exchange Online, which will cause pain for some organizations.

  • How To Install the Windows 10X Emulator

    Earlier this month, Microsoft released a public preview of Windows 10X, a spinoff of the Windows 10 operating system that's designed to run on the forthcoming multiscreen Surface devices. Here's how to take it out for a spin.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.