Be able to see and change the userType from the portal.
(This is only available in Powershell : example: change from Guest -> member, in order to see the directory as an external user.)

Set-MsolUser -UserPrincipalName xxxhotmail.com#EXT#@xxxhotmail.onmicrosoft.com -UserType Member

As more services become only available for management in portal.azure.com (such as API Apps), it's annoying to have to go back to the "old" portal.

I want use this Windows Azure Active Directory services to standard compute services to remove complecation.
for example, we need Active Directory for building failover cluster services IaaS. I don't want to make DC only for that...

as per : http://tinyurl.com/kqgjvqx

Currently for a small business who want password sync, but make the move to 365. they have to keep Exchange running on premise simply to be able to edit user attributes related to Exchange. - an active directory DLL, standalone app or simply support in the 365 portal would solve this for so many customers.

Azure AD self service password reset works great. The issue being if a user cannot log on they haven't a browser to access the portal easily.

Can the reset portal be integrated with a "Forgotten my password" link on the Sign In screen. Azure AD join integrates with web based services such as MFA so it hopefully the foundations are there.

As it's possible in the standard AD by changing the API application manifest option "groupMembershipClaims" to "SecurityGroup", is it possible to return user membership group in the claims with AD B2C?

Now, we can have only the default and custom attributes by adding a signin policy, but it's impossible to get user membership groups.

Currently if the logged in users doesnt exist in the Tenant Directory for a given application. The user is shown a very unhelpful page with the following:

Sorry, but we’re having trouble signing you in.
We received a bad request.

The debug error is :
AADSTS50020: User account 'some email address' from external identity provider 'https://sts.windows.net/someguid/'; is not supported for application 'https://someappurl'. The account needs to be added as an external user in the tenant. Please sign out and sign in again with an Azure Active Directory user account.

I would like the ability to trigger an email invitation be sent to new users for our web application that I want to authenticate with AADB2C. In our multi-tenant design, each tenant will be responsible for adding their own users to their tenant. I would like the admin of the tenant to be able to send an email invitation to the new user and then that user can complete the sign-up process.

It would be great to be able to sync Azure AD down to On-premise AD. I want to centrally manage my users, passwords, and groups from Azure AD. That way the on-premise server just acts as a medium for the local environment.

Here: http://msdn.microsoft.com/en-us/library/azure/dn798669.aspx

It says "coming soon" for cloud to on premise sync. It was last updated on September 5th 2014. I cant find any new information on if this is out.

AADB2C is great, but why not adding an Azure AD provider? We're developing an application where we can have customers with social identities as well as Azure AD identities, it would be great in the AADB2C login page to have an option like "Organization Account". In this way we can code against one single API and not be forced to use two different entry points.

One Time Password access to the DirectAccess user tunnel using MFA

It would be AWESOME, if Azure Active Directory would provide device-level authentication as primary authentication like ADFS 4.0 (Windows 2016)

We need this please!

We have a custom IDp on old ACS and use ADAL v1 to auth a desktop app. We need to use new thinks of ADAL v2 or newer versions.

We already have this app in production so we realy need a way to use Azure b2c with our custom identity provider. In fact we want the feature of custom Idp in Azure AD in order to substitute ACS.

We'd like to enable our users for lots of Azure services (incrementally), starting with some RemoteApp services. We do *not* want to move user authentication to Azure AD (users have lots of complex Google Apps logins, with 2-Factor and U2F Keys).

Is there an easy way for us to enable Google Apps as an IdP in Azure AD?

Like, can we copy user profiles from Google Apps -> Azure, and on login attempt, redirect to the Google Apps sign in screen?

Now we use MS TMG (with RSA SecurID 2-factor authentication) to publish RDWeb and RD Gateway to Internet. We need a replacement for MS TMG and RSA 2-factor authentication.
We want to publish our on-prem RDWeb sever to Internet via Azure AD Application Proxy. This solution should support Azure Multifactor authentication and RD Gateway.

When registering "local account", can email verification be optional? I'd like to have the user stay on our app during registration and start using it right away. Thanks.

Create a Sign In Policy by which we can provide our own template for the sign in page. It could work the same way as the Sign Up policy does.