Since we announced the Custom Branding preview back in December, we’ve been hard at work to address your feedback and get the feature ready for prime time. This effort is being driven by Ariel Gordon, a PM in our team who owns our end-user authentication experience. I’ve asked him provide you with the details on the enhancements we’ve made to this feature. You’ll find his blog post below.
As always, we’re looking forward to your feedback.
Alex Simons (Twitter: Alex_A_Simons)
Director of PM
Active Directory Team
One of the really cool features of Azure AD Premium is the ability for organizations to customize their Azure AD sign in page. We’ve just released a new version of this feature that dramatically increases the percentage of sign-ins that will show your organization’s branding.
With the version we previewed in December, users only saw a branded sign in page when they visited your organization’s Office 365’s Outlook web app from a dedicated URL such as outlook.com/contoso.com. With the new version, Azure AD can now display a customized sign-in page in virtually all scenarios, including when users start their navigation from a generic URL or a bookmark such as mail.office365.com or manage.windowsazure.com.
Here’s how the updated feature works: when non-authenticated users visit a generic URL for the first time, they land on a sign in page that only carries the app branding (e.g. Office 365). As soon as they’ve entered their user ID, Azure AD checks whether custom branding has been configured for the user’s domain. If it has, the branding elements are retrieved and fade in automatically. On subsequent visits, the branding fades in automatically when users select their user tile.
The enhanced behavior works automatically—you don’t need to do anything special to benefit from it. We haven’t changed the list of elements that can be customized on the sign-in page, so you don’t need to update your customization set… but now’s the time to get it ready for prime time, for example by configuring different text and images for different languages.
If you haven’t customized your organization’s sign in page yet, it’s easy to get started. Check out this TechNet article for details (we’ve updated it to reflect the new capabilities). Note that you’ll need to be an Azure AD tenant admin to configure the customization, and have subscribed to Azure AD Premium.
PS: we received many questions about the different types of branding/customization supported by Azure AD. Here’s a short summary:
App branding. The sign-in page reflects the brand of the app that users are signing in to (e.g. Office 365) for context continuity. This capability is currently reserved to 1st party apps but we’re hard at work extending this capability to 3rd parties
Custom tenant branding. This is the ability for organizations to customize the Azure AD sign-in page with their own corporate branding and messaging. This has been around for a long time for large enterprises that run their own STS (e.g. ADFS), and we’re now making it available for organizations all of sizes that rely on Azure AD to collect user credentials.