The most uncomfortable part is their log in. The amount of re-directs and glitches there are insane. Its hard to believe that it works as intended.
As an example, for some reason I could not download the BAA because trying to download it lead to a login loop on their trust website, while I was still able to see the Azure console ok in the same browser.
When I signed out of my Azure account to try if a fresh login helped, it did not trigger my 2FA at the next login. In my mind, if I actively logged out from a browser window, I withdraw my trust in that device. So not being triggered for 2FA is a massive red flag.
(no I still could not download the BAA, nor file a ticket for it, but somehow a colleague could download it ok.)
I believe that multiple article, e.g. on The Register, has mentioned that people who have left the Azure team has routinely complained that the pace was to high, and that everything is pretty much duct taped together. This was years ago, so it may have changed.
On every first try, I cannot log in into Azure Portal. I chlick "try again", it works. And it's like that for months, if not years.
IMHO it says a lot of your culture if every first interaction of your customers with your product end with an error - and you simply don't care to fix it.
Look at the CVEs for azure, msal and Active Directory for some good laughs.
Now realise most governments, large companies and education works on this
I've also encountered strange bugs, like asking to log into tenant A and getting logged into, instead, tenant B. In a loop, effectively locking me out.
The exact quirks and bugs seem to come and go, I presume as the code is changed & updated.
From what I can tell, they use it as proving ground for whatever crap they’re going to force on other applications.
After getting it to work on a raspberry pi, I decided I wouldn’t use any logged in Microsoft product in a professional setting.
Anyway, I’m sure they’ll eventually unify GitHub and LinkedIn login the same way they did with Minecraft. At that point, our industry will implode.
Logins that redirect to odd places. Jolting issues because you changed a seemingly innocuous security setting (i.e. OneNote refuses to sync on specific versions of the app/software if you don't grant them full access). Or just inconveniences, like having to login multiple times across their own sites when I dive into Office settings management. Seemingly forced use of the Microsoft Authenticator app from time to time.
Multiple computers, multiple devices. I can usually work around it, but it is a pain.
It is probably my "fault" by using Safari (no extensions) and not the all-praised(tm) Edge.
I couldn't add a billing profile to my MPN account the other day - endless loading without any indicator of success. It did work in Chrome though, except the "save" action which resulted in endless loading too, but still saved everything as expected.
I will say, they made a change to the auth system recently that made log-in significantly worse. Now several times a day my session expires or something and I go through a 5-10 second redirect flow which visibly jumps between different login APIs to refresh my log in state. (And of course this happens at the start of the day.)
My guess is that some change to the login process is not compatible with the cookies I have sitting around from the last time I logged in.
I opened bug with the Microsoft Premier support and they told me that this works as intended.
So when Microsoft says, it works as intended, it can still be bugged to hell and back. They just don't care.