Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into no-pods

Author: cebundy

articles/active-directory-b2c/custom-domain.md

@@ -43,9 +43,10 @@ To enable sign-in for users with a Google account in Azure Active Directory B2C
 1. In the upper-left corner of the page, select the project list, and then select **New Project**.
 1. Enter a **Project Name**, select **Create**.
 1. Make sure you are using the new project by selecting the project drop-down in the top-left of the screen. Select your project by name, then select **Open**.
-1. In the left menu, select **OAuth consent screen**, select **External**, and then select **Create**.
+1. In the left menu, select **APIs and services** and then **OAuth consent screen**. Select **External** and then select **Create**.
     1. Enter a **Name** for your application. 
     1. Select a **User support email**. 
+    1. In the **App domain** section, enter a link to your **Application home page**, a link to your **Application privacy policy**, and a link to your **Application terms of service**.
     1. In the **Authorized domains** section, enter *b2clogin.com*.
     1. In the **Developer contact information** section, enter comma separated emails for Google to notify you about any changes to your project. 
     1. Select **Save**.
@@ -199,4 +200,4 @@ If the sign-in process is successful, your browser is redirected to `https://jwt
 - Check out the Google federation [Live demo](https://github.com/azure-ad-b2c/unit-tests/tree/main/Identity-providers#google), and how to pass Google access token [Live demo](https://github.com/azure-ad-b2c/unit-tests/tree/main/Identity-providers#google-with-access-token)
 
 
-::: zone-end
+::: zone-end

articles/active-directory-b2c/identity-provider-google.md

@@ -31,6 +31,9 @@ Many of the following examples use tools like [Managed Identities](../managed-id
 
 ### PowerShell
 
+> [!IMPORTANT]
+> Due to the planned deprecation of PowerShell modules (MSOL & AAD) after December 2022, no further updates are planned for these modules to support new Conditional Access features. See recent announcements for more information: https://aka.ms/AzureADPowerShellDeprecation. New Conditional Access features may not be available or may not be functional within these PowerShell modules as a result of this announcement. Please consider [migrating to Microsoft Graph PowerShell](https://aka.ms/MigrateMicrosoftGraphPowerShell). Additional guidance and examples will be released soon.
+
 For many administrators, PowerShell is already an understood scripting tool. The following example shows how to use the [Azure AD PowerShell module](https://www.powershellgallery.com/packages/AzureAD) to manage Conditional Access policies.
 
 - [Configure Conditional Access policies with Azure AD PowerShell commands](https://github.com/Azure-Samples/azure-ad-conditional-access-apis/tree/main/01-configure/powershell)

articles/active-directory-b2c/media/custom-domain/azure-front-door-route-status.png

@@ -233,23 +233,7 @@
         - name: Remove an app registration
           href: ./howto-remove-app.md
         - name: Restore or remove a deleted app registration
-          href: ./howto-restore-app.md
-- name: Multi-service tutorials
-  items: 
-    - name: Secure web app accesses storage and Microsoft Graph
-      items:
-        - name: Overview
-          href: multi-service-web-app-overview.md        
-        - name: Set up App Service authentication
-          href: multi-service-web-app-authentication-app-service.md
-        - name: Access storage as the app
-          href: multi-service-web-app-access-storage.md
-        - name: Access Microsoft Graph as the user
-          href: multi-service-web-app-access-microsoft-graph-as-user.md
-        - name: Access Microsoft Graph as the app
-          href: multi-service-web-app-access-microsoft-graph-as-app.md
-        - name: Clean up resources
-          href: multi-service-web-app-clean-up-resources.md        
+          href: ./howto-restore-app.md            
 - name: Single-page app (SPA)
   items:
     - name: SPA authentication documentation
@@ -340,6 +324,20 @@
           href: tutorial-blazor-server.md
         - name: Node.js
           href: tutorial-v2-nodejs-webapp-msal.md
+        - name: Secure web app accesses storage and Microsoft Graph
+          items:
+            - name: Overview
+              href: multi-service-web-app-overview.md        
+            - name: Set up App Service authentication
+              href: multi-service-web-app-authentication-app-service.md
+            - name: Access storage as the app
+              href: multi-service-web-app-access-storage.md
+            - name: Access Microsoft Graph as the user
+              href: multi-service-web-app-access-microsoft-graph-as-user.md
+            - name: Access Microsoft Graph as the app
+              href: multi-service-web-app-access-microsoft-graph-as-app.md
+            - name: Clean up resources
+              href: multi-service-web-app-clean-up-resources.md
     - name: Samples
       displayName: code samples, example code, code snippets
       href: sample-v2-code.md#web-applications
@@ -372,7 +370,7 @@
             - name: Call a web API
               href: scenario-web-app-call-api-call-api.md
             - name: Move to production
-              href: scenario-web-app-call-api-production.md
+              href: scenario-web-app-call-api-production.md         
 - name: Web API
   items:
     - name: Web API authentication documentation

articles/active-directory-b2c/media/custom-domain/enable-the-route.png

@@ -42,14 +42,20 @@ landingContent:
             url: tutorial-blazor-webassembly.md
           - text: Node.js with Express
             url: tutorial-v2-nodejs-webapp-msal.md
-  - title: "Scenarios in depth"
+  - title: "Web apps in depth"
     linkLists:
       - linkListType: how-to-guide
         links:
           - text: Web app that signs in users
             url: scenario-web-app-sign-user-overview.md
           - text: Web app that calls a web API
             url: scenario-web-app-call-api-overview.md
+  - title: "Scenarios in depth"
+    linkLists:
+      - linkListType: tutorial
+        links:
+          - text: Secure web app accesses storage and Microsoft Graph
+            url: multi-service-web-app-overview.md          
 ## ROW  ################################################### ROW 2 ##
   # - title: $CARD_TITLE
   #   linkLists:

articles/active-directory/conditional-access/howto-conditional-access-apis.md

@@ -45,6 +45,7 @@ Here are some ways you can use workload identities:
 - Review service principals and applications that are assigned to privileged directory roles in Azure AD using [access reviews for service principals](../privileged-identity-management/pim-create-azure-ad-roles-and-resource-roles-review.md).
 - Access Azure AD protected resources without needing to manage secrets (for supported scenarios) using [workload identity federation](workload-identity-federation.md).
 - Apply Conditional Access policies to service principals owned by your organization using [Conditional Access for workload identities](../conditional-access/workload-identity.md).
+- Secure workload identities with [Identity Protection](../identity-protection/concept-workload-identity-risk.md).
 
 ## Next steps