Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into yelevin/atomic-incidents

Author: yelevin

.openpublishing.publish.config.json

@@ -999,6 +999,7 @@
     "articles/iot-dps/.openpublishing.redirection.iot-dps.json",
     "articles/cloud-shell/.openpublishing.redirection.cloud-shell.json",
     ".openpublishing.redirection.azure-vmware.json",
-    ".openpublishing.redirection.openshift.json"
+    ".openpublishing.redirection.openshift.json",
+    ".openpublishing.redirection.dev-box.json"
   ]
 }

.openpublishing.redirection.active-directory.json

@@ -11058,12 +11058,12 @@
     },
     {
       "source_path_from_root": "/articles/active-directory/privileged-identity-management/concept-privileged-access-versus-role-assignable.md",
-      "redirect_url": "azure/active-directory/privileged-identity-management/concept-pim-for-groups",
+      "redirect_url": "/azure/active-directory/privileged-identity-management/concept-pim-for-groups",
       "redirect_document_id": false
     },
     {
       "source_path_from_root": "/articles/active-directory/privileged-identity-management/groups-features.md",
-      "redirect_url": "azure/active-directory/privileged-identity-management/concept-pim-for-groups",
+      "redirect_url": "/azure/active-directory/privileged-identity-management/concept-pim-for-groups",
       "redirect_document_id": false
     },
     {

.openpublishing.redirection.azure-productivity.json

@@ -30,11 +30,6 @@
       "redirect_url": "/azure/devtest-labs/samples-powershell",
       "redirect_document_id": false
     },
-    {
-      "source_path": "articles/dev-box/tutorial-connect-to-dev-box-with-remote-desktop-app.md",
-      "redirect_url": "/azure/dev-box/quickstart-connect-to-dev-box-with-remote-desktop-app",
-      "redirect_document_id": false
-    },
     {
       "source_path": "articles/lab-services/how-to-create-schedules-within-teams.md",
       "redirect_url": "/azure/lab-services/how-to-manage-labs-within-teams",

.openpublishing.redirection.dev-box.json

@@ -0,0 +1,14 @@
+{
+  "redirections": [
+    {
+      "source_path": "articles/dev-box/tutorial-connect-to-dev-box-with-remote-desktop-app.md",
+      "redirect_url": "/azure/dev-box/quickstart-connect-to-dev-box-with-remote-desktop-app",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/dev-box/quickstart-configure-dev-box-project.md",
+      "redirect_url": "/azure/dev-box/quickstart-configure-dev-box-service",
+      "redirect_document_id": false
+    }
+  ]
+}

.openpublishing.redirection.json

@@ -27981,9 +27981,14 @@
           "redirect_document_id": false
         },
         {
-            "source_path": "articles/load-balancer/protect-load-balancer-with-ddos-standard.md",
-            "redirect_URL": "/azure/load-balancer/tutorial-protect-load-balancer",
-            "redirect_document_id": false
-          }
+          "source_path": "articles/communication-services/quickstarts/voice-video-calling/get-started-android-webview.md",
+          "redirect_URL": "/azure/communication-services/quickstarts/voice-video-calling/get-started-webview?pivots=platform-android",
+          "redirect_document_id": false
+        },
+        {
+          "source_path": "articles/load-balancer/protect-load-balancer-with-ddos-standard.md",
+          "redirect_URL": "/azure/load-balancer/tutorial-protect-load-balancer",
+          "redirect_document_id": false
+        }
     ]
 }

articles/active-directory-b2c/azure-ad-b2c-global-identity-solutions.md

@@ -122,13 +122,15 @@ The approach you choose will be based on the number of applications you host and
 
 The performance advantage of using multiple tenants, in either the regional or funnel-based configuration, will be an improvement over using a single Azure AD B2C tenant for globally operating businesses.
 
-When using the funnel-based approach, although the funnel tenant will be located in one region, but serve users globally, performance improvements will be maintained.
+When using the funnel-based approach, the funnel tenant will be located in one specific region and serve users globally. Since the funnel tenants operation utilizes a global component of the Azure AD B2C service, it will maintain a consistant level of performance regardless of where users login from.
 
 ![Screenshot shows the Azure AD B2C architecture.](./media/azure-ad-b2c-global-identity-solutions/azure-ad-b2c-architecture.png)
 
-As shown in the diagram, the Azure AD B2C tenant in the funnel-based approach will only utilize the Policy Engine to perform the redirection to regional Azure AD B2C tenants. The Azure AD B2C Policy Engine component is globally distributed. Therefore, the funnel isn't constrained from a performance perspective, regardless of where the Azure AD B2C funnel tenant is provisioned. A performance loss is encountered due to the extra redirect between funnel and regional tenants in the funnel-based approach.
+As shown in the diagram above, the Azure AD B2C tenant in the funnel-based approach will only utilize the Policy Engine to perform the redirection to regional Azure AD B2C tenants. The Azure AD B2C Policy Engine component is globally distributed. Therefore, the funnel isn't constrained from a performance perspective, regardless of where the Azure AD B2C funnel tenant is provisioned. A performance loss is encountered due to the extra redirect between funnel and regional tenants in the funnel-based approach.
 
-The regional tenants will perform directory calls into the Directory Store, which is the regionalized component.
+In the regional-based approach, since each user is directed to their most local Azure AD B2C, performance is consistant for all users logging in.
+
+The regional tenants will perform directory calls into the Directory Store, which is the only regionalized component in both the funnel-based and regional-based architectures.
 
 Additional latency is only encountered when the user has performed an authentication in a different region from which they had signed-up in. This is because, calls will be made across regions to reach the Directory Store where their profile lives to complete their authentication.
 

articles/active-directory-b2c/enable-authentication-react-spa-app.md

@@ -77,7 +77,7 @@ The sample code is made up of the following components. Add these components fro
   > [!IMPORTANT]
   > If the App component file name is `App.js`, change it to `App.jsx`.
 
-- [src/pages/Hello.jsx](https://github.com/Azure-Samples/ms-identity-javascript-react-tutorial/blob/main/3-Authorization-II/2-call-api-b2c/SPA/src/pages/Hello.jsx) - Demonstrate how to call a protected resource with OAuth2 bearer token.
+- [src/pages/Hello.jsx](https://github.com/Azure-Samples/ms-identity-javascript-react-tutorial/blob/main/6-AdvancedScenarios/1-call-api-obo/SPA/src/pages/Hello.jsx) - Demonstrate how to call a protected resource with OAuth2 bearer token.
   - It uses the [useMsal](https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-react/docs/hooks.md) hook that returns the PublicClientApplication instance.
   - With PublicClientApplication instance, it acquires an access token to call the REST API.
   - Invokes the [callApiWithToken](https://github.com/Azure-Samples/ms-identity-javascript-react-tutorial/blob/main/3-Authorization-II/2-call-api-b2c/SPA/src/fetch.js) function to fetch the data from the REST API and renders the result using the **DataDisplay** component.

articles/active-directory-b2c/partner-gallery.md

@@ -45,6 +45,7 @@ Microsoft partners with the following ISVs for MFA and Passwordless authenticati
 |:-------------------------|:--------------|
 | ![Screenshot of a asignio logo](./media/partner-gallery/asignio-logo.png) | [Asignio](./partner-asignio.md) is a passwordless, soft biometric, and MFA solution. Asignio uses a combination of the patented Asignio Signature and live facial verification for user authentication. The changeable biometric signature eliminates passwords, fraud, phishing, and credential reuse through omni-channel authentication. |
 | ![Screenshot of a bloksec logo](./media/partner-gallery/bloksec-logo.png) | [BlokSec](./partner-bloksec.md) is a passwordless authentication and tokenless MFA solution, which provides real-time consent-based services and protects customers against identity-centric cyber-attacks such as password stuffing, phishing, and man-in-the-middle attacks. |
+| ![Screenshot of a grit biometric authentication logo.](./media/partner-gallery/grit-logo.png) | [Grit biometric authentication](./partner-grit-authentication.md) provides users the option to sign in using finger print, face ID or [Windows Hello](https://support.microsoft.com/windows/learn-about-windows-hello-and-set-it-up-dae28983-8242-bb2a-d3d1-87c9d265a5f0) for enhanced security. 
 | ![Screenshot of a haventec logo](./media/partner-gallery/haventec-logo.png) | [Haventec](./partner-haventec.md) is a passwordless authentication provider, which provides decentralized identity platform that eliminates passwords, shared secrets, and friction. |
 | ![Screenshot of a hypr logo](./media/partner-gallery/hypr-logo.png) | [Hypr](./partner-hypr.md) is a passwordless authentication provider, which replaces passwords with public key encryptions eliminating fraud, phishing, and credential reuse. |
 | ![Screenshot of a idemia logo](./media/partner-gallery/idemia-logo.png) | [IDEMIA](./partner-idemia.md) is a passwordless authentication provider, which provides real-time consent-based services with biometric authentication like faceID and fingerprinting eliminating fraud and credential reuse. |
@@ -111,7 +112,7 @@ Microsoft partners with the following ISVs for tools that can help with implemen
 | ISV partner | Description and integration walkthroughs |
 |:-------------------------|:--------------|
 | ![Screenshot of a grit ief editor logo.](./media/partner-gallery/grit-logo.png) | [Grit Visual Identity Experience Framework Editor](./partner-grit-editor.md) provides a low code/no code experience for developers to create sophisticated authentication user journeys. The tool comes with integrated debugger and templates for the most used scenarios.|
-| ![Screenshot of a grit biometric authentication logo.](./media/partner-gallery/grit-logo.png) | [Grit biometric authentication](./partner-grit-authentication.md) provides users the option to sign in using finger print, face ID or [Windows Hello](https://support.microsoft.com/windows/learn-about-windows-hello-and-set-it-up-dae28983-8242-bb2a-d3d1-87c9d265a5f0) for enhanced security. 
+
 
 ## Additional information
 

articles/active-directory-b2c/partner-nevis.md

@@ -29,7 +29,7 @@ To get started, you'll need:
 - An [Azure AD B2C tenant](./tutorial-create-tenant.md) linked to your Azure subscription
 
 >[!NOTE]
->To integrate Nevis into your sign-up policy flow, configure the Azure AD B2C environment to use custom policies. </br>See, [Tutorial: Create user flows and custom policies in Azure Active Directory B2C](/tutorial-create-user-flows.md?pivots=b2c-custom-policy).
+>To integrate Nevis into your sign-up policy flow, configure the Azure AD B2C environment to use custom policies. </br>See, [Tutorial: Create user flows and custom policies in Azure Active Directory B2C](/azure/active-directory-b2c/tutorial-create-user-flows).
 
 ## Scenario description
 
@@ -104,9 +104,9 @@ The diagram shows the implementation.
 2. In [/samples/Nevis/policy/nevis.html](https://github.com/azure-ad-b2c/partner-integrations/blob/master/samples/Nevis/policy/nevis.html) open the nevis.html file.
 3. Replace the  **authentication_cloud_url** with the Nevis Admin console URL `https://<instance_id>.mauth.nevis.cloud`.
 4. Select **Save**.
-5. [Create an Azure Blob storage account](/customize-ui-with-html.md#2-create-an-azure-blob-storage-account).
+5. [Create an Azure Blob storage account](./customize-ui-with-html.md#2-create-an-azure-blob-storage-account).
 6. Upload the nevis.html file to your Azure blob storage.
-7. [Configure CORS](/customize-ui-with-html.md#3-configure-cors).
+7. [Configure CORS](./customize-ui-with-html.md#3-configure-cors).
 8. Enable cross-origin resource sharing (CORS) for the file.
 9. In the list, select the **nevis.html** file.
 10. In the **Overview** tab, next to the **URL**, select the **copy link** icon.

articles/active-directory-b2c/userjourneys.md

@@ -8,7 +8,7 @@ manager: CelesteDG
 ms.service: active-directory
 ms.workload: identity
 ms.topic: reference
-ms.date: 08/31/2021
+ms.date: 01/27/2023
 ms.author: kengaderdus
 ms.subservice: B2C
 ---
@@ -232,7 +232,7 @@ Preconditions can check multiple preconditions. The following example checks whe
 
 ## Claims provider selection
 
-Identity provider selection lets users select an action from a list of options. The identity provider selection consists of a pair of two orchestration  steps: 
+Claims provider selection lets users select an action from a list of options. The identity provider selection consists of a pair of two orchestration  steps: 
 
 1. **Buttons** - It starts with type of `ClaimsProviderSelection`, or `CombinedSignInAndSignUp` that contains a list of options a user can choose from. The order of the options inside the `ClaimsProviderSelections` element controls the order of the buttons presented to the user.
 2. **Actions** - Followed by type of `ClaimsExchange`. The ClaimsExchange contains list of actions. The action is a reference to a technical profile, such as [OAuth2](oauth2-technical-profile.md), [OpenID Connect](openid-connect-technical-profile.md), [claims transformation](claims-transformation-technical-profile.md), or [self-asserted](self-asserted-technical-profile.md). When a user clicks on one of the buttons, the corresponding action is executed.