updated

Author: Juliako

.openpublishing.redirection.json

@@ -16689,6 +16689,11 @@
       "redirect_url": "https://docs.microsoft.com/rest/api/searchservice/add-scoring-profiles-to-a-search-index",
       "redirect_document_id": false
     },
+    {
+      "source_path": "articles/service-bus/index.md",
+      "redirect_url": "/azure/service-bus-messaging/index",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/service-bus-messaging/service-bus-role-based-access-control.md",
       "redirect_url": "/azure/service-bus-messaging/service-bus-managed-service-identity",
@@ -41799,6 +41804,16 @@
       "redirect_url": "/azure/azure-monitor/log-query/query-optimization",
       "redirect_document_id": false
     },
+    {
+      "source_path": "articles/azure-monitor/insights/vminsights-known-issues.md",
+      "redirect_url": "/azure/azure-monitor/insights/vminsights-overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-monitor/log-query/vminsights-health.md",
+      "redirect_url": "/azure/azure-monitor/log-query/vminsights-overview",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/machine-learning/service/how-to-automated-ml.md",
       "redirect_url": "/azure/machine-learning/service/concept-automated-ml",
@@ -49348,6 +49363,16 @@
       "source_path": "articles/media-services/latest/access-api-cli-how-to.md",
       "redirect_url": "/azure/media-services/latest/access-api-howto",
       "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/media-services/latest/create-account-portal.md",
+      "redirect_url": "/azure/media-services/latest/create-account-howto",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/media-services/latest/create-account-cli-how-to.md",
+      "redirect_url": "/azure/media-services/latest/create-account-howto",
+      "redirect_document_id": false
     }
   ]
 }

articles/active-directory-b2c/TOC.yml

@@ -74,6 +74,8 @@
       href: custom-policy-overview.md
   - name: User accounts
     href: user-overview.md
+  - name: User profile attributes
+    href: user-profile-attributes.md
 - name: How-to guides
   items:
   - name: App integration

articles/active-directory-b2c/active-directory-technical-profile.md

@@ -9,7 +9,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: reference
-ms.date: 03/09/2020
+ms.date: 03/16/2020
 ms.author: mimart
 ms.subservice: B2C
 ---
@@ -111,6 +111,7 @@ The name of the claim is the name of the Azure AD attribute unless the **Partner
 ## Requirements of an operation
 
 - There must be exactly one **InputClaim** element in the claims bag for all Azure AD technical profiles.
+- The [user profile attributes article](user-profile-attributes.md) describes the supported Azure AD B2C user profile attributes you can use in the input claims, output claims, and persisted claims. 
 - If the operation is `Write` or `DeleteClaims`, then it must also appear in a **PersistedClaims** element.
 - The value of the **userPrincipalName** claim must be in the format of `[email protected]`.
 - The **displayName** claim is required and cannot be an empty string.
@@ -250,7 +251,7 @@ The following technical profile deletes a social user account using **alternativ
 | ClientId | No | The client identifier for accessing the tenant as a third party. For more information, see [Use custom attributes in a custom profile edit policy](custom-policy-custom-attributes.md) |
 | IncludeClaimResolvingInClaimsHandling  | No | For input and output claims, specifies whether [claims resolution](claim-resolver-overview.md) is included in the technical profile. Possible values: `true`, or `false` (default). If you want to use a claims resolver in the technical profile, set this to `true`. |
 
-### Error messages
+## Error messages
 
 The following settings can be used to configure the error message displayed upon failure. The metadata should be configured in the [self-asserted](self-asserted-technical-profile.md) technical profile. The error messages can be [localized](localization.md).
 

articles/active-directory-b2c/custom-policy-rest-api-claims-validation.md

@@ -9,7 +9,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 02/13/2020
+ms.date: 03/16/2020
 ms.author: mimart
 ms.subservice: B2C
 ---

articles/active-directory-b2c/custom-policy-ui-customization.md

@@ -9,7 +9,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 02/14/2020
+ms.date: 03/16/2020
 ms.author: mimart
 ms.subservice: B2C
 ---
@@ -60,6 +60,28 @@ In the Microsoft Graph API, both local and federated identities are stored in th
 |issuer|string|Specifies the issuer of the identity. For local accounts (where **signInType** is not `federated`), this property is the local B2C tenant default domain name, for example `contoso.onmicrosoft.com`. For social identity (where **signInType** is  `federated`) the value is the name of the issuer, for example `facebook.com`|
 |issuerAssignedId|string|Specifies the unique identifier assigned to the user by the issuer. The combination of **issuer** and **issuerAssignedId** must be unique within your tenant. For local account, when **signInType** is set to `emailAddress` or `userName`, it represents the sign-in name for the user.<br>When **signInType** is set to: <ul><li>`emailAddress` (or starts with `emailAddress` like `emailAddress1`) **issuerAssignedId** must be a valid email address</li><li>`userName` (or any other value), **issuerAssignedId** must be a valid [local part of an email address](https://tools.ietf.org/html/rfc3696#section-3)</li><li>`federated`, **issuerAssignedId** represents the federated account unique identifier</li></ul>|
 
+The following **Identities** property, with a local account identity with a sign-in name, an email address as sign-in, and with a social identity. 
+
+ ```JSON
+ "identities": [
+     {
+       "signInType": "userName",
+       "issuer": "contoso.onmicrosoft.com",
+       "issuerAssignedId": "johnsmith"
+     },
+     {
+       "signInType": "emailAddress",
+       "issuer": "contoso.onmicrosoft.com",
+       "issuerAssignedId": "[email protected]"
+     },
+     {
+       "signInType": "federated",
+       "issuer": "facebook.com",
+       "issuerAssignedId": "5eecb0cd"
+     }
+   ]
+ ```
+
 For federated identities, depending on the identity provider, the **issuerAssignedId** is a unique value for a given user per application or development account. Configure the Azure AD B2C policy with the same application ID that was previously assigned by the social provider or another application within the same development account.
 
 ### Password profile property
@@ -116,9 +138,9 @@ After you've obtained the code sample, configure it for your environment and the
     ```
 1. Run the application with the `dotnet` command:
 
-```console
-dotnet bin/Debug/netcoreapp3.0/b2c-ms-graph.dll
-```
+    ```console
+    dotnet bin/Debug/netcoreapp3.0/b2c-ms-graph.dll
+    ```
 
 The application displays a list of commands you can execute. For example, get all users, get a single user, delete a user, update a user's password, and bulk import.
 

articles/active-directory-b2c/manage-user-accounts-graph-api.md

@@ -9,7 +9,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: reference
-ms.date: 03/03/2020
+ms.date: 03/16/2020
 ms.author: mimart
 ms.subservice: B2C
 ---
@@ -215,19 +215,7 @@ If the type of authentication is set to `Bearer`, the **CryptographicKeys** elem
 
 ## Returning error message
 
-Your REST API may need to return an error message, such as 'The user was not found in the CRM system'. If an error occurs, the REST API should return an HTTP 409 error message (Conflict response status code) with following attributes:
-
-| Attribute | Required | Description |
-| --------- | -------- | ----------- |
-| version | Yes | 1.0.0 |
-| status | Yes | 409 |
-| code | No | An error code from the RESTful endpoint provider, which is displayed when `DebugMode` is enabled. |
-| requestId | No | A request identifier from the RESTful endpoint provider, which is displayed when `DebugMode` is enabled. |
-| userMessage | Yes | An error message that is shown to the user. |
-| developerMessage | No | The verbose description of the problem and how to fix it, which is displayed when `DebugMode` is enabled. |
-| moreInfo | No | A URI that points to additional information, which is displayed when `DebugMode` is enabled. |
-
-The following example shows a REST API that returns an error message formatted in JSON:
+Your REST API may need to return an error message, such as 'The user was not found in the CRM system'. If an error occurs, the REST API should return an HTTP 4xx error message, such as, 400 (bad request), or 409 (conflict) response status code. The response body contains error message formatted in JSON:
 
 ```JSON
 {
@@ -241,6 +229,17 @@ The following example shows a REST API that returns an error message formatted i
 }
 ```
 
+| Attribute | Required | Description |
+| --------- | -------- | ----------- |
+| version | Yes | Your REST API version. For example: 1.0.1 |
+| status | Yes | Must be 409 |
+| code | No | An error code from the RESTful endpoint provider, which is displayed when `DebugMode` is enabled. |
+| requestId | No | A request identifier from the RESTful endpoint provider, which is displayed when `DebugMode` is enabled. |
+| userMessage | Yes | An error message that is shown to the user. |
+| developerMessage | No | The verbose description of the problem and how to fix it, which is displayed when `DebugMode` is enabled. |
+| moreInfo | No | A URI that points to additional information, which is displayed when `DebugMode` is enabled. |
+
+
 The following example shows a C# class that returns an error message:
 
 ```csharp

articles/active-directory-b2c/restful-technical-profile.md

@@ -9,7 +9,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: reference
-ms.date: 02/17/2020
+ms.date: 03/16/2020
 ms.author: mimart
 ms.subservice: B2C
 ---
@@ -64,8 +64,8 @@ In the display claims collection, you can include a reference to a [DisplayContr
 
 The following example `TechnicalProfile` illustrates the use of display claims with display controls.
 
-* The first display claim makes a reference to the `emailVerificationControl` display control which collects and verifies the email address.
-* The fifth display claim makes a reference to the `phoneVerificationControl` display control which collects and verifies a phone number.
+* The first display claim makes a reference to the `emailVerificationControl` display control, which collects and verifies the email address.
+* The fifth display claim makes a reference to the `phoneVerificationControl` display control, which collects and verifies a phone number.
 * The other display claims are ClaimTypes to be collected from the user.
 
 ```XML
@@ -117,6 +117,8 @@ The `age` claim in the base policy is no longer presented on the screen to the u
 
 The **OutputClaims** element contains a list of claims to be returned to the next orchestration step. The **DefaultValue** attribute takes effect only if the claim has never been set. If it was set in a previous orchestration step, the default value does not take effect even if the user leaves the value empty. To force the use of a default value, set the **AlwaysUseDefaultValue** attribute to `true`.
 
+For security reasons, a password claim value (`UserInputType` set to `Password`) is available only to the self-asserted technical profile's validation technical profiles. You cannot use password claim in the next orchestration steps. 
+
 > [!NOTE]
 > In previous versions of the Identity Experience Framework (IEF), output claims were used to collect data from the user. To collect data from the user, use a **DisplayClaims** collection instead.
 
@@ -126,7 +128,7 @@ The **OutputClaimsTransformations** element may contain a collection of **Output
 
 In a self-asserted technical profile, the output claims collection returns the claims to the next orchestration step.
 
-You should use output claims when:
+Use output claims when:
 
 - **Claims are output by output claims transformation**.
 - **Setting a default value in an output claim** without collecting data from the user or returning the data from the validation technical profile. The `LocalAccountSignUpWithLogonEmail` self-asserted technical profile sets the **executed-SelfAsserted-Input** claim to `true`.
@@ -190,7 +192,7 @@ You can also call a REST API technical profile with your business logic, overwri
 | AllowGenerationOfClaimsWithNullValues| No| Allow to generate a claim with null value. For example, in a case user doesn't select a checkbox.|
 | ContentDefinitionReferenceId | Yes | The identifier of the [content definition](contentdefinitions.md) associated with this technical profile. |
 | EnforceEmailVerification | No | For sign-up or profile edit, enforces email verification. Possible values: `true` (default), or `false`. |
-| setting.retryLimit | No | Controls the number of times a user can try to provide the data that is checked against a validation technical profile . For example, a user tries to sign-up with an account that already exists and keeps trying until the limit reached.
+| setting.retryLimit | No | Controls the number of times a user can try to provide the data that is checked against a validation technical profile. For example, a user tries to sign-up with an account that already exists and keeps trying until the limit reached.
 | SignUpTarget <sup>1</sup>| No | The signup target exchange identifier. When the user clicks the sign-up button, Azure AD B2C executes the specified exchange identifier. |
 | setting.showCancelButton | No | Displays the cancel button. Possible values: `true` (default), or `false` |
 | setting.showContinueButton | No | Displays the continue button. Possible values: `true` (default), or `false` |