Merge pull request #100394 from MicrosoftDocs/repo_sync_working_branch

Confirm merge from repo_sync_working_branch to master to sync with https://github.com/Microsoft/azure-docs (branch master)

Author: rmca14

articles/active-directory-b2c/connect-with-saml-service-providers.md

@@ -269,7 +269,7 @@ Your custom policy and Azure AD B2C tenant are now ready. Next, create an applic
 1. In the left menu, select **Azure AD B2C**. Or, select **All services** and search for and select **Azure AD B2C**.
 1. Select **App registrations (Preview)**, and then select **New registration**.
 1. Enter a **Name** for the application. For example, *SAMLApp1*.
-1. Under **Supported account types**, select **Accounts in any organizational directory or any identity provider.**
+1. Under **Supported account types**, select **Accounts in this organizational directory only**
 1. Under **Redirect URI**, select **Web**, and then enter `https://localhost`. You modify this value later in the application registration's manifest.
 1. Select **Grant admin consent to openid and offline_access permissions**.
 1. Select **Register**.
@@ -281,11 +281,11 @@ For SAML apps, there are several properties you need to configure in the applica
 1. In the [Azure portal](https://portal.azure.com), navigate to the application registration that you created in the previous section.
 1. Under **Manage**, select **Manifest** to open the manifest editor. You modify several properties in the following sections.
 
-#### IdentifierUri
+#### identifierUris
 
-The `IdentifierUri` is a string collection containing user-defined URI(s) that uniquely identify a Web app within its Azure AD B2C tenant. The identifier URI must be from a verified domain within your organization's directory. For example, `https://contoso.onmicrosoft.com/app-name`. Your service provider must set this value in the `Issuer` element of a SAML request.
+The `identifierUris` is a string collection containing user-defined URI(s) that uniquely identify a Web app within its Azure AD B2C tenant. Your service provider must set this value in the `Issuer` element of a SAML request.
 
-#### SamlMetadataUrl
+#### samlMetadataUrl
 
 This property represents service provider's publicly available metadata URL. The metadata URL can point to a metadata file uploaded to any anonymously accessible endpoint, for example blob storage.
 
@@ -299,7 +299,7 @@ For this tutorial which uses the SAML test application, use the following value
 "samlMetadataUrl":"https://samltestapp2.azurewebsites.net/Metadata",
 ```
 
-#### ReplyUrlWithType (Optional)
+#### replyUrlsWithType (Optional)
 
 If you do not provide a metadata URI, you can explicitly specify the reply URL. This optional property represents the `AssertionConsumerServiceUrl` (`SingleSignOnService` URL in the service provider metadata) and the `BindingType` is assumed to be `HTTP POST`.
 
@@ -316,7 +316,7 @@ For this tutorial, in which you use the SAML test application, set the `url` pro
 ],
 ```
 
-#### LogoutUrl (Optional)
+#### logoutUrl (Optional)
 
 This optional property represents the `Logout` URL (`SingleLogoutService` URL in the relying party metadata), and the `BindingType` for this is assumed to be `Http-Redirect`.
 

articles/active-directory/authentication/howto-mfa-userstates.md

@@ -133,7 +133,7 @@ Using PowerShell is a good option when you need to bulk enable users. As an exam
 To disable MFA, use this script:
 
    ```PowerShell
-   Get-MsolUser -UserPrincipalName [email protected] | Set-MsolUser -StrongAuthenticationMethods @()
+   Get-MsolUser -UserPrincipalName [email protected] | Set-MsolUser -StrongAuthenticationRequirements @()
    ```
 
 which can also be shortened to:

articles/active-directory/authentication/howto-password-smart-lockout.md

@@ -65,7 +65,7 @@ Based on your organizational requirements, smart lockout values may need to be c
 To check or modify the smart lockout values for your organization, use the following steps:
 
 1. Sign in to the [Azure portal](https://portal.azure.com).
-1. Search for and select *Azure Active Directory*. Select **Authentication methods** > **Password protection**.
+1. Search for and select *Azure Active Directory*. Select **Security** > **Authentication methods** > **Password protection**.
 1. Set the **Lockout threshold**, based on how many failed sign-ins are allowed on an account before its first lockout. The default is 10.
 1. Set the **Lockout duration in seconds**, to the length in seconds of each lockout. The default is 60 seconds (one minute).
 

articles/active-directory/conditional-access/concept-baseline-protection.md

@@ -22,7 +22,7 @@ Baseline policies are a set of predefined policies that help protect organizatio
 Managing customized Conditional Access policies requires an Azure AD Premium license.
 
 > [!IMPORTANT]
-> Baseline policies are being depricated. See [What's new in Azure Active Directory?](../fundamentals/whats-new.md#replacement-of-baseline-policies-with-security-defaults) for more information.
+> Baseline policies are being deprecated. See [What's new in Azure Active Directory?](../fundamentals/whats-new.md#replacement-of-baseline-policies-with-security-defaults) for more information.
 
 ## Baseline policies
 

articles/active-directory/saas-apps/hackerone-tutorial.md

@@ -103,14 +103,11 @@ To configure Azure AD single sign-on with HackerOne, perform the following steps
 
     ![HackerOne Domain and URLs single sign-on information](common/sp-identifier.png)
 
-	a. In the **Sign on URL** text box, type a URL using the following pattern:
-    `https://hackerone.com/<company name>/authentication`
+	a. In the **Sign on URL** text box, enter the following:
+    `https://hackerone.com/users/saml/auth`
 
-    b. In the **Identifier (Entity ID)** text box, type a URL:
-    `https://hackerone.com/users/saml/metadata`
-
-	> [!NOTE]
-	> This Sign on URL value is not real. Update this value with the actual Sign-On URL. Contact [HackerOne Client support team](mailto:[email protected]) to get this value. You can also refer to the patterns shown in the **Basic SAML Configuration** section in the Azure portal.
+    b. In the **Identifier (Entity ID)** text box, enter the following:
+    `hackerone.com`
 
 5. On the **Set up Single Sign-On with SAML** page, in the **SAML Signing Certificate** section, click **Download** to download the **Certificate (Base64)** from the given options as per your requirement and save it on your computer.
 
@@ -225,4 +222,4 @@ When you click the HackerOne tile in the Access Panel, you should be automatical
 
 - [What is application access and single sign-on with Azure Active Directory?](https://docs.microsoft.com/azure/active-directory/active-directory-appssoaccess-whatis)
 
-- [What is Conditional Access in Azure Active Directory?](https://docs.microsoft.com/azure/active-directory/conditional-access/overview)
+- [What is Conditional Access in Azure Active Directory?](https://docs.microsoft.com/azure/active-directory/conditional-access/overview)

articles/analysis-services/analysis-services-gateway.md

@@ -10,7 +10,7 @@ ms.reviewer: minewiskan
 ---
 # Connecting to on-premises data sources with On-premises data gateway
 
-The on-premises data gateway provides secure data transfer between on-premises data sources and your Azure Analysis Services servers in the cloud. In addition to working with multiple Azure Analysis Services servers in the same region, the latest version of the gateway also works with Azure Logic Apps, Power BI, Power Apps, and Microsoft Flow. You can associate multiple services in the same subscription and same region with a single gateway. While the gateway you install is the same across all of these services, Azure Analysis Services and Logic Apps have some additional steps.
+The on-premises data gateway provides secure data transfer between on-premises data sources and your Azure Analysis Services servers in the cloud. In addition to working with multiple Azure Analysis Services servers in the same region, the latest version of the gateway also works with Azure Logic Apps, Power BI, Power Apps, and Power Automate. You can associate multiple services in the same subscription and same region with a single gateway. While the gateway you install is the same across all of these services, Azure Analysis Services and Logic Apps have some additional steps.
 
 For Azure Analysis Services, getting setup with the gateway the first time is a four-part process:
 

articles/app-service/configure-authentication-provider-microsoft.md

@@ -19,15 +19,15 @@ This topic shows you how to configure Azure App Service to use Microsoft Account
 
 1. Go to [**App registrations**](https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade) in the Azure portal. If needed, sign in with your Microsoft account.
 1. Select **New registration**, then enter an application name.
-1. In **Redirect URIs**, select **Web**, and then enter `https://<app-domain-name>/.auth/login/microsoftaccount/callback supply the endpoint for your application`. Replace *\<app-domain-name>* with the domain name of your app.  For example, `https://contoso.azurewebsites.net/.auth/login/microsoftaccount/callback`. Be sure to use the HTTPS scheme in the URL.
+1. In **Redirect URIs**, select **Web**, and then enter `https://<app-domain-name>/.auth/login/microsoftaccount/callback`. Replace *\<app-domain-name>* with the domain name of your app.  For example, `https://contoso.azurewebsites.net/.auth/login/microsoftaccount/callback`. Be sure to use the HTTPS scheme in the URL.
 
 1. Select **Register**.
 1. Copy the **Application (Client) ID**. You'll need it later.
 1. From the left pane, select **Certificates & secrets** > **New client secret**. Enter a description, select the validity duration, and select **Add**.
 1. Copy the value that appears on the **Certificates & secrets** page. After you leave the page, it won't be displayed again.
 
     > [!IMPORTANT]
-    > The password is an important security credential. Do not share the password with anyone or distribute it within a client application.
+    > The client secret value (password) is an important security credential. Do not share the password with anyone or distribute it within a client application.
 
 ## <a name="secrets"> </a>Add Microsoft Account information to your App Service application
 

articles/app-service/configure-ssl-certificate.md

@@ -10,7 +10,7 @@ ms.custom: seodec18
 ---
 # Add an SSL certificate in Azure App Service
 
-[Azure App Service](overview.md) provides a highly scalable, self-patching web hosting service. This article shows you how create, upload, or import a private certificate or a public certificate into App Service. 
+[Azure App Service](overview.md) provides a highly scalable, self-patching web hosting service. This article shows you how to create, upload, or import a private certificate or a public certificate into App Service. 
 
 Once the certificate is added to your App Service app or [function app](https://docs.microsoft.com/azure/azure-functions/), you can [secure a custom DNS name with it](configure-ssl-bindings.md) or [use it in your application code](configure-ssl-certificate-in-code.md).
 
@@ -108,8 +108,8 @@ Use the following table to help you configure the certificate. When finished, cl
 |-|-|
 | Name | A friendly name for your App Service certificate. |
 | Naked Domain Host Name | Specify the root domain here. The issued certificate secures *both* the root domain and the `www` subdomain. In the issued certificate, the Common Name field contains the root domain, and the Subject Alternative Name field contains the `www` domain. To secure any subdomain only, specify the fully qualified domain name of the subdomain here (for example, `mysubdomain.contoso.com`).|
-| Subscription | The datacenter where the web app is hosted. |
-| Resource group | The resource group that contains the certificate. You can use a new resource group or select the same resource group as your App Service app, for example. |
+| Subscription | The subscription that will contain the certificate. |
+| Resource group | The resource group that will contain the certificate. You can use a new resource group or select the same resource group as your App Service app, for example. |
 | Certificate SKU | Determines the type of certificate to create, whether a standard certificate or a [wildcard certificate](https://wikipedia.org/wiki/Wildcard_certificate). |
 | Legal Terms | Click to confirm that you agree with the legal terms. The certificates are obtained from GoDaddy. |
 
@@ -123,7 +123,7 @@ Select the certificate in the [App Service Certificates](https://portal.azure.co
 
 [Key Vault](https://docs.microsoft.com/azure/key-vault/key-vault-overview) is an Azure service that helps safeguard cryptographic keys and secrets used by cloud applications and services. It's the storage of choice for App Service certificates.
 
-In the **Key Vault Status** page, click **Key Vault Repository** to create a new vault or choose an existing vault. If you choose to create a new vault, use the following table to help you configure the vault and click Create. see to create new Key Vault inside same subscription and resource group.
+In the **Key Vault Status** page, click **Key Vault Repository** to create a new vault or choose an existing vault. If you choose to create a new vault, use the following table to help you configure the vault and click Create. Create the new Key Vault inside the same subscription and resource group as your App Service app.
 
 | Setting | Description |
 |-|-|
@@ -134,7 +134,7 @@ In the **Key Vault Status** page, click **Key Vault Repository** to create a new
 | Access policies| Defines the applications and the allowed access to the vault resources. You can configure it later, following the steps at [Grant several applications access to a key vault](../key-vault/key-vault-group-permissions-for-apps.md). |
 | Virtual Network Access | Restrict vault access to certain Azure virtual networks. You can configure it later, following the steps at [Configure Azure Key Vault Firewalls and Virtual Networks](../key-vault/key-vault-network-security.md) |
 
-Once you've selected the vault, close the **Key Vault Repository** page. The **Store** option should show a green check mark for success. Keep the page open for the next step.
+Once you've selected the vault, close the **Key Vault Repository** page. The **Step 1: Store** option should show a green check mark for success. Keep the page open for the next step.
 
 ### Verify domain ownership
 
@@ -178,7 +178,7 @@ In the <a href="https://portal.azure.com" target="_blank">Azure portal</a>, from
 
 From the left navigation of your app, select **TLS/SSL settings** > **Private Key Certificates (.pfx)** > **Import Key Vault Certificate**.
 
-![Import Key Vault certificate in App Service](./media/configure-ssl-certificate/import-key-vault-cert.png))
+![Import Key Vault certificate in App Service](./media/configure-ssl-certificate/import-key-vault-cert.png)
 
 Use the following table to help you select the certificate.
 

articles/app-service/containers/configure-language-dotnetcore.md

@@ -41,7 +41,7 @@ az webapp config set --name <app-name> --resource-group <resource-group-name> --
 In App Service, you can [set app settings](../configure-common.md?toc=%2fazure%2fapp-service%2fcontainers%2ftoc.json#configure-app-settings) outside of your app code. Then you can access them in any class using the standard ASP.NET Core dependency injection pattern:
 
 ```csharp
-include Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.Configuration;
 
 namespace SomeNamespace 
 {
@@ -149,4 +149,4 @@ az webapp config appsettings set --name <app-name> --resource-group <resource-gr
 > [Tutorial: ASP.NET Core app with SQL Database](tutorial-dotnetcore-sqldb-app.md)
 
 > [!div class="nextstepaction"]
-> [App Service Linux FAQ](app-service-linux-faq.md)
+> [App Service Linux FAQ](app-service-linux-faq.md)

articles/app-service/containers/quickstart-python.md

@@ -47,7 +47,7 @@ In a terminal window, use the commands below (as appropriate for your operating
 python3 -m venv venv
 source venv/bin/activate
 pip install -r requirements.txt
-FLASK_APP=application.py
+export FLASK_APP=application.py
 flask run
 ```
 
@@ -93,7 +93,7 @@ az login
 
 The [`az webapp up`](/cli/azure/webapp#az-webapp-up) command creates the web app on App Service and deploys your code.
 
-In the *python-docs-hello-world* folder that contains the sample code, run the following `az webapp up` command. Replace  `<app-name>` with a globally unique app name (*valid characters are `a-z`, `0-9`, and `-`*). Also replace `<location-name>` with an Azure region such as **centralus**, **eastasia**, **westeurope**, **koreasouth**, **brazilsouth**, **centralindia**, and so on. (You can retrieve a list of allowable regions for your Azure account by running the [`az account locations-list`](/cli/azure/appservice?view=azure-cli-latest.md#az-appservice-list-locations) command.)
+In the *python-docs-hello-world* folder that contains the sample code, run the following `az webapp up` command. Replace  `<app-name>` with a globally unique app name (*valid characters are `a-z`, `0-9`, and `-`*). Also replace `<location-name>` with an Azure region such as **centralus**, **eastasia**, **westeurope**, **koreasouth**, **brazilsouth**, **centralindia**, and so on. (You can retrieve a list of allowable regions for your Azure account by running the [`az account list-locations`](/cli/azure/appservice?view=azure-cli-latest.md#az-appservice-list-locations) command.)
 
 
 ```terminal