MicrosoftDocs
diff --git a/‎articles/active-directory/external-identities/cross-tenant-access-overview.md
Lines changed: 9 additions & 9 deletions b/‎articles/active-directory/external-identities/cross-tenant-access-overview.md
Lines changed: 9 additions & 9 deletions
diff --git a/‎articles/active-directory/external-identities/cross-tenant-access-settings-b2b-collaboration.md
Lines changed: 15 additions & 14 deletions b/‎articles/active-directory/external-identities/cross-tenant-access-settings-b2b-collaboration.md
Lines changed: 15 additions & 14 deletions
@@ -60,7 +60,11 @@ You can configure organization-specific settings by adding an organization and m
 > [!IMPORTANT]
 > Changing the default inbound or outbound settings to block access could block existing business-critical access to apps in your organization or partner organizations. Be sure to use the tools described in this article and consult with your business stakeholders to identify the required access.
 
-- Cross-tenant access settings are used to manage B2B collaboration with other Azure AD organizations. For non-Azure AD identities (for example, social identities or non-IT managed external accounts), use [external collaboration settings](external-collaboration-settings-configure.md). External collaboration settings include options for restricting guest user access, specifying who can invite guests, and allowing or blocking domains.
+- To configure cross-tenant access settings in the Azure portal, you'll need an account with a Global administrator or Security administrator role.
+
+- To configure trust settings or apply access settings to specific users, groups, or applications, you'll need an Azure AD Premium P1 license.
+
+- Cross-tenant access settings are used to manage B2B collaboration and B2B direct connect with other Azure AD organizations. For B2B collaboration with non-Azure AD identities (for example, social identities or non-IT managed external accounts), use [external collaboration settings](external-collaboration-settings-configure.md). External collaboration settings include B2B collaboration options for restricting guest user access, specifying who can invite guests, and allowing or blocking domains.
 
 - If you want to apply access settings to specific users, groups, or applications in an external organization, you'll need to contact the organization for information before configuring your settings. Obtain their user object IDs, group object IDs, or application IDs (*client app IDs* or *resource app IDs*) so you can target your settings correctly.
 
@@ -69,18 +73,14 @@ You can configure organization-specific settings by adding an organization and m
 
 - The access settings you configure for users and groups must match the access settings for applications. Conflicting settings aren't allowed, and you’ll see warning messages if you try to configure them.
 
-  - **Example 1**: If you block inbound B2B collaboration for all external users and groups, access to all your applications must also be blocked.
-
-  - **Example 2**: If you allow outbound B2B collaboration for all your users (or specific users or groups), you’ll be prevented from blocking all access to external applications; access to at least one application must be allowed.
-
-- If you block access to all apps by default, users will be unable to read emails encrypted with Microsoft Rights Management Service (also known as Office 365 Message Encryption or OME). To avoid this issue, we recommend configuring your outbound settings to allow your users to access this app ID: 00000012-0000-0000-c000-000000000000. If this is the only application you allow, access to all other apps will be blocked by default.
-
-- To configure cross-tenant access settings in the Azure portal, you'll need an account with a Global administrator or Security administrator role.
+  - **Example 1**: If you block inbound access for all external users and groups, access to all your applications must also be blocked.
 
-- To configure trust settings or apply access settings to specific users, groups, or applications, you'll need an Azure AD Premium P1 license.
+  - **Example 2**: If you allow outbound access for all your users (or specific users or groups), you’ll be prevented from blocking all access to external applications; access to at least one application must be allowed.
 
 - If you want to allow B2B direct connect with an external organization and your Conditional Access policies require MFA, you must configure your trust settings so that your Conditional Access policies will accept MFA claims from the external organization.
 
+- If you block access to all apps by default, users will be unable to read emails encrypted with Microsoft Rights Management Service (also known as Office 365 Message Encryption or OME). To avoid this issue, we recommend configuring your outbound settings to allow your users to access this app ID: 00000012-0000-0000-c000-000000000000. If this is the only application you allow, access to all other apps will be blocked by default.
+
 ## Identify inbound and outbound sign-ins
 
 Several tools are available to help you identify the access your users and partners need before you set inbound and outbound access settings. To ensure you don’t remove access that your users and partners need, you should examine current sign-in behavior. Taking this preliminary step will help prevent loss of desired access for your end users and partner users. However, in some cases these logs are only retained for 30 days, so we strongly recommend you speak with your business stakeholders to ensure required access isn't lost.
 
@@ -5,7 +5,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: B2B
 ms.topic: how-to
-ms.date: 01/31/2022
+ms.date: 03/21/2022
 
 ms.author: mimart
 author: msmimart
@@ -106,12 +106,12 @@ With inbound settings, you select which external users and groups will be able t
 
 1. Under **Access status**, select one of the following:
 
-   - **Allow access**: Allows the users and groups specified under **Target** to be invited for B2B collaboration.
-   - **Block access**: Blocks the users and groups specified under **Target** from being invited to B2B collaboration.
+   - **Allow access**: Allows the users and groups specified under **Applies to** to be invited for B2B collaboration.
+   - **Block access**: Blocks the users and groups specified under **Applies to** from being invited to B2B collaboration.
 
    ![Screenshot showing selecting the user access status for B2B collaboration](media/cross-tenant-access-settings-b2b-collaboration/generic-inbound-external-users-groups-access.png)
 
-1. Under **Target**, select one of the following:
+1. Under **Applies to**, select one of the following:
 
    - **All external users and groups**: Applies the action you chose under **Access status** to all users and groups from external Azure AD organizations.
    - **Select external users and groups** (requires an Azure AD premium subscription): Lets you apply the action you chose under **Access status** to specific users and groups within the external organization.
@@ -138,12 +138,12 @@ With inbound settings, you select which external users and groups will be able t
 
 1. Under **Access status**, select one of the following:
 
-   - **Allow access**: Allows the applications specified under **Target** to be accessed by B2B collaboration users.
-   - **Block access**: Blocks the applications specified under **Target** from being accessed by B2B collaboration users.
+   - **Allow access**: Allows the applications specified under **Applies to** to be accessed by B2B collaboration users.
+   - **Block access**: Blocks the applications specified under **Applies to** from being accessed by B2B collaboration users.
 
     ![Screenshot showing applications access status](media/cross-tenant-access-settings-b2b-collaboration/generic-inbound-applications-access.png)
 
-1. Under **Target**, select one of the following:
+1. Under **Applies to**, select one of the following:
 
    - **All applications**: Applies the action you chose under **Access status** to all of your applications.
    - **Select applications** (requires an Azure AD premium subscription): Lets you apply the action you chose under **Access status** to specific applications in your organization.
@@ -211,12 +211,12 @@ With outbound settings, you select which of your users and groups will be able t
 
 1. Under **Access status**, select one of the following:
 
-   - **Allow access**: Allows your users and groups specified under **Target** to be invited to external organizations for B2B collaboration.
-   - **Block access**: Blocks your users and groups specified under **Target** from being invited to B2B collaboration. If you block access for all users and groups, this will also block all external applications from being accessed via B2B collaboration.
+   - **Allow access**: Allows your users and groups specified under **Applies to** to be invited to external organizations for B2B collaboration.
+   - **Block access**: Blocks your users and groups specified under **Applies to** from being invited to B2B collaboration. If you block access for all users and groups, this will also block all external applications from being accessed via B2B collaboration.
 
     ![Screenshot showing users and groups access status for b2b collaboration](media/cross-tenant-access-settings-b2b-collaboration/generic-outbound-external-users-groups-access.png)
 
-1. Under **Target**, select one of the following:
+1. Under **Applies to**, select one of the following:
 
    - **All \<your organization\> users**: Applies the action you chose under **Access status** to all your users and groups.
    - **Select \<your organization\> users and groups** (requires an Azure AD premium subscription): Lets you apply the action you chose under **Access status** to specific users and groups.
@@ -237,12 +237,12 @@ With outbound settings, you select which of your users and groups will be able t
 
 1. Under **Access status**, select one of the following:
 
-   - **Allow access**: Allows the external applications specified under **Target** to be accessed by your users via B2B collaboration.
-   - **Block access**: Blocks the external applications specified under **Target** from being accessed by your users via B2B collaboration.
+   - **Allow access**: Allows the external applications specified under **Applies to** to be accessed by your users via B2B collaboration.
+   - **Block access**: Blocks the external applications specified under **Applies to** from being accessed by your users via B2B collaboration.
 
     ![Screenshot showing applications access status for b2b collaboration](media/cross-tenant-access-settings-b2b-collaboration/generic-outbound-applications-access.png)
 
-1. Under **Target**, select one of the following:
+1. Under **Applies to**, select one of the following:
 
    - **All external applications**: Applies the action you chose under **Access status** to all external applications.
    - **Select external applications**: Applies the action you chose under **Access status** to all external applications.
@@ -264,4 +264,5 @@ With outbound settings, you select which of your users and groups will be able t
 
 ## Next steps
 
-See [Configure external collaboration settings](external-collaboration-settings-configure.md) for B2B collaboration with non-Azure AD identities, social identities, and non-IT managed external accounts.
+- See [Configure external collaboration settings](external-collaboration-settings-configure.md) for B2B collaboration with non-Azure AD identities, social identities, and non-IT managed external accounts.
+- [Configure cross-tenant access settings for B2B direct connect](cross-tenant-access-settings-b2b-direct-connect.md)