Merge pull request #78844 from MicrosoftDocs/master

6/5 PM Publish

Author: huypub

.openpublishing.redirection.json

@@ -19299,6 +19299,11 @@
       "redirect_url": "/azure/active-directory/develop/quickstart-v2-register-an-app",
       "redirect_document_id": true
     },
+    {
+      "source_path": "articles/active-directory/authentication/howto-mfa-sdk.md",
+      "redirect_url": "/azure/active-directory/develop/",
+      "redirect_document_id": true
+    },
     {
       "source_path": "articles/active-directory/active-directory-claims-mapping.md",
       "redirect_url": "/azure/active-directory/develop/active-directory-claims-mapping",

articles/active-directory-b2c/active-directory-b2c-get-started-custom.md

@@ -79,7 +79,7 @@ Azure AD B2C requires you to register two applications that are used to sign up
 1. In **App registrations (Legacy)**, select **New application registration**.
 2. For **Name**, enter `ProxyIdentityExperienceFramework`.
 3. For **Application type**, choose **Native**.
-4. For **Redirect URI**, enter `https://your-tenant-name.b2clogin.com/your-tenant-name.onmicrosoft.com`, where `yourtenant` is your Azure AD B2C tenant.
+4. For **Redirect URI**, enter `https://your-tenant-name.b2clogin.com/your-tenant-name.onmicrosoft.com`, where `your-tenant-name` is your Azure AD B2C tenant.
 5. Click **Create**. After it's created, copy the application ID and save it to use later.
 6. On the Settings page, select **Required permissions**, and then select **Add**.
 7. Choose **Select an API**, search for and select **IdentityExperienceFramework**, and then click **Select**.

articles/active-directory/authentication/TOC.yml

@@ -142,10 +142,6 @@
         href: active-directory-certificate-based-authentication-android.md
       - name: CBA on iOS Devices
         href: active-directory-certificate-based-authentication-ios.md
-  - name: Develop
-    items:
-    - name: Build MFA into custom apps
-      href: howto-mfa-sdk.md
   - name: Reporting
     items:
     - name: SSPR Reports

articles/active-directory/authentication/howto-mfa-sdk.md

@@ -113,6 +113,8 @@ When users reset their password from the login screen of a Windows 10 device, a
 
 ## Limitations
 
+Account unlock, mobile app notification, and mobile app code are not supported by SSPR for Windows 10.
+
 When testing this functionality using Hyper-V, the "Reset password" link does not appear.
 
 * Go to the VM you are using to test click on **View** and then uncheck **Enhanced session**.

articles/active-directory/authentication/tutorial-sspr-windows.md

@@ -22,9 +22,9 @@ ms.reviewer: jairoc
 
 ms.collection: M365-identity-device-management
 ---
-# How to manage device identity using the Azure portal
+# Manage device identity using the Azure portal
 
-With device identity management in Azure Active Directory (Azure AD), you can ensure that your users are accessing your resources from devices that meet your standards for security and compliance. 
+With device identity management in Azure Active Directory (Azure AD), you can ensure that your users are accessing your resources from devices that meet your standards for security and compliance.
 
 This article:
 
@@ -115,7 +115,7 @@ This section provides you with information about common device identity manageme
 
 ### Manage an Intune device
 
-If you are an Intune administrator, you can manage devices marked as **Microsoft Intune**. 
+If you are an Intune administrator, you can manage devices marked as **Microsoft Intune**.
 
 ![Manage an Intune device](./media/device-management-azure-portal/31.png)
 
@@ -134,7 +134,7 @@ To enable / disable a device, you have two options:
 **Remarks:**
 
 - You need to be a global administrator or cloud device administrator in Azure AD to enable / disable a device. 
-- Disabling a device prevents a device from successfully authenticating with Azure AD, thereby preventing the device from accessing your Azure AD resources that are guarded by device CA or using your WH4B credentials. 
+- Disabling a device prevents a device from successfully authenticating with Azure AD, thereby preventing the device from accessing your Azure AD resources that are guarded by device CA or using your WH4B credentials.
 
 ### Delete an Azure AD device
 
@@ -152,7 +152,7 @@ To delete a device, you have two options:
 
 - You need to be a global administrator or an Intune administrator in Azure AD to delete a device.
 - Deleting a device:
-   - Prevents a device from accessing your Azure AD resources. 
+   - Prevents a device from accessing your Azure AD resources.
    - Removes all details that are attached to the device, for example, BitLocker keys for Windows devices.  
    - Represents a non-recoverable activity and is not recommended unless it is required.
 
@@ -174,9 +174,9 @@ To view or copy the BitLocker keys, you need to be either the owner of the devic
 
 - Global Administrator
 - Helpdesk Administrator
-- Security Administrators
-- Security Readers
-- Intune Service Administrators
+- Security Administrator
+- Security Reader
+- Intune Service Administrator
 
 > [!NOTE]
 > Hybrid Azure AD Joined Windows 10 devices do not have an owner. So, if you are looking for a device by owner and didn't find it, search by the device ID.

articles/active-directory/devices/device-management-azure-portal.md

@@ -152,5 +152,5 @@ As a rule of a thumb, you should use:
 - To set up:
    - Azure Active Directory registered Windows 10 devices, see [How to configure Azure Active Directory registered Windows 10 devices](../user-help/device-management-azuread-registered-devices-windows10-setup.md).
    - Azure Active Directory joined devices, see [How to plan your Azure Active Directory join implementation](azureadjoin-plan.md).
-   - Hybrid Azure AD joined devices, see [How to plan your hybrid Azure Active Directory join implementation](hybrid-azuread-join-plan.md).   
+   - Hybrid Azure AD joined devices, see [How to plan your hybrid Azure Active Directory join implementation](hybrid-azuread-join-plan.md).
 - To learn more about device-based conditional access, see [Configure Azure Active Directory device-based conditional access policies](../conditional-access/require-managed-devices.md).

articles/active-directory/devices/overview.md

@@ -18,6 +18,10 @@
     href: tutorial-phs-backup.md
 - name: Concepts
   items:
+   - name: Hybrid Identity
+     items:
+     - name: Cloud Governed Management for On-Premises Workloads
+       href: cloud-governed-management-for-on-premises.md
    - name: Azure AD Connect and Connect Health
      items:
      - name: What is Azure AD Connect and Connect Health?