Merge branch 'MicrosoftDocs:main' into docs-editor/extend-sentinel-across-workspa-1679320204

Author: yelevin

.openpublishing.redirection.azure-monitor.json

@@ -1,11 +1,6 @@
 {
     "redirections": [
-       {
-            "source_path_from_root": "/articles/azure-monitor/snapshot-debugger/snapshot-debugger-troubleshoot.md",
-            "redirect_url": "https://learn.microsoft.com/troubleshoot/azure/azure-monitor/app-insights/snapshot-debugger-troubleshoot",
-            "redirect_document_id": false
-        },
-        {
+         {
             "source_path_from_root": "/articles/azure-monitor/best-practices.md",
             "redirect_url": "/azure/azure-monitor/getting-started",
             "redirect_document_id": false

.openpublishing.redirection.deployment-environments.json

@@ -14,6 +14,11 @@
       "source_path_from_root": "/articles/deployment-environments/tutorial-create-and-configure-projects.md",
       "redirect_url": "/azure/deployment-environments/quickstart-create-and-configure-projects",
       "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/deployment-environments/how-to-configure-use-cli.md",
+      "redirect_url": "https://aka.ms/CLI-reference",
+      "redirect_document_id": false
     }
   ]
 }

.openpublishing.redirection.dev-box.json

@@ -9,6 +9,11 @@
       "source_path_from_root": "/articles/dev-box/quickstart-configure-dev-box-project.md",
       "redirect_url": "/azure/dev-box/quickstart-configure-dev-box-service",
       "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/dev-box/cli-reference-subset.md",
+      "redirect_url": "https://aka.ms/CLI-reference",
+      "redirect_document_id": false
     }
   ]
 }

.openpublishing.redirection.json

@@ -261,6 +261,11 @@ sections:
           
           1. Retrieve the `RefreshToken` again.
           
+      - question: |
+         I use multiple tabs in a web browser to sign in to multiple applications that I registered in the same Azure AD B2C tenant. When I try to perform a single sign out, not all of the applications are signed out. Why does this happen? 
+        answer: |
+          Currently, Azure AD B2C doesn't support single sign out for this specific scenario. It's caused by cookie contention as all the applications operates on the same cookie simultaneously.
+          
       - question: |
           How do I report issues with Azure AD B2C?
         answer: |

articles/active-directory-b2c/faq.yml

@@ -81,6 +81,7 @@ Define the OpenId Connect identity provider by adding it to the **ClaimsProvider
             <OutputClaim ClaimTypeReferenceId="email" PartnerClaimType="email" />
             <OutputClaim ClaimTypeReferenceId="authenticationSource" DefaultValue="socialIdpAuthentication" AlwaysUseDefaultValue="true" />
             <OutputClaim ClaimTypeReferenceId="identityProvider" PartnerClaimType="iss" />
+            <OutputClaim ClaimTypeReferenceId="objectId" PartnerClaimType="oid"/>
           </OutputClaims>
           <OutputClaimsTransformations>
             <OutputClaimsTransformation ReferenceId="CreateRandomUPNUserName"/>

articles/active-directory-b2c/identity-provider-generic-openid-connect.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: app-provisioning
 ms.workload: identity
 ms.topic: tutorial
-ms.date: 03/17/2023
+ms.date: 03/20/2023
 ms.custom: template-tutorial
 ms.reviewer: arvinh
 ---

articles/active-directory/app-provisioning/customize-application-attributes.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: app-provisioning
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 03/17/2023
+ms.date: 03/20/2023
 ms.author: kenwith
 ms.reviewer: arvinh
 ---

articles/active-directory/app-provisioning/scim-validator-tutorial.md

@@ -19,27 +19,13 @@ ms.collection: M365-identity-device-management
 
 Before combined registration, users registered authentication methods for Azure AD Multi-Factor Authentication and self-service password reset (SSPR) separately. People were confused that similar methods were used for multifactor authentication and SSPR but they had to register for both features. Now, with combined registration, users can register once and get the benefits of both multifactor authentication and SSPR. We recommend this video on [How to enable and configure SSPR in Azure AD](https://www.youtube.com/watch?v=rA8TvhNcCvQ)
 
-> [!NOTE]
-> Effective Oct. 1st, 2022, we will begin to enable combined registration for all users in Azure AD tenants created before August 15th, 2020. Tenants created after this date are enabled with combined registration. 
-
-This article outlines what combined security registration is. To get started with combined security registration, see the following article:
-
-> [!div class="nextstepaction"]
-> [Enable combined security registration](howto-registration-mfa-sspr-combined.md)
 
 ![My Account showing registered Security info for a user](media/concept-registration-mfa-sspr-combined/combined-security-info-defaults-registered.png)
 
 Before enabling the new experience, review this administrator-focused documentation and the user-focused documentation to ensure you understand the functionality and effect of this feature. Base your training on the [user documentation](https://support.microsoft.com/account-billing/set-up-your-security-info-from-a-sign-in-prompt-28180870-c256-4ebf-8bd7-5335571bf9a8) to prepare your users for the new experience and help to ensure a successful rollout.
 
 Azure AD combined security information registration is available for Azure US Government but not Azure China 21Vianet.
 
-> [!IMPORTANT]
-> Users that are enabled for both the original preview and the enhanced combined registration experience see the new behavior. Users that are enabled for both experiences see only the My Account experience. The *My Account* aligns with the look and feel of combined registration and provides a seamless experience for users. Users can see My Account by going to [https://myaccount.microsoft.com](https://myaccount.microsoft.com).
->
-> You can set **Require users to register when signing in** to **Yes** to require all users to register when signing in, ensuring that all users are protected.
->
-> You might encounter an error message while trying to access the Security info option, such as, "Sorry, we can't sign you in". Confirm that you don't have any configuration or group policy object that blocks third-party cookies on the web browser.
-
 *My Account* pages are localized based on the language settings of the computer accessing the page. Microsoft stores the most recent language used in the browser cache, so subsequent attempts to access the pages continue to render in the last language used. If you clear the cache, the pages re-render.
 
 If you want to force a specific language, you can add `?lng=<language>` to the end of the URL, where `<language>` is the code of the language you want to render.
@@ -131,6 +117,10 @@ Users can access manage mode by going to [https://aka.ms/mysecurityinfo](https:/
 
 ## Key usage scenarios
 
+### Protect Security info registration with Conditional Access
+To secure when and how users register for Azure AD Multi-Factor Authentication and self-service password reset, you can use user actions in Conditional Access policy. This functionality may be enabled in organizations that want users to register for Azure AD Multi-Factor Authentication and SSPR from a central location, such as a trusted network location during HR onboarding. Learn more on how to configure [common Conditional Access policies for securing security info registration.](../conditional-access/howto-conditional-access-policy-registration.md)
+
+
 ### Set up security info during sign-in
 
 An admin has enforced registration.