MicrosoftDocs
diff --git a/‎articles/active-directory/develop/includes/web-api/quickstart-aspnet-core.md
Lines changed: 5 additions & 31 deletions b/‎articles/active-directory/develop/includes/web-api/quickstart-aspnet-core.md
Lines changed: 5 additions & 31 deletions
diff --git a/‎articles/active-directory/develop/includes/web-app/quickstart-aspnet-core.md
Lines changed: 2 additions & 25 deletions b/‎articles/active-directory/develop/includes/web-app/quickstart-aspnet-core.md
Lines changed: 2 additions & 25 deletions
diff --git a/‎articles/active-directory/develop/web-app-quickstart-portal-node-js-ciam.md
Lines changed: 4 additions & 16 deletions b/‎articles/active-directory/develop/web-app-quickstart-portal-node-js-ciam.md
Lines changed: 4 additions & 16 deletions
diff --git a/‎articles/active-directory/manage-apps/configure-permission-classifications.md
Lines changed: 11 additions & 14 deletions b/‎articles/active-directory/manage-apps/configure-permission-classifications.md
Lines changed: 11 additions & 14 deletions
diff --git a/‎articles/aks/azure-blob-csi.md
Lines changed: 3 additions & 5 deletions b/‎articles/aks/azure-blob-csi.md
Lines changed: 3 additions & 5 deletions
@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: develop
 ms.topic: include
 ms.workload: identity
-ms.date: 12/09/2022
+ms.date: 04/16/2023
 ms.author: cwerner
 ms.reviewer: jmprieur
 ms.custom: devx-track-csharp, "scenarios:getting-started", "languages:aspnet-core", mode-api, engagement-fy23
@@ -48,10 +48,6 @@ First, register the web API in your Azure AD tenant and add a scope by following
 
 [Download the ASP.NET Core solution](https://github.com/Azure-Samples/active-directory-dotnet-native-aspnetcore-v2/archive/aspnetcore3-1.zip) from GitHub.
 
-> [!Note]
-> The code sample currently targets ASP.NET Core 3.1. The sample can be updated to use .NET Core 6.0 and is covered in the following steps: [Update the sample code to ASP.NET Core 6.0](#step-4-update-the-sample-code-to-aspnet-core-60)
-This quickstart will be deprecated in the near future and will be updated to use .NET 6.0.
-
 ## Step 3: Configure the ASP.NET Core project
 
 In this step, the sample code will be configured to work with the app registration that was created earlier.
@@ -74,26 +70,7 @@ In this step, the sample code will be configured to work with the app registrati
 
 For this quickstart, don't change any other values in the *appsettings.json* file.
 
-### Step 4: Update the sample code to ASP.NET Core 6.0
-
-To update this code sample to target ASP.NET Core 6.0, follow these steps:
-
-1. Open webapi.csproj
-1. Remove the following line:
-
-    ```xml
-   <TargetFramework>netcoreapp3.1</TargetFramework>
-   ```
-
-1. Add the following line in its place:
-
-   ```xml
-   <TargetFramework>netcoreapp6.0</TargetFramework>
-   ```
-
-This step will ensure that the sample is targeting the .NET Core 6.0 framework.
-
-### Step 5: Run the sample
+### Step 4: Run the sample
 
 1. Open a terminal and change directory to the project folder.
 
@@ -167,31 +144,28 @@ public void Configure(IApplicationBuilder app, IHostingEnvironment env)
 namespace webapi.Controllers
 {
     [Authorize]
+    [RequiredScope("access_as_user")]
     [ApiController]
     [Route("[controller]")]
     public class WeatherForecastController : ControllerBase
 ```
 
 ### Validation of scope in the controller
 
-The code in the API verifies that the required scopes are in the token by using `HttpContext.VerifyUserHasAnyAcceptedScope(scopeRequiredByApi);`:
+The code in the API verifies that the required scopes are in the token by using `[RequiredScope("access_as_user")]` attribute:
 
 ```csharp
 namespace webapi.Controllers
 {
     [Authorize]
+    [RequiredScope("access_as_user")]
     [ApiController]
     [Route("[controller]")]
     public class WeatherForecastController : ControllerBase
     {
-        // The web API will only accept tokens 1) for users, and 2) having the "access_as_user" scope for this API
-        static readonly string[] scopeRequiredByApi = new string[] { "access_as_user" };
-
         [HttpGet]
         public IEnumerable<WeatherForecast> Get()
         {
-            HttpContext.VerifyUserHasAnyAcceptedScope(scopeRequiredByApi);
-
             // some code here
         }
     }
 
@@ -10,7 +10,7 @@ ms.subservice: develop
 ms.topic: quickstart
 ms.workload: identity
 
-ms.date: 12/19/2022
+ms.date: 04/16/2023
 ms.author: cwerner
 
 ms.reviewer: jmprieur
@@ -50,10 +50,6 @@ See [How the sample works](#how-the-sample-works) for an illustration.
 
 [Download the ASP.NET Core solution](https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2/archive/aspnetcore3-1-callsgraph.zip)
 
-> [!Note]
-> The code sample currently targets ASP.NET Core 3.1. The sample can be updated to use .NET Core 6.0 and is covered in the following steps: [Update the sample code to ASP.NET Core 6.0](#step-4-update-the-sample-code-to-aspnet-core-60)
-This quickstart will be deprecated in the near future and will be updated to use .NET 6.0.
-
 ### Step 3: Configure your ASP.NET Core project
 
 1. Extract the *.zip* file to a local folder that's close to the root of the disk to avoid errors caused by path length limitations on Windows. For example, extract to *C:\Azure-Samples*.
@@ -74,27 +70,8 @@ This quickstart will be deprecated in the near future and will be updated to use
     - Replace `Enter_the_Client_Secret_Here` with the **Client secret** that was created and recorded in an earlier step.
 
 For this quickstart, don't change any other values in the *appsettings.json* file.
-
-### Step 4: Update the sample code to ASP.NET Core 6.0
-
-To update this code sample to target ASP.NET Core 6.0, follow these steps:
-
-1. Open WebApp-OpenIDConnect-DotNet.csproj
-1. Remove the following line:
-
-    ```xml
-   <TargetFramework>netcoreapp3.1</TargetFramework>
-   ```
-
-1. Add the following line in its place:
-
-   ```xml
-   <TargetFramework>netcoreapp6.0</TargetFramework>
-   ```
-
-This step will ensure that the sample is targeting the .NET Core 6.0 framework.
 
-### Step 5: Build and run the application
+### Step 4: Build and run the application
 
 Build and run the app in Visual Studio by selecting the **Debug** menu > **Start Debugging**, or by pressing the F5 key. 
 
 
@@ -16,25 +16,13 @@ ms.date: 04/12/2023
 # Portal quickstart for React SPA
 
 > In this quickstart, you download and run a code sample that demonstrates how a React single-page application (SPA) can sign in users with Azure AD CIAM.
-
-> [!div renderon="portal" id="display-on-portal" class="sxs-lookup"]
-> ## Prerequisites
->
-> * Azure subscription - [Create an Azure subscription for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F)
-> * [Node.js](https://nodejs.org/en/download/)
-> * [Visual Studio Code](https://code.visualstudio.com/download) or another code editor
->
-> ## Run the sample
 >
-> 1. Unzip the downloaded file.
->
-> 1. In your terminal, locate the folder that contains the `package.json` file, then run the following command:
+> [!div renderon="portal" id="display-on-portal" class="sxs-lookup"]
+> 1. Make sure you've installed [Node.js](https://nodejs.org/en/download/).
 >
+> 1. Unzip the sample, `cd` into the folder that contains `package.json`, then run the following commands:
 >     ```console
 >     npm install && npm start
 >     ```
->
-> 1. Open your browser and visit `http://locahost:3000`.
->
-> 1. Select the **Sign-in** link on the navigation bar, then follow the prompts.
+> 1. Open your browser, visit `http://locahost:3000`, select **Sign-in** link, then follow the prompts.
 >
@@ -10,7 +10,7 @@ ms.workload: identity
 ms.topic: how-to
 ms.date: 3/28/2023
 ms.author: jomondi
-ms.reviewer: arvindh, luleon, phsignor, jawoods
+ms.reviewer: phsignor, jawoods
 ms.custom: contperf-fy21q2
 zone_pivot_groups: enterprise-apps-all
 
@@ -21,7 +21,7 @@ zone_pivot_groups: enterprise-apps-all
 
 In this article, you learn how to configure permissions classifications in Azure Active Directory (Azure AD). Permission classifications allow you to identify the impact that different permissions have according to your organization's policies and risk evaluations. For example, you can use permission classifications in consent policies to identify the set of permissions that users are allowed to consent to.
 
-Currently, only the "Low impact" permission classification is supported. Only delegated permissions that don't require admin consent can be classified as "Low impact".
+Three permission classifications are supported: "Low", "Medium" (preview), and "High" (preview). Currently, only delegated permissions that don't require admin consent can be classified.
 
 The minimum permissions needed to do basic sign-in are `openid`, `profile`, `email`, and `offline_access`, which are all delegated permissions on the Microsoft Graph. With these permissions an app can read details of the signed-in user's profile, and can maintain this access even when the user is no longer using the app.
 
@@ -30,7 +30,7 @@ The minimum permissions needed to do basic sign-in are `openid`, `profile`, `ema
 To configure permission classifications, you need:
 
 - An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
-- One of the following roles: A global administrator, or owner of the service principal.
+- One of the following roles: Global Administrator, Application Administrator, or Cloud Application Administrator
 
 ## Manage permission classifications
 
@@ -40,7 +40,8 @@ Follow these steps to classify permissions using the Azure portal:
 
 1. Sign in to the [Azure portal](https://portal.azure.com) as a [Global Administrator](../roles/permissions-reference.md#global-administrator), [Application Administrator](../roles/permissions-reference.md#application-administrator), or [Cloud Application Administrator](../roles/permissions-reference.md#cloud-application-administrator)
 1. Select **Azure Active Directory** > **Enterprise applications** > **Consent and permissions** > **Permission classifications**.
-1. Choose **Add permissions** to classify another permission as "Low impact".
+1. Choose the tab for the permission classification you'd like to update.
+1. Choose **Add permissions** to classify another permission.
 1. Select the API and then select the delegated permission(s).
 
 In this example, we've classified the minimum set of permission required for single sign-on:
@@ -57,7 +58,7 @@ You can use the latest [Azure AD PowerShell](/powershell/module/azuread/?preserv
 Run the following command to connect to Azure AD PowerShell. To consent to the required scopes, sign in with one of the roles listed in the prerequisite section of this article.
 
 ```powershell
-Connect-AzureAD -Scopes
+Connect-AzureAD
 ```
 
 ### List the current permission classifications
@@ -169,13 +170,9 @@ Connect-MgGraph -Scopes "Policy.ReadWrite.PermissionGrant".
 
    ```powershell
    $params = @{ 
-
-   PermissionId = $delegatedPermission.Id 
-
-   PermissionName = $delegatedPermission.Value 
-
-   Classification = "Low" 
-
+      PermissionId = $delegatedPermission.Id 
+      PermissionName = $delegatedPermission.Value 
+      Classification = "Low"
    } 
 
    New-MgServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $api.Id -BodyParameter $params 
@@ -192,7 +189,7 @@ Connect-MgGraph -Scopes "Policy.ReadWrite.PermissionGrant".
 1. Find the delegated permission classification you wish to remove:
 
    ```powershell
-   $classifications= Get-MgServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $api.Id 
+   $classifications = Get-MgServicePrincipalDelegatedPermissionClassification -ServicePrincipalId $api.Id 
 
    $classificationToRemove = $classifications | Where-Object {$_.PermissionName -eq "openid"}
    ```
@@ -242,4 +239,4 @@ DELETE https://graph.microsoft.com/v1.0/servicePrincipals(appId='00000003-0000-0
 ## Next steps
 
 - [Manage app consent policies](manage-app-consent-policies.md)
-- [Permissions and consent in the Microsoft identity platform](../develop/v2-permissions-and-consent.md)
+- [Permissions and consent in the Microsoft identity platform](../develop/v2-permissions-and-consent.md)
@@ -2,7 +2,7 @@
 title: Use Container Storage Interface (CSI) driver for Azure Blob storage on Azure Kubernetes Service (AKS)
 description: Learn how to use the Container Storage Interface (CSI) driver for Azure Blob storage in an Azure Kubernetes Service (AKS) cluster.
 ms.topic: article
-ms.date: 03/29/2023
+ms.date: 04/13/2023
 
 ---
 
@@ -141,9 +141,8 @@ To have a storage volume persist for your workload, you can use a StatefulSet. T
       volumeClaimTemplates:
         - metadata:
             name: persistent-storage
-            annotations:
-              volume.beta.kubernetes.io/storage-class: azureblob-nfs-premium
           spec:
+            storageClassName: azureblob-nfs-premium
             accessModes: ["ReadWriteMany"]
             resources:
               requests:
@@ -191,9 +190,8 @@ To have a storage volume persist for your workload, you can use a StatefulSet. T
       volumeClaimTemplates:
         - metadata:
             name: persistent-storage
-            annotations:
-              volume.beta.kubernetes.io/storage-class: azureblob-fuse-premium
           spec:
+            storageClassName: azureblob-fuse-premium
             accessModes: ["ReadWriteMany"]
             resources:
               requests: