MicrosoftDocs
diff --git a/‎articles/active-directory/develop/scenario-desktop-acquire-token.md
Lines changed: 2 additions & 2 deletions b/‎articles/active-directory/develop/scenario-desktop-acquire-token.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/azure-sql/database/sql-vulnerability-assessment.md
Lines changed: 40 additions & 2 deletions b/‎articles/azure-sql/database/sql-vulnerability-assessment.md
Lines changed: 40 additions & 2 deletions
diff --git a/‎articles/static-web-apps/authentication-authorization.md
Lines changed: 16 additions & 16 deletions b/‎articles/static-web-apps/authentication-authorization.md
Lines changed: 16 additions & 16 deletions
@@ -1009,7 +1009,7 @@ This flow isn't supported on MSAL for macOS.
 
 # [Node.js](#tab/nodejs)
 
-This extract is from the [MSAL Node dev samples](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-node-samples/standalone-samples/username-password). In the code snippet below, the username and password are hardcoded for illustration purposes only. This should be avoided in production. Instead, a basic UI prompting the user to enter her username/password would be recommended. 
+This extract is from the [MSAL Node dev samples](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-node-samples/username-password). In the code snippet below, the username and password are hardcoded for illustration purposes only. This should be avoided in production. Instead, a basic UI prompting the user to enter her username/password would be recommended. 
 
 ```JavaScript
 const msal = require("@azure/msal-node");
@@ -1252,7 +1252,7 @@ This flow doesn't apply to macOS.
 
 # [Node.js](#tab/nodejs)
 
-This extract is from the [MSAL Node dev samples](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-node-samples/standalone-samples/device-code).
+This extract is from the [MSAL Node dev samples](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-node-samples/device-code).
 
 ```JavaScript
 const msal = require('@azure/msal-node');
 
@@ -11,7 +11,7 @@ ms.topic: how-to
 author: davidtrigano
 ms.author: datrigan
 ms.reviewer: vanto
-ms.date: 02/11/2021
+ms.date: 04/09/2021
 tags: azure-synapse
 ---
 # SQL vulnerability assessment helps you identify database vulnerabilities
@@ -120,6 +120,44 @@ Select **Export Scan Results** to create a downloadable Excel report of your sca
 
 Select **Scan History** in the vulnerability assessment pane to view a history of all scans previously run on this database. Select a particular scan in the list to view the detailed results of that scan.
 
+### Disable specific findings from Azure Security Center (preview)
+
+If you have an organizational need to ignore a finding, rather than remediate it, you can optionally disable it. Disabled findings don't impact your secure score or generate unwanted noise.
+
+When a finding matches the criteria you've defined in your disable rules, it won't appear in the list of findings. Typical scenarios include:
+
+- Disable findings with severity below medium
+- Disable findings that are non-patchable
+- Disable findings from benchmarks that aren't of interest for a defined scope
+
+> [!IMPORTANT]
+> To disable specific findings, you need permissions to edit a policy in Azure Policy. Learn more in [Azure RBAC permissions in Azure Policy](../../governance/policy/overview.md#azure-rbac-permissions-in-azure-policy).
+
+To create a rule:
+
+1. From the recommendations detail page for **Vulnerability assessment findings on your SQL servers on machines should be remediated**, select **Disable rule**.
+
+1. Select the relevant scope.
+
+1. Define your criteria. You can use any of the following criteria: 
+    - Finding ID 
+    - Severity 
+    - Benchmarks 
+
+    :::image type="content" source="../../security-center/media/defender-for-sql-on-machines-vulnerability-assessment/disable-rule-vulnerability-findings-sql.png" alt-text="Create a disable rule for VA findings on SQL servers on machines":::
+
+1. Select **Apply rule**. Changes might take up to 24hrs to take effect.
+
+1. To view, override, or delete a rule: 
+
+    1. Select **Disable rule**.
+
+    1. From the scope list, subscriptions with active rules show as **Rule applied**.
+
+        :::image type="content" source="../../security-center/media/remediate-vulnerability-findings-vm/modify-rule.png" alt-text="Modify or delete an existing rule":::
+
+    1. To view or delete the rule, select the ellipsis menu ("...").
+
 ## Manage vulnerability assessments programmatically
 
 ### Using Azure PowerShell
@@ -241,4 +279,4 @@ To handle Boolean types as true/false, set the baseline result with binary input
 
 - Learn more about [Azure Defender for SQL](azure-defender-for-sql.md).
 - Learn more about [data discovery and classification](data-discovery-and-classification-overview.md).
-- Learn more about [Storing vulnerability assessment scan results in a storage account accessible behind firewalls and VNets](sql-database-vulnerability-assessment-storage.md).
+- Learn more about [Storing vulnerability assessment scan results in a storage account accessible behind firewalls and VNets](sql-database-vulnerability-assessment-storage.md).
@@ -4,8 +4,8 @@ description: Learn to use different authorization providers to secure your stati
 services: static-web-apps
 author: craigshoemaker
 ms.service: static-web-apps
-ms.topic:  conceptual
-ms.date: 05/08/2020
+ms.topic: conceptual
+ms.date: 04/09/2021
 ms.author: cshoe
 ---
 
@@ -19,26 +19,26 @@ Azure Static Web Apps streamlines the authentication experience by managing auth
 - Google<sup>1</sup>
 - Twitter
 
-Provider-specific [invitations](#invitations) associate users with roles, and authorized users are granted access to [routes](routes.md) by rules defined in the _routes.json_ file.
+Provider-specific [invitations](#invitations) associate users with roles, and authorized users are granted access to [routes](routes.md) by rules defined in the _staticwebapp.config.json_ file.
 
 All authentication providers are enabled by default. To restrict an authentication provider, [block access](#block-an-authorization-provider) with a custom route rule.
 
 The topics of authentication and authorization significantly overlap with routing concepts. Make sure to read the [routing guide](routes.md) along with this article.
 
 ## Roles
 
-Every user who accesses a static web app belongs to one or more roles.  There are two built-in roles that users can belong to:
+Every user who accesses a static web app belongs to one or more roles. There are two built-in roles that users can belong to:
 
 - **anonymous**: All users automatically belong to the _anonymous_ role.
 - **authenticated**: All users who are logged in belong to the _authenticated_ role.
 
-Beyond the built-in roles, you can create new roles, assign them to users via invitations, and reference them in the _routes.json_ file.
+Beyond the built-in roles, you can create new roles, assign them to users via invitations, and reference them in the _staticwebapp.config.json_ file.
 
 ## Role management
 
 ### Add a user to a role
 
-To add users to your web site, you generate invitations which allow you to associate users to specific roles. Roles are defined and maintained in the _routes.json_ file.
+To add users to your web site, you generate invitations which allow you to associate users to specific roles. Roles are defined and maintained in the _staticwebapp.config.json_ file.
 
 <a name="invitations" id="invitations"></a>
 
@@ -48,25 +48,25 @@ Invitations are specific to individual authorization-providers, so consider the
 
 <a name="provider-user-details" id="provider-user-details"></a>
 
-| Authorization provider | Exposes a user's  |
-| ---------------------- | ----------------- |
-| Azure Active Directory | email address     |
-| Facebook               | email address     |
-| GitHub                 | username          |
-| Google<sup>1</sup>     | email address     |
-| Twitter                | username          |
+| Authorization provider | Exposes a user's |
+| ---------------------- | ---------------- |
+| Azure Active Directory | email address    |
+| Facebook               | email address    |
+| GitHub                 | username         |
+| Google<sup>1</sup>     | email address    |
+| Twitter                | username         |
 
 1. Navigate to a Static Web Apps resource in the [Azure portal](https://portal.azure.com).
 1. Under _Settings_, click on **Role Management**.
 1. Click on the **Invite** button.
 1. Select an _Authorization provider_ from the list of options.
 1. Add either the username or email address of the recipient in the _Invitee details_ box.
-    - For GitHub and Twitter, you enter the username. For all others, enter the recipient's email address.
+   - For GitHub and Twitter, you enter the username. For all others, enter the recipient's email address.
 1. Select the domain of your static site from the _Domain_ drop-down.
-    - The domain you select is the domain that appears in the invitation. If you have a custom domain associated with your site, you probably want to choose the custom domain.
+   - The domain you select is the domain that appears in the invitation. If you have a custom domain associated with your site, you probably want to choose the custom domain.
 1. Add a comma-separated list of role names in the _Role_ box.
 1. Enter the maximum number of hours you want the invitation to remain valid.
-    - The maximum possible limit is 168 hours, which is 7 days.
+   - The maximum possible limit is 168 hours, which is 7 days.
 1. Click the **Generate** button.
 1. Copy the link from the _Invite link_ box.
 1. Email the invitation link to the person you're granting access to your app.