clarifications

msmimart · msmimart · commit 26ccad8fdc0d · 2020-05-19T16:57:38.000-05:00
diff --git a/articles/active-directory/b2b/facebook-federation.md b/articles/active-directory/b2b/facebook-federation.md
@@ -20,6 +20,7 @@ ms.collection: M365-identity-device-management
 # Add Facebook as an identity provider for External Identities
 
 You can add Facebook to your self-service sign-up user flows (Preview) so that users can sign in to your applications using their own Facebook accounts. To allow users to sign in using Facebook, you'll first need to [enable self-service sign-up](self-service-sign-up-user-flow.md) for your tenant. After you add Facebook as an identity provider, set up a user flow for the application and select Facebook as one of the sign-in options.
+
 > [!NOTE]
 > Users can only use their Facebook accounts to sign up through apps using self-service sign-up and user flows. Users cannot be invited and redeem their invitation using a Facebook account.
 
diff --git a/articles/active-directory/b2b/identity-providers.md b/articles/active-directory/b2b/identity-providers.md
@@ -20,16 +20,20 @@ ms.collection: M365-identity-device-management
 
 An *identity provider* creates, maintains, and manages identity information while providing authentication services to applications. When sharing your apps and resources with external users, Azure AD is the default identity provider for sharing. This means when you invite external users who already have an Azure AD or Microsoft account, they can automatically sign in without further configuration on your part.
 
-However, you can enable users to sign in with various identity providers. For example, you can set up federation with social identity providers that are supported by Azure AD, including Google and Facebook. You can also federate with any external identity provider that supports the SAML or WS-Fed protocols. With external identity provider federation, you can offer external users the ability to sign in to your apps with their existing social or enterprise accounts.
+However, you can enable users to sign in with various identity providers. For example:
+
+- You can federate with Google to allow your invited users to sign in to your shared apps and resources with their own Gmail accounts. Google federation can also be used in your self-service sign-up user flows.
+- You can set up direct federation with any external identity provider that supports the SAML or WS-Fed protocols, allowing external users to sign in to your apps with their existing social or enterprise accounts. Direct federation can't be used in your self-service sign-up user flows.
+- You can federate with Facebook for use in your self-service sign-up user flows. When building an app, you can configure self-service sign-up and enable Facebook federation so users can sign up for your app using their own Facebook accounts. Note that Facebook isn't available as a sign-in option when users are redeeming an invitation from you.
 
 ## How it works
 
-Azure AD External Identities is preconfigured for federation with Google and Facebook. To set up these identity providers in your Azure AD tenant, you'll create an application at each identity provider and configure credentials. You'll obtain a client or app ID and a client or app secret, which you can then add to your Azure AD tenant.
+The Azure AD External identities feature is pre-configured for federation with Google and Facebook. To set up these identity providers in your Azure AD tenant, you'll create an application at each identity provider and configure credentials. You'll obtain a client or app ID and a client or app secret, which you can then add to your Azure AD tenant.
 
 Once you've added an identity provider to your Azure AD tenant:
 
 - When you invite an external user to apps or resources in your organization, the external user can sign in using their own account with that identity provider.
-- When you enable [self-service sign-up](self-service-sign-up-overview.md) for your apps, external users can sign up for your apps using their own accounts with the identity providers you've added. 
+- When you enable [self-service sign-up](self-service-sign-up-overview.md) for your apps, external users can sign up for your apps using their own accounts with the identity providers you've added.
 
 When redeeming your invitation or signing up for your app, the external user has the option to sign in and authenticate with the social identity provider:
 
diff --git a/articles/active-directory/b2b/self-service-sign-up-overview.md b/articles/active-directory/b2b/self-service-sign-up-overview.md
@@ -22,7 +22,10 @@ ms.collection: M365-identity-device-management
 | Self-service sign-up is a public preview feature of Azure Active Directory. For more information about previews, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).|
 |     |
 
-When sharing applications with external users, you might not always know in advance who will need access to an application. As an alternative to sending invitations directly to individuals, you can allow external users to sign up for specific applications themselves by enabling self-service sign-up. You can create a personalized sign-up experience by customizing the self-service sign-up user flow. For example, you can provide options for Azure AD or social identity providers and collect information about the user.
+When sharing an application with external users, you might not always know in advance who will need access to an application. As an alternative to sending invitations directly to individuals, you can allow external users to sign up for specific applications themselves by enabling self-service sign-up. You can create a personalized sign-up experience by customizing the self-service sign-up user flow. For example, you can provide options for Azure AD or social identity providers and collect information about the user. 
+
+> [!NOTE]
+> You can associate user flows with apps built by your organization. User flows can't be used for Microsoft apps, like SharePoint or Teams.
 
 ## User flow for self-service sign-up
 
diff --git a/articles/active-directory/b2b/self-service-sign-up-user-flow.md b/articles/active-directory/b2b/self-service-sign-up-user-flow.md
@@ -22,7 +22,10 @@ ms.collection: M365-identity-device-management
 | Self-service sign-up is a public preview feature of Azure Active Directory. For more information about previews, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).|
 |     |
 
-Associating your user flow with an application allows you to enable sign-up on that app. You can choose more than one application to be associated with the user flow. Once you associate the user flow with one or more applications, users who visit that app will be able to sign up using the options configured in the user flow.
+You can create user flows for apps that are built by your organization. Associating your user flow with an application allows you to enable sign-up on that app. You can choose more than one application to be associated with the user flow. Once you associate the user flow with one or more applications, users who visit that app will be able to sign up using the options configured in the user flow. 
+
+> [!NOTE]
+> User flows can't be used for Microsoft apps, like SharePoint or Teams.
 
 ## Before you begin
 
