Merging changes synced from https://github.com/MicrosoftDocs/azure-docs-pr (branch live)

Author: Learn Build Service GitHub App

.openpublishing.redirection.json

@@ -1,5 +1,15 @@
 {
     "redirections": [
+    {
+      "source_path": "articles/storage/queues/storage-ruby-how-to-use-queue-storage.md",
+      "redirect_url": "/previous-versions/azure/storage/queues/storage-ruby-how-to-use-queue-storage",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/storage/queues/storage-php-how-to-use-queues.md",
+      "redirect_url": "/previous-versions/azure/storage/queues/storage-php-how-to-use-queues",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/storage/tables/table-storage-design-encrypt-data.md",
       "redirect_url": "/previous-versions/azure/storage/tables/table-storage-design-encrypt-data",
@@ -22031,6 +22041,16 @@
             "redirect_url": "/azure/active-directory/develop/zero-trust-for-developers",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/web-app-quickstart-portal-node-js-passport.md",
+            "redirect_url": "/azure/active-directory/develop/web-app-quickstart?pivots=devlang-nodejs-msal",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/quickstart-v2-nodejs-webapp.md",
+            "redirect_url": "/azure/active-directory/develop/web-app-quickstart?pivots=devlang-nodejs-msal",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/networking/azure-orbital-overview.md",
             "redirect_url": "/azure/orbital/overview",

articles/active-directory/app-provisioning/how-provisioning-works.md

@@ -74,8 +74,12 @@ You can use scoping filters to define attribute-based rules that determine which
 
 ### B2B (guest) users
 
-It's possible to use the Azure AD user provisioning service to provision B2B (guest) users in Azure AD to SaaS applications. 
-However, for B2B users to sign in to the SaaS application using Azure AD, the SaaS application must have its SAML-based single sign-on capability configured in a specific way. For more information on how to configure SaaS applications to support sign-ins from B2B users, see [Configure SaaS apps for B2B collaboration](../external-identities/configure-saas-apps.md).
+It's possible to use the Azure AD user provisioning service to provision B2B (guest) users in Azure AD to SaaS applications. However, for B2B users to sign in to the SaaS application using Azure AD, you must manually configure the SaaS application to use Azure AD as a Security Assertion Markup Language (SAML) identity provider. 
+
+Follow these general guidelines when configuring SaaS apps for B2B (guest) users:  
+- For most of the apps, user setup needs to happen manually. Users must be created manually in the app as well.
+- For apps that support automatic setup, such as Dropbox, separate invitations are created from the apps. Users must be sure to accept each invitation.
+- In the user attributes, to mitigate any issues with mangled user profile disk (UPD) in guest users, always set the user identifier to **user.mail**.
 
 > [!NOTE]
 > The userPrincipalName for a B2B user represents the external user's email address alias@theirdomain as "alias_theirdomain#EXT#@yourdomain". When the userPrincipalName attribute is included in your attribute mappings as a source attribute, and a B2B user is being provisioned, the #EXT# and your domain is stripped from the userPrincipalName, so only their original alias@theirdomain is used for matching or provisioning. If you require the full user principal name including #EXT# and your domain to be present, replace userPrincipalName with originalUserPrincipalName as the source attribute. <br />

articles/active-directory/develop/index-web-app.yml

@@ -28,8 +28,6 @@ landingContent:
             url: web-app-quickstart.md?pivots=devlang-java
           - text: Node.js with MSAL
             url: web-app-quickstart.md?pivots=devlang-nodejs-msal
-          - text: Node.js with Passport
-            url: web-app-quickstart.md?pivots=devlang-nodejs-passport
           - text: Python
             url: web-app-quickstart.md?pivots=devlang-python
   - title: "Learn by building"

articles/active-directory/develop/quickstart-v2-nodejs-webapp.md

@@ -84,6 +84,9 @@ If you're following along with the web API scenario described in this set of art
 - **User consent description**: _Accesses the TodoListService web API as a user_
 - **State**: _Enabled_
 
+> [!TIP] 
+> For the **Application ID URI**, you have the option to set it to the physical authority of the API, for example `https://graph.microsoft.com`. This can be useful if the URL of the API that needs to be called is known.
+
 ### If your web API is called by a service or daemon app
 
 Expose _application permissions_ instead of delegated permissions if your API should be accessed by daemons, services, or other non-interactive (by a human) applications. Because daemon- and service-type applications run unattended and authenticate with their own identity, there is no user to "delegate" their permission.

articles/active-directory/develop/scenario-protected-web-api-app-registration.md

@@ -30,10 +30,6 @@ zone_pivot_groups: web-app-quickstart
 [!INCLUDE [node.js-msal](./includes/web-app/quickstart-nodejs-msal.md)]
 ::: zone-end
 
-::: zone pivot="devlang-nodejs-passport"
-[!INCLUDE [node.js-passport](./includes/web-app/quickstart-nodejs.md)]
-::: zone-end
-
 ::: zone pivot="devlang-java"
 [!INCLUDE [java](./includes/web-app/quickstart-java.md)]
 ::: zone-end