Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into p2sconcepts

Author: cherylmc

.openpublishing.redirection.active-directory.json

@@ -10921,6 +10921,11 @@
       "redirect_url": "/azure/azure-percept/index",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/active-directory/reports-monitoring/howto-install-use-log-analytics-views.md",
+      "redirect_url": "/azure/azure-monitor/visualize/workbooks-view-designer-conversion-overview",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/active-directory/fundamentals/active-directory-groups-create-azure-portal.md",
       "redirect_url": "/azure/active-directory/fundamentals/how-to-manage-groups",

.openpublishing.redirection.defender-for-cloud.json

@@ -759,6 +759,11 @@
             "source_path_from_root": "/articles/defender-for-cloud/deploy-vulnerability-assessment-tvm.md",
             "redirect_url": "/azure/defender-for-cloud/deploy-vulnerability-assessment-defender-vulnerability-management",
             "redirect_document_id": true
-        }    
+        },
+        {
+            "source_path_from_root": "/articles/defender-for-cloud/plan-multicloud-security-other-resources.md",
+            "redirect_url": "/azure/defender-for-cloud/multicloud",
+            "redirect_document_id": true
+        }
       ]
 }

articles/active-directory-b2c/add-password-reset-policy.md

@@ -9,8 +9,8 @@ manager: CelesteDG
 ms.service: active-directory
 ms.workload: identity
 ms.topic: how-to
-ms.date: 10/07/2022
-ms.custom: project-no-code
+ms.date: 10/25/2022
+ms.custom: project-no-code, engagement-fy23
 ms.author: kengaderdus
 ms.subservice: B2C
 zone_pivot_groups: b2c-policy-type
@@ -28,13 +28,19 @@ The password reset flow involves the following steps:
 1. In the next dialog that appears, the user enters their email address, and then selects **Send verification code**. Azure AD B2C sends a verification code to the user's email account. The user copies the verification code from the email, enters the code in the Azure AD B2C password reset dialog, and then selects **Verify code**.
 1. The user can then enter a new password. (After the email is verified, the user can still select the **Change e-mail** button; see [Hide the change email button](#hide-the-change-email-button).)
 
-   ![Diagram that shows three dialogs in the password reset flow.](./media/add-password-reset-policy/password-reset-flow.png)
+:::image type="content" source="./media/add-password-reset-policy/password-reset-flow.png" alt-text="Diagram that shows three dialogs in the password reset flow." lightbox="./media/add-password-reset-policy/password-reset-flow.png":::
 
 > [!TIP]
-> A user can change their password by using the self-service password reset flow if they forget their password and want to reset it. Choose one of these user flow options:
+> A user can change their password by using the self-service password reset flow if they forget their password and want to reset it. You can also choose one of the following user flow options:
 > - If a user knows their password and wants to change it, use a [password change flow](add-password-change-policy.md).
 > - If you want to force a user to reset their password (for example, when they sign in for the first time, when their passwords have been reset by an admin, or after they've been migrated to Azure AD B2C with random passwords), use a [force password reset](force-password-reset.md) flow.
 
+The default name of the **Change email** button in *selfAsserted.html* is **changeclaims**. To find the button name, on the sign-up page, inspect the page source by using a browser tool such as _Inspect_.
+
+## Prerequisites
+
+[!INCLUDE [active-directory-b2c-customization-prerequisites](../../includes/active-directory-b2c-customization-prerequisites.md)]
+
 ### Hide the change email button
 
 After the email is verified, the user can still select **Change email**, enter another email address, and then repeat email verification. If you'd prefer to hide the **Change email** button, you can modify the CSS to hide the associated HTML elements in the dialog. For example, you can add the following CSS entry to selfAsserted.html and [customize the user interface by using HTML templates](customize-ui-with-html.md):
@@ -48,12 +54,6 @@ After the email is verified, the user can still select **Change email**, enter a
 </style>
 ```
 
-The default name of the **Change email** button in *selfAsserted.html* is **changeclaims**. To find the button name, on the sign-up page, inspect the page source by using a browser tool like Inspect.
-
-## Prerequisites
-
-[!INCLUDE [active-directory-b2c-customization-prerequisites](../../includes/active-directory-b2c-customization-prerequisites.md)]
-
 ## Self-service password reset (recommended)
 
 The new password reset experience is now part of the sign-up or sign-in policy. When the user selects the **Forgot your password?** link, they are immediately sent to the Forgot Password experience. Your application no longer needs to handle the [AADB2C90118 error code](#password-reset-policy-legacy), and you don't need a separate policy for password reset.
@@ -204,7 +204,7 @@ The sub journey is called from the user journey and performs the specific steps
 
 ### Prepare your user journey
 
-Next, connect the **Forgot your password?** link to the Forgot Password sub journey. Reference the Forgot Password sub journey ID in the **ClaimsProviderSelection** element of the **CombinedSignInAndSignUp** step.
+Next, to connect the **Forgot your password?** link to the **Forgot Password** sub journey you will need to reference the **Forgot Password** sub journey ID in the **ClaimsProviderSelection** element of the **CombinedSignInAndSignUp** step.
 
 If you don't have your own custom user journey that has a **CombinedSignInAndSignUp** step, complete the following steps to duplicate an existing sign-up or sign-in user journey. Otherwise, continue to the next section.
 
@@ -287,9 +287,10 @@ Your application might need to detect whether the user signed in by using the Fo
 1. In the **Portal settings | Directories + subscriptions** pane, find your Azure AD B2C directory in the **Directory name** list, and then select **Switch**.
 1. In the Azure portal, search for and select **Azure AD B2C**.
 1. In the menu under **Policies**, select **Identity Experience Framework**.
-1. Select **Upload custom policy**. In the following order, upload the two policy files that you changed:
-   1. The extension policy, for example, *SocialAndLocalAccounts/TrustFrameworkExtensions.xml*.
-   1. The relying party policy, for example, *SocialAndLocalAccounts/SignUpOrSignin.xml*.
+1. Select **Upload custom policy**. In the following order, upload the policy files that you changed:
+   1. The base file of your policy, for example *TrustFrameworkBase.xml*.  
+   1. The extension policy, for example, *TrustFrameworkExtensions.xml*.
+   1. The relying party policy, for example, *SignUpSignIn.xml*.
 
 ::: zone-end
 
@@ -341,8 +342,8 @@ To let your application users reset their passwords, create a password reset use
 To test the user flow:
 
 1. Select the user flow you created. On the user flow overview page, select **Run user flow**.
-1. For **Application**, select the web application named *webapp1* that you registered earlier. The **Reply URL** should be `https://jwt.ms`.
-1. Select **Run user flow**, verify the email address of the account you created earlier, and then select **Continue**.
+1. For **Application**, select the web application you wish to test, such as the one named *webapp1* if you registered that earlier. The **Reply URL** should be `https://jwt.ms`.
+1. Select **Run user flow**, verify the email address of the account that you want to reset the password for, and then select **Continue**.
 1. Change the password, and then select **Continue**. The token is returned to `https://jwt.ms` and the browser displays it.
 
 ::: zone-end

articles/active-directory-b2c/best-practices.md

@@ -4,13 +4,12 @@ titleSuffix: Azure AD B2C
 description: Recommendations and best practices to consider when working with Azure Active Directory B2C (Azure AD B2C).
 services: active-directory-b2c
 author: vigunase
+ms.author: vigunase
 manager: CelesteDG
-
 ms.service: active-directory
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 10/01/2021
-ms.author: vigunase
+ms.date: 12/01/2022
 ms.subservice: B2C
 ---
 
@@ -32,15 +31,15 @@ Define your application and service architecture, inventory current systems, and
 
 | Best practice | Description |
 |--|--|
-| Architect an end-to-end solution | Include all of your applications' dependencies when planning an Azure AD B2C integration. Consider all services and products that are currently in your environment or that might need to be added to the solution, for example, Azure Functions, customer relationship management (CRM) systems, Azure API Management gateway, and storage services. Take into account the security and scalability for all services. |
+| Architect an end-to-end solution | Include all of your applications' dependencies when planning an Azure AD B2C integration. Consider all services and products that are currently in your environment or that might need to be added to the solution (for example, Azure Functions, customer relationship management (CRM) systems, Azure API Management gateway, and storage services). Take into account the security and scalability for all services. |
 | Document your users' experiences | Detail all the user journeys your customers can experience in your application. Include every screen and any branching flows they might encounter when interacting with the identity and profile aspects of your application. Include usability, accessibility, and localization in your planning. |
 | Choose the right authentication protocol |  For a breakdown of the different application scenarios and their recommended authentication flows, see [Scenarios and supported authentication flows](../active-directory/develop/authentication-flows-app-scenarios.md#scenarios-and-supported-authentication-flows). |
 | Pilot a proof-of-concept (POC) end-to-end user experience | Start with our [Microsoft code samples](integrate-with-app-code-samples.md) and [community samples](https://github.com/azure-ad-b2c/samples). |
 | Create a migration plan |Planning ahead can make migration go more smoothly. Learn more about [user migration](user-migration.md).|
 | Usability vs. security | Your solution must strike the right balance between application usability and your organization's acceptable level of risk. |
 | Move on-premises dependencies to the cloud | To help ensure a resilient solution, consider moving existing application dependencies to the cloud. |
 | Migrate existing apps to b2clogin.com | The deprecation of login.microsoftonline.com will go into effect for all Azure AD B2C tenants on 04 December 2020. [Learn more](b2clogin.md). |
-| Use Identity Protection and Conditional Access | Use these capabilities for significantly greater control over risky authentications and access policies. Azure AD B2C Premium P2 is required. [Learn more](conditional-access-identity-protection-overview.md). |
+| Use Identity Protection and Conditional Access | Use these capabilities for greater control over risky authentications and access policies. Azure AD B2C Premium P2 is required. [Learn more](conditional-access-identity-protection-overview.md). |
 
 ## Implementation
 
@@ -50,7 +49,7 @@ During the implementation phase, consider the following recommendations.
 |--|--|
 | Edit custom policies with the Azure AD B2C extension for Visual Studio Code | Download Visual Studio Code and this community-built [extension from the Visual Studio Code Marketplace](https://marketplace.visualstudio.com/items?itemName=AzureADB2CTools.aadb2c). While not an official Microsoft product, the Azure AD B2C extension for Visual Studio Code includes several features that help make working with custom policies easier. |
 | Learn how to troubleshoot Azure AD B2C | Learn how to [troubleshoot custom policies](./troubleshoot-custom-policies.md?tabs=applications) during development. Learn what a normal authentication flow looks like and use tools for discovering anomalies and errors. For example, use [Application Insights](troubleshoot-with-application-insights.md) to review output logs of user journeys. |
-| Leverage our library of proven custom policy patterns | Find [samples](https://github.com/azure-ad-b2c/samples) for several enhanced Azure AD B2C customer identity and access management (CIAM) user journeys. |
+| Leverage our library of proven custom policy patterns | Find [samples](https://github.com/azure-ad-b2c/samples) for enhanced Azure AD B2C customer identity and access management (CIAM) user journeys. |
 
 ## Testing
 
@@ -62,7 +61,7 @@ Test and automate your Azure AD B2C implementation.
 | Functional and UI testing | Test the user flows end-to-end. Add synthetic tests every few minutes using Selenium, VS Web Test, etc. |
 | Pen-testing | Before going live with your solution, perform penetration testing exercises to verify all components are secure, including any third-party dependencies. Verify you've secured your APIs with access tokens and used the right authentication protocol for your application scenario. Learn more about [Penetration testing](../security/fundamentals/pen-testing.md) and the [Microsoft Cloud Unified Penetration Testing Rules of Engagement](https://www.microsoft.com/msrc/pentest-rules-of-engagement?rtc=1). |
 | A/B Testing | Flight your new features with a small, random set of users before rolling out to your entire population. With JavaScript enabled in Azure AD B2C, you can integrate with A/B testing tools like Optimizely, Clarity, and others. |
-| Load testing | Azure AD B2C can scale, but your application can scale only if all of its dependencies can scale. Load-test your APIs and CDN. |
+| Load testing | Azure AD B2C can scale, but your application can scale only if all of its dependencies can scale. Load-test your APIs and CDN. Learn more about [Resilience through developer best practices](../active-directory/fundamentals/resilience-b2c-developer-best-practices.md).|
 | Throttling |  Azure AD B2C throttles traffic if too many requests are sent from the same source in a short period of time. Use several traffic sources while load testing, and handle the `AADB2C90229` error code gracefully in your applications. |
 | Automation | Use continuous integration and delivery (CI/CD) pipelines to automate testing and deployments, for example, [Azure DevOps](deploy-custom-policies-devops.md). |
 
@@ -75,7 +74,7 @@ Manage your Azure AD B2C environment.
 | Create multiple environments | For easier operations and deployment roll-out, create separate environments for development, testing, pre-production, and production. Create Azure AD B2C tenants for each. |
 | Use version control for your custom policies | Consider using GitHub, Azure Repos, or another cloud-based version control system for your Azure AD B2C custom policies. |
 | Use the Microsoft Graph API to automate the management of your B2C tenants | Microsoft Graph APIs:<br/>Manage [Identity Experience Framework](/graph/api/resources/trustframeworkpolicy?preserve-view=true&view=graph-rest-beta) (custom policies)<br/>[Keys](/graph/api/resources/trustframeworkkeyset?preserve-view=true&view=graph-rest-beta)<br/>[User Flows](/graph/api/resources/identityuserflow?preserve-view=true&view=graph-rest-beta) |
-| Integrate with Azure DevOps | A [CI/CD pipeline](deploy-custom-policies-devops.md) makes moving code between different environments easy and ensures production readiness at all times.   |
+| Integrate with Azure DevOps | A [CI/CD pipeline](deploy-custom-policies-devops.md) makes moving code between different environments easy and ensures production readiness always.   |
 | Integrate with Azure Monitor | [Audit log events](view-audit-logs.md) are only retained for seven days. [Integrate with Azure Monitor](azure-monitor.md) to retain the logs for long-term use, or integrate with third-party security information and event management (SIEM) tools to gain insights into your environment. |
 | Setup active alerting and monitoring | [Track user behavior](./analytics-with-application-insights.md) in Azure AD B2C using Application Insights. |
 
@@ -87,4 +86,4 @@ Stay up to date with the state of the service and find support options.
 |--|--|
 | [Service updates](https://azure.microsoft.com/updates/?product=active-directory-b2c) |  Stay up to date with Azure AD B2C product updates and announcements. |
 | [Microsoft Support](support-options.md) | File a support request for Azure AD B2C technical issues. Billing and subscription management support is provided at no cost. |
-| [Azure status](https://azure.status.microsoft/status) | View the current health status of all Azure services. |
+| [Azure status](https://azure.status.microsoft/status) | View the current health status of all Azure services. |

articles/active-directory-b2c/javascript-and-page-layout.md

@@ -9,8 +9,8 @@ manager: CelesteDG
 ms.service: active-directory
 ms.workload: identity
 ms.topic: how-to
-ms.date: 08/12/2021
-ms.custom: project-no-code, devx-track-js
+ms.date: 10/26/2022
+ms.custom: project-no-code, devx-track-js, engagement-fy23
 ms.author: kengaderdus
 ms.subservice: B2C
 zone_pivot_groups: b2c-policy-type
@@ -139,7 +139,7 @@ You enable script execution by adding the **ScriptExecution** element to the [Re
 
 Follow these guidelines when you customize the interface of your application using JavaScript:
 
-- Don't 
+- Don't:
     - bind a click event on `<a>` HTML elements.
     - take a dependency on Azure AD B2C code or comments.
     - change the order or hierarchy of Azure AD B2C HTML elements. Use an Azure AD B2C policy to control the order of the UI elements.