Merge pull request #242963 from FaithOmbongi/patch-5

prmerger-automator[bot] · web-flow · commit 2cea71286fcf · 2023-06-27T09:23:30.000Z
Update Graph link for authenticationBehaviors
diff --git a/articles/active-directory/develop/migrate-off-email-claim-authorization.md b/articles/active-directory/develop/migrate-off-email-claim-authorization.md
@@ -43,7 +43,7 @@ This risk of unauthorized access has only been found in multi-tenant apps, as a
 
 To secure applications from mistakes with unverified email addresses, all new multi-tenant applications are automatically opted-in to a new default behavior that removes email addresses with unverified domain owners from tokens as of June 2023. This behavior is not enabled for single-tenant applications and multi-tenant applications with previous sign-in activity with domain-owner unverified email addresses. 
 
-Depending on your scenario, you may determine that your application's tokens should continue receiving unverified emails. While not recommended for most applications, you may disable the default behavior by setting the `removeUnverifiedEmailClaim` property in the [Authentication Behaviors Microsoft Graph API](/graph/api/resources/authenticationbehaviors).
+Depending on your scenario, you may determine that your application's tokens should continue receiving unverified emails. While not recommended for most applications, you may disable the default behavior by setting the `removeUnverifiedEmailClaim` property in the [authenticationBehaviors object of the applications API in Microsoft Graph](/graph/applications-authenticationbehaviors).
 
 By setting `removeUnverifiedEmailClaim` to `false`, your application will receive `email` claims that are potentially unverified and subject users to account takeover risk. If you're disabling this behavior in order to not break user login flows, it's highly recommended to migrate to a uniquely identifying token claim mapping as soon as possible, as described in the guidance below. 
 
@@ -125,4 +125,4 @@ If your application uses `email` (or any other mutable claim) for authorization
 ## Next steps
 
 - To learn more about using claims-based authorization securely, see [Secure applications and APIs by validating claims](claims-validation.md)
-- For more information about optional claims, see the [optional claims reference](./optional-claims-reference.md)
+- For more information about optional claims, see the [optional claims reference](./optional-claims-reference.md)
