Merge pull request #291312 from MicrosoftDocs/main

12/3/2024 AM Publish

Author: Taojunshen

articles/active-directory-b2c/media/partner-nok-nok/nok-nok-architecture-diagram.png

@@ -1,7 +1,7 @@
 ---
-title: Tutorial to configure Nok Nok Passport with Azure Active Directory B2C for passwordless FIDO2 authentication
+title: Tutorial to configure Nok Nok S3 Authentication Suite with Azure Active Directory B2C for FIDO passkey authentication
 titleSuffix: Azure AD B2C
-description: Configure Nok Nok Passport with Azure AD B2C to enable passwordless FIDO2 authentication
+description: Configure Nok Nok S3 Authentication Suite with Azure AD B2C to enable FIDO passkey authentication
 author: gargi-sinha
 manager: martinco
 ms.reviewer: kengaderdus
@@ -12,54 +12,56 @@ ms.date: 06/21/2024
 ms.author: gasinh
 ms.subservice: b2c
 
-# Customer intent: I'm a developer integrating Azure Active Directory B2C with a third-party authentication provider. I want to learn how to configure Nok Nok Passport as an identity provider (IdP) in Azure AD B2C. My goal is to enable passwordless FIDO authentication for my users.
+# Customer intent: I'm a developer integrating Azure AD B2C with a third-party authentication provider. I want to learn how to configure Nok Nok S3 Authentication Suite as an identity provider (IdP) in Azure AD B2C. My goal is to implement FIDO Passkey authentication for my users.
 ---
-# Tutorial: Configure Nok Nok Passport with Azure Active Directory B2C for passwordless FIDO2 authentication
+# Tutorial: Configure Nok Nok S3 Authentication Suite with Azure AD B2C for FIDO Passkey Authentication
 
-Learn to integrate the Nok Nok S3 Authentication Suite into your Azure Active Directory B2C (Azure AD B2C) tenant. The Nok Nok solutions enable FIDO certified multi-factor authentication such as FIDO UAF, FIDO U2F, WebAuthn, and FIDO2 for mobile and web applications. Nok Nok solutions improve security posture while balancing user the experience.
+Learn to integrate the Nok Nok S3 Authentication Suite into your Azure Active Directory (AD) B2C tenant. The Nok Nok solution enables FIDO-certified multifactor authentication such as FIDO UAF, FIDO U2F, WebAuthn, and FIDO2 for mobile and web applications. The Nok Nok solution strengthens your security while maintaining an optimal user experience.
 
-Go to noknok.com to learn more: [Nok Nok Labs, Inc.](https://noknok.com/)
+Learn more at [Nok Nok](https://noknok.com/)
 
 ## Prerequisites
 
 To get started, you need:
 
-* An Azure subscription
-  * If you don't have one, get a [Azure free account](https://azure.microsoft.com/free/)
-* An Azure AD B2C tenant linked to the Azure subscription
-  * [Tutorial: Create an Azure Active Directory B2C tenant](tutorial-create-tenant.md) 
-* Go to [noknok.com](https://noknok.com/).
-  * On the top menu, select **Demo**.
+* An Azure subscription. If you don't have one, get an [Azure free account](https://azure.microsoft.com/free/).
+* An Azure AD B2C tenant linked to the Azure subscription [Tutorial: Create an Azure AD B2C tenant](tutorial-create-tenant.md).
+* A Nok Nok Cloud evaluation tenant for FIDO registration and authentication.
 
 ## Scenario description
 
-To enable passwordless FIDO authentication for your users, enable Nok Nok as an identity provider (IdP) in your Azure AD B2C tenant. The Nok Nok solution integration includes the following components:
+To enable Passkey authentication for your users, enable Nok Nok as an identity provider (IdP) in your Azure AD B2C tenant. The Nok Nok integration includes the following components:
 
-* **Azure AD B2C** – authorization server that verifies user credentials
-* **Web and mobile applications** – mobile or web apps to protect with Nok Nok solutions and Azure AD B2C
-* **Nok Nok app SDK or Passport app** – authenticate Azure AD B2C enabled applications. 
-  * Go to the Apple App Store for [Nok Nok Passport](https://apps.apple.com/us/app/nok-nok-passport/id1050437340)
-  * Or, Google Play [Nok Nok Passport](https://play.google.com/store/apps/details?id=com.noknok.android.passport2&hl=en&gl=US)
+* **Azure AD B2C** – authorization server that verifies user credentials.
+* **Web and mobile applications** – mobile or web apps to protect with Nok Nok solutions and Azure AD B2C.
+* **Nok Nok Tutorial Web App** – application to register the passkey on your device.
+* **Nok Nok Sign in App** – application for authenticating Azure AD B2C applications using passkey.
 
-The following diagram illustrates the Nok Nok solution as an IdP for Azure AD B2C by using OpenID Connect (OIDC) for passwordless authentication.
 
-   ![Diagram of Nok Nok as IdP for Azure AD B2C using OpenID Connect (OIDC) for passwordless authentication.](./media/partner-nok-nok/nok-nok-architecture-diagram.png)
+The following diagram illustrates the Nok Nok solution as an IdP for Azure AD B2C by using OpenID Connect (OIDC) for Passkey authentication.
+
+![Diagram of Nok Nok as IdP for Azure AD B2C using OpenID Connect (OIDC) for Passkey authentication.](./media/partner-nok-nok/nok-nok-architecture-diagram.png)
+
+### Scenario 1: Passkey Registration
+1. The user navigates to the Nok Nok Tutorial Web App using the link provided by Nok Nok.
+2. The user enters their Azure AD B2C username and default tutorial app password.
+3. The user receives a prompt to register the passkey.
+4. The Nok Nok server validates the passkey credential and confirms successful passkey registration to the user.
+5. The passkey on the user's device is ready for authentication.
+
+### Scenario 2: Passkey Authentication
+1. The user selects the Sign in with Nok Nok Cloud button on the Azure AD B2C Sign in page.
+2. Azure AD B2C redirects the user to the Nok Nok Signin App.
+3. User authenticates with their passkey.
+4. The Nok Nok server validates the passkey assertion and sends an OIDC authentication response to Azure AD B2C.
+5. Based on the authentication result, Azure AD B2C either grants or denies access to the target application.
 
-1. At the sign-in page, select sign-in or sign-up and enters the username.
-2. Azure AD B2C redirects to the Nok Nok OIDC authentication provider.
-3. For mobile authentications, a QR code appears or push notification goes to the user device. For desktop sign-in, the user is redirected to the web app sign-in page for passwordless authentication.
-4. Scan the QR code with the Nok Nok app SDK or Passport app. Or, username is the sign-in page input.
-5. A prompt appears for authentication. Perform passwordless authentication: biometrics, device PIN, or any roaming authenticator.
-6. The authentication prompt appears on the web application.
-7. Perform passwordless authentication: biometrics, device PIN, or any roaming authenticator. 
-8. The Nok Nok server validates FIDO assertion and sends OIDC authentication response to Azure AD B2C.
-9. The user is granted or denied access.
 
 ## Get started with Nok Nok
 
-1. Go to noknok.com [Contact](https://noknok.com/contact/). 
-2. Fill out the form for a Nok Nok tenant. 
-3. An email arrives with tenant access information and links to documentation. 
+1. [Contact](https://noknok.com/contact/) Nok Nok.
+2. Fill out the form for a Nok Nok tenant.
+3. An email arrives with tenant access information and links to documentation.
 4. Use the Nok Nok integration documentation to complete the tenant OIDC configuration.
 
 ## Integrate with Azure AD B2C
@@ -70,8 +72,8 @@ Use the following instructions to add and configure an IdP, and then configure a
 
 For the following instructions, use the directory with the Azure AD B2C tenant. To add a new IdP:
 
-1. Sign in to the [Azure portal](https://portal.azure.com/#home) as at least B2C IEF Policy Administrator of the Azure AD B2C tenant.
-2. In the portal toolbar, select the **Directories + subscriptions**.
+1. Sign in to the [Azure portal](https://portal.azure.com/#home) as at least as the B2C IEF Policy Administrator of the Azure AD B2C tenant.
+2. In the portal toolbar, select **Directories + subscriptions**.
 3. On **Portal settings, Directories + subscriptions**, in the **Directory name** list, locate the Azure AD B2C directory.
 4. Select **Switch**.
 5. In the top-left corner of the Azure portal, select **All services**.
@@ -80,24 +82,21 @@ For the following instructions, use the directory with the Azure AD B2C tenant.
 8. Select **Identity providers**.
 9. Select **Add**.
 
-### Configure an Identity provider 
+### Configure an Identity provider
 
 To configure an IdP:
 
 1. Select **Identity provider type** > **OpenID Connect (Preview)**.
 2. For **Name**, enter the Nok Nok Authentication Provider, or another name.
-3. For **Metadata URL**, enter the hosted Nok Nok Authentication app URI, followed by the path such as `https://demo.noknok.com/mytenant/oidc/.well-known/openid-configuration`.
+3. For **Metadata URL**, enter the following URL after replacing the placeholder with the tenant ID provided by Nok Nok: `https://cloud.noknok.com/<tenant_id>/webapps/nnlfed/realms/<tenant_id>/.well-known/openid-configuration`.
 4. For **Client Secret**, use the Client Secret from Nok Nok.
 5. For **Client ID**, use the Client ID provided by Nok Nok.
-6. For **Scope**, use **OpenID profile email**.
+6. For **Scope**, use **openid**.
 7. For **Response type**, use **code**.
 8. For **Response mode**, use **form_post**.
-9. Select **OK**.
-10. Select **Map this identity provider’s claims**.
-11. For **UserID**, select **From subscription**.
-12. For **Display name**, select **From subscription**.
-13. For **Response mode**, select **From subscription**. 
-14. Select **Save**.
+9. For **User ID**, use **sub**.
+10. For **Display name**, use **sub**.
+11. Select **Save**.
 
 ### Create a user flow policy
 
@@ -106,31 +105,24 @@ For the following instructions, Nok Nok is a new OIDC IdP in the B2C identity pr
 1. In your Azure AD B2C tenant, under **Policies**, select **User flows**.
 2. Select **New**.
 3. Select **Sign up and sign in**.
-4. Select a **version**.
+4. Select a **Version**.
 5. Select **Create**.
 6. Enter a policy **Name**.
 7. In **Identity providers**, select the created Nok Nok IdP.
-8. You can add an email address. Azure won't redirect sign-in to Nok Nok; a screen appears with user options.
+8. Check **Email signup** under **Local accounts** to display an intermediate Azure AD B2C signin/signup page with a button that redirects the user to the Nok Nok Signin App.
 9. Leave the **Multi-factor Authentication** field.
-10. Select **Enforce conditional access policies**.
-11. Under **User attributes and token claims**, in the Collect attribute option, select **Email Address**. 
-12. Add user attributes for Microsoft Entra ID to collect, with claims that Azure AD B2C returns to the client application.
-13. Select **Create**.
-14. Select the new **User flow**.
-15. On the left panel, select **Application Claims**. 
-16. Under options, select the **email** checkbox
-17. Select **Save**.
+10. Click **Create** to save.
 
 ## Test the user flow
 
-1. Open the Azure AD B2C tenant. Under **Policies** select **Identity Experience Framework**.
+1. Open the Azure AD B2C tenant. Under **Policies**, select **Identity Experience Framework**.
 2. Select the created **SignUpSignIn**.
 3. Select **Run user flow**.
 4. For **Application**, select the registered app. The example is JWT.
-5. For **Reply URL**, select the redirect URL.
+5. For **Reply URL**, select the redirect URL of the application that you previously selected at the previous step.
 6. Select **Run user flow**.
-7. Perform a sign-up flow and create an account.
-8. After the user attribute is created, Nok Nok is called.
+7. Perform signin using the Azure AD B2C username and the passkey that you previously registered for the same user.
+8. Verify that you received the token after authentication.
 
 If the flow is incomplete, confirm the user is or isn't saved in the directory.
 

articles/active-directory-b2c/partner-nok-nok.md

@@ -60,7 +60,7 @@ For more advanced use cases, you can create and upload a custom widget to the de
 
 ### Prerequisites 
 
-* Install [Node.JS runtime](https://nodejs.org/en/) locally 
+* Install [Node.js runtime](https://nodejs.org/en/) locally 
 * Basic knowledge of programming and web development
 
 ### Create widget

articles/api-management/developer-portal-extend-custom-functionality.md

@@ -182,7 +182,7 @@ Define secrets to use with the Docker Login action. The example in this document
 
 ## Build the Container image
 
-The following example show part of the workflow that builds a Node.JS Docker image. Use [Docker Login](https://github.com/azure/docker-login) to log into a private container registry. This example uses Azure Container Registry but the same action works for other registries. 
+The following example show part of the workflow that builds a Node.js Docker image. Use [Docker Login](https://github.com/azure/docker-login) to log into a private container registry. This example uses Azure Container Registry but the same action works for other registries. 
 
 
 ```yaml

articles/app-service/deploy-container-github-action.md

@@ -5,7 +5,7 @@ ms.assetid: 582bb3c2-164b-42f5-b081-95bfcb7a502a
 author: msangapu-msft
 ms.author: msangapu
 ms.topic: quickstart
-ms.date: 08/28/2024
+ms.date: 12/02/2024
 ms.devlang: javascript
 zone_pivot_groups: app-service-vscode-cli-portal
 ms.custom: mvc, devcenter, devdivchpfy22, devx-track-js, ai-video-demo
@@ -30,7 +30,7 @@ The steps in the video are also described in the following sections.
 :::zone target="docs" pivot="development-environment-vscode"
 
 - Have an Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?utm_source=campaign&utm_campaign=vscode-tutorial-app-service-extension&mktingSource=vscode-tutorial-app-service-extension).
-- Install [Node.js and npm](https://nodejs.org). Run the command `node --version` to verify that Node.js is installed.
+- Install [Node.js LTS](https://nodejs.org). Run the command `node --version` to verify that Node.js is installed.
 - Install [Visual Studio Code](https://code.visualstudio.com/).
 - Install the [Azure App Service extension](https://marketplace.visualstudio.com/items?itemName=ms-azuretools.vscode-azureappservice) for Visual Studio Code.
  <!-- - <a href="https://git-scm.com/" target="_blank">Install Git</a> -->
@@ -40,7 +40,7 @@ The steps in the video are also described in the following sections.
 :::zone target="docs" pivot="development-environment-cli"
 
 - Have an Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?utm_source=campaign&utm_campaign=vscode-tutorial-app-service-extension&mktingSource=vscode-tutorial-app-service-extension).
-- Install [Node.js LTS and npm](https://nodejs.org). Run the command `node --version` to verify that Node.js is installed.
+- Install [Node.js LTS](https://nodejs.org). Run the command `node --version` to verify that Node.js is installed.
 - Install <a href="/cli/azure/install-azure-cli" target="_blank">Azure CLI</a>, with which you run commands in a shell to create and configure Azure resources.
 
 ::: zone-end
@@ -49,7 +49,7 @@ The steps in the video are also described in the following sections.
 :::zone target="docs" pivot="development-environment-azure-portal"
 
 - Have an Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?utm_source=campaign&utm_campaign=vscode-tutorial-app-service-extension&mktingSource=vscode-tutorial-app-service-extension).
-- Install [Node.js LTS and npm](https://nodejs.org). Run the command `node --version` to verify that Node.js is installed.
+- Install [Node.js LTS](https://nodejs.org). Run the command `node --version` to verify that Node.js is installed.
 - Have an FTP client (for example, [FileZilla](https://filezilla-project.org)), to connect to your app.
 
 ::: zone-end
@@ -60,18 +60,26 @@ In this step, you create a basic Node.js application and ensure it runs on your
 > [!TIP]
 > If you have already completed the [Node.js tutorial](https://code.visualstudio.com/docs/nodejs/nodejs-tutorial), you can skip ahead to [Deploy to Azure](#deploy-to-azure).
 
-1. Create a Node.js application using the [Express Generator](https://expressjs.com/starter/generator.html), which is installed by default with Node.js and npm.
+1. Create a Node.js application using the [Express Generator](https://expressjs.com/starter/generator.html), which is installed by default with Node.js and npm. 
 
     ```bash
     npx express-generator myExpressApp --view ejs
     ```
 
+    If this is the first time you've installed the generator, npx will ask you to agree to the installation.
+
 1. Change to the application's directory and install the npm packages.
 
     ```bash
     cd myExpressApp && npm install
     ```
 
+1. Update dependencies to the most secure version.
+
+    ```bash
+    npm audit fix --force
+    ```
+
 1. Start the development server with debug information.
 
     ```bash

articles/app-service/quickstart-nodejs.md

@@ -313,7 +313,7 @@ For each package that you put into the package repository, you need a Nuspec tha
 must be compiled and stored on your NuGet server. For more information, see
 [[Create a NuGet package using nuget.exe CLI]][15].
 
-You can use **MyGet.org** as a NuGet server. You can buy this service, but thee is a free starter
+You can use **MyGet.org** as a NuGet server. You can buy this service, but there is a free starter
 SKU. For instructions on installing your own NuGet server for your private packages, see the
 documentation on [Nuget.org][21].
 

articles/automation/automation-dsc-cd-chocolatey.md

@@ -6,14 +6,24 @@ author: b-hchen
 ms.service: azure-netapp-files
 ms.custom: linux-related-content
 ms.topic: overview
-ms.date: 11/12/2024
+ms.date: 12/03/2024
 ms.author: anfdocs
 ---
 
 # What's new in Azure NetApp Files
 
 Azure NetApp Files is updated regularly. This article provides a summary about the latest new features and enhancements.
 
+## December 2024
+
+* [Cloud Backup for Virtual Machines on Azure NetApp Files datastores for Azure VMware Solution:](../azure-vmware/install-cloud-backup-virtual-machines.md) enhanced backup capabilities (Preview)
+
+    Cloud Backup for Virtual Machines now integrates with [Azure NetApp Files backup](backup-introduction.md), significantly enhancing data protection by offering a fully managed backup solution for long-term recovery, archiving, and compliance. This integration allows you to mount a datastore from a snapshot or Azure NetApp Files backup to restore files. You can [mount the backup](../azure-vmware/configure-cloud-backup-virtual-machine.md) to either the Azure VMware Solution host where it was created or to an alternate host.
+    
+    Cloud Backup for Virtual Machines now also includes the capability to [attach one or more VMDKs](../azure-vmware/configure-cloud-backup-virtual-machine.md) from a backup to the parent VM, to an alternate VM on the same Azure VMware Solution host, or to an alternate VM on an alternate host managed by the same vCenter instance.
+    
+    Cloud Backup for Virtual Machines also enables you [to restore a virtual machine](../azure-vmware/restore-azure-netapp-files-vms.md) to an alternate location on the same Azure VMware Solution host or a different host managed by the same vCenter instance. Additionally, it supports [restoring guest files and folders from a snapshot or an Azure NetApp Files backup](../azure-vmware/restore-guest-files-folders.md).
+
 ## November 2024
 
 * [Cool access support for large volumes](large-volumes-requirements-considerations.md#register-the-feature)

articles/azure-netapp-files/whats-new.md

@@ -98,7 +98,7 @@ The following functions are available for working with lambda expressions. All o
 * [sort](bicep-functions-lambda.md#sort)
 * [toObject](bicep-functions-lambda.md#toobject)
 
-## Logical functions
+## Logical function
 
 The following function is available for working with logical conditions. This function is in the `sys` namespace.