Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into heidist-js

Author: HeidiSteen

.openpublishing.redirection.active-directory.json

@@ -13473,6 +13473,12 @@
       "source_path_from_root": "/articles/active-directory/managed-identities-azure-resources/services-azure-active-directory-support.md",
       "redirect_url": "/azure/active-directory/managed-identities-azure-resources/services-id-authentication-support",
       "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/active-directory/fundamentals/add-users-azure-active-directory.md",
+      "redirect_url": "/azure/active-directory/fundamentals/add-users",
+      "redirect_document_id": false
     }
+   
   ]
 }

.openpublishing.redirection.defender-for-iot.json

@@ -1,5 +1,5 @@
 {
-    "redirections": [
+    "redirections": [          
         {
             "source_path_from_root": "/articles/defender-for-iot/organizations/best-practices/plan-network-monitoring.md",
             "redirect_url": "/azure/defender-for-iot/organizations/best-practices/plan-prepare-deploy",
@@ -17,7 +17,7 @@
         },
         {
             "source_path_from_root": "/articles/defender-for-iot/organizations/how-to-deploy-certificates.md",
-            "redirect_url": "/azure/defender-for-iot/organizations/ot-deploy/activate-deploy-sensor#deploy-an-ssltls-certificate",
+            "redirect_url": "/azure/defender-for-iot/organizations/how-to-manage-individual-sensors#manage-ssltls-certificates",
             "redirect_document_id": false
         },
         {

.openpublishing.redirection.json

@@ -1855,6 +1855,11 @@
             "redirect_url": "/azure/aks/managed-azure-ad",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/aks/monitor-apiserver.md",
+            "redirect_url": "/azure/aks/monitor-aks#resource-logs",
+            "redirect_document_id": false
+        },
         {
             "source_path": "articles/germany/germany-developer-guide.md",
             "redirect_url": "/previous-versions/azure/germany/germany-developer-guide",

articles/active-directory/conditional-access/concept-condition-filters-for-devices.md

@@ -80,6 +80,9 @@ Policy 2: All users with the directory role of Global Administrator, accessing t
 1. Confirm your settings and set **Enable policy** to **On**.
 1. Select **Create** to create to enable your policy.
 
+> [!WARNING]
+> Policies that require compliant devices may prompt users on Mac, iOS, and Android to select a device certificate during policy evaluation, even though device compliance is not enforced. These prompts may repeat until the device is made compliant.
+
 ### Setting attribute values
 
 Setting extension attributes is made possible through the Graph API. For more information about setting device attributes, see the article [Update device](/graph/api/device-update?tabs=http#example-2--write-extensionattributes-on-a-device).

articles/active-directory/conditional-access/concept-continuous-access-evaluation.md

@@ -27,8 +27,6 @@ The initial implementation of continuous access evaluation focuses on Exchange,
 
 To prepare your applications to use CAE, see [How to use Continuous Access Evaluation enabled APIs in your applications](../develop/app-resilience-continuous-access-evaluation.md).
 
-Continuous access evaluation is available in Azure Government tenants (GCC High and DOD) for Exchange Online.
-
 ### Key benefits
 
 - User termination or password change/reset: User session revocation is enforced in near real time.
@@ -88,6 +86,8 @@ This process enables the scenario where users lose access to organizational file
 > [!NOTE]
 > Teams is made up of multiple services and among these the calls and chat services don't adhere to IP-based Conditional Access policies.
 
+Continuous access evaluation is also available in Azure Government tenants (GCC High and DOD) for Exchange Online.
+
 ## Client Capabilities
 
 ### Client-side claim challenge

articles/active-directory/develop/custom-claims-provider-overview.md

@@ -19,12 +19,13 @@ ms.custom: aaddev
 
 # Custom claims provider (preview)
 
-This article provides an overview to the Azure Active Directory (Azure AD) custom claims provider. 
-When a user authenticates to an application, a custom claims provider can be used to add  claims into the token. A custom claims provider is made up of a custom extension that calls an external REST API, to fetch claims from external systems. A custom claims provider can be assigned to one or many applications in your directory.
+This article provides an overview to the Azure Active Directory (Azure AD) custom claims provider.
+When a user authenticates to an application, a custom claims provider can be used to add  claims into the token. A custom claims provider is made up of a custom authentication extension that calls an external REST API, to fetch claims from external systems. A custom claims provider can be assigned to one or many applications in your directory.
 
 Key data about a user is often stored in systems external to Azure AD. For example, secondary email, billing tier, or sensitive information. Some applications may rely on these attributes for the application to function as designed. For example, the application may block access to certain features based on a claim in the token.
 
-The following short video provides an excellent overview of the Azure AD custom extensions and custom claims providers:
+The following short video provides an excellent overview of the Azure AD custom authentication extensions and custom claims providers:
+
 > [!VIDEO https://www.youtube.com/embed/1tPA7B9ztz0]
 
 Use a custom claims provider for the following scenarios:
@@ -34,7 +35,7 @@ Use a custom claims provider for the following scenarios:
 
 ## Token issuance start event listener
 
-An event listener is a procedure that waits for an event to occur. The custom extension uses the **token issuance start** event listener. The  event is triggered when a token is about to be issued to your application. When the event is triggered the custom extension REST API is called to fetch attributes from external systems.
+An event listener is a procedure that waits for an event to occur. The custom authentication extension uses the **token issuance start** event listener. The  event is triggered when a token is about to be issued to your application. When the event is triggered the custom authentication extension REST API is called to fetch attributes from external systems.
 
 For an example using a custom claims provider with the **token issuance start** event listener, check out the [get started with custom claims providers](custom-extension-get-started.md) article.
 
@@ -43,3 +44,5 @@ For an example using a custom claims provider with the **token issuance start**
 - Learn how to [create and register a custom claims provider](custom-extension-get-started.md) with a sample Open ID Connect application.
 - If you already have a custom claims provider registered, you can configure a [SAML application](custom-extension-configure-saml-app.md) to receive tokens with claims sourced from an external store.
 - Learn more about custom claims providers with the [custom claims provider reference](custom-claims-provider-reference.md) article.
+
+

articles/active-directory/develop/custom-extension-configure-saml-app.md

@@ -26,7 +26,7 @@ This article describes how to configure a SAML application to receive tokens wit
 Before configuring a SAML application to receive tokens with external claims, first follow these sections:
 
 - [Create a custom claims provider API](custom-extension-get-started.md#step-1-create-an-azure-function-app)
-- [Register a custom claims extension](custom-extension-get-started.md#step-2-register-a-custom-extension)
+- [Register a custom claims extension](custom-extension-get-started.md#step-2-register-a-custom-authentication-extension)
 
 ## Configure a SAML application that receives enriched tokens
 
@@ -70,7 +70,7 @@ Attributes that return by your custom claims provider API aren't automatically i
 
 1. Select on **Configure** for **Custom claims provider**.
 
-1. Select the custom extension you [registered previously](custom-extension-get-started.md#step-2-register-a-custom-extension) in the **Custom claims provider** dropdown.  Select **Save**.
+1. Select the custom authentication extension you [registered previously](custom-extension-get-started.md#step-2-register-a-custom-authentication-extension) in the **Custom claims provider** dropdown.  Select **Save**.
 
 1. Select **Add new claim** to add a new claim.