Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into yelevin/analytics-tutorial

Author: yelevin

articles/active-directory-b2c/azure-ad-b2c-global-identity-funnel-based-design.md

@@ -1,5 +1,5 @@
 ---
-title: Azure Active Directory B2C global identity framework funnel-based design considerations 
+title: Build a global identity solution with funnel-based approach
 titleSuffix: Azure AD B2C
 description: Learn the funnel-based design consideration for Azure AD B2C to provide customer identity management for global customers.
 services: active-directory-b2c

articles/active-directory-b2c/azure-ad-b2c-global-identity-region-based-design.md

@@ -1,5 +1,5 @@
 ---
-title: Azure Active Directory B2C global identity framework region-based design considerations 
+title: Build a global identity solution with region-based approach
 titleSuffix: Azure AD B2C
 description: Learn the region-based design consideration for Azure AD B2C to provide customer identity management for global customers.
 services: active-directory-b2c

articles/active-directory/authentication/concept-authentication-methods-manage.md

@@ -6,10 +6,11 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 12/06/2022
+ms.date: 01/07/2023
 
 ms.author: justinha
 author: justinha
+ms.reviewer: jpettere
 manager: amycolannino
 
 ms.collection: M365-identity-device-management
@@ -98,9 +99,12 @@ Tenants are set to either Pre-migration or Migration in Progress by default, dep
 
 :::image type="content" border="true" source="./media/concept-authentication-methods-manage/reason.png" alt-text="Screenshot of reasons for rollback.":::
 
-## Known issues
-
-* Currently, all users must be enabled for at least one MFA method that isn't passwordless and the user can register in interrupt mode. Possible methods include Microsoft Authenticator, SMS, voice calls, and software OATH/mobile app code. The method(s) can be enabled in any policy. If a user is not eligible for at least one of those methods, the user will see an error during registration and when visiting My Security Info. We're working to improve this experience to enable fully passwordless configurations. 
+>[!NOTE]
+>After all authentication methods are fully migrated, the following elements of the legacy SSPR policy remain active:
+> - The **Number of methods required to reset** control: admins can continue to change how many authentication methods must be verified before a user can perform SSPR.
+> - The SSPR administrator policy: admins can continue to register and use any methods listed under the legacy SSPR administrator policy or methods they're enabled to use in the Authentication methods policy.
+> 
+> In the future, both of these features will be integrated with the Authentication methods policy.
 
 ## Next steps
 

articles/active-directory/authentication/how-to-authentication-methods-manage.md

@@ -6,10 +6,11 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 12/12/2022
+ms.date: 01/07/2023
 
 ms.author: justinha
 author: justinha
+ms.reviewer: jpettere
 manager: amycolannino
 
 ms.collection: M365-identity-device-management

articles/active-directory/develop/msal-acquire-cache-tokens.md

@@ -45,7 +45,7 @@ The format of the scope value varies depending on the resource (the API) receivi
 
 For Microsoft Graph only, the `user.read` scope maps to `https://graph.microsoft.com/User.Read`, and both scope formats can be used interchangeably.
 
-Certain web APIs such as the Azure Resource Manager API (https://management.core.windows.net/) expect a trailing forward slash ('/') in the audience claim (`aud`) of the access token. In this case, pass the scope as `https://management.core.windows.net//user_impersonation`, including the double forward slash ('//').
+Certain web APIs such as the Azure Resource Manager API (`https://management.core.windows.net/`) expect a trailing forward slash ('/') in the audience claim (`aud`) of the access token. In this case, pass the scope as `https://management.core.windows.net//user_impersonation`, including the double forward slash ('//').
 
 Other APIs might require that *no scheme or host* is included in the scope value, and expect only the app ID (a GUID) and the scope name, for example:
 

articles/aks/includes/keda/current-version-callout.md

@@ -1,7 +1,7 @@
 ---
 author: tomkerkhove
 
-ms.service: container-service
+ms.service: azure-kubernetes-service
 ms.topic: include
 ms.date: 05/24/2022
 ms.author: tomkerkhove

articles/azure-functions/functions-event-grid-blob-trigger.md

@@ -242,6 +242,10 @@ The following features have known limitations in Azure Government:
 - Limitations with multi-factor authentication:
     - Trusted IPs isn't supported in Azure Government. Instead, use Conditional Access policies with named locations to establish when multi-factor authentication should and shouldn't be required based off the user's current IP address.
 
+### National clouds and MSAL
+
+The Microsoft Authentication Library (MSAL) enables application developers in national clouds to acquire tokens in order to authenticate and call secured web APIs. For feature variations and limitations, see [National clouds and MSAL](../active-directory/develop/msal-national-cloud.md).
+
 ## Management and governance
 
 This section outlines variations and considerations when using Management and Governance services in the Azure Government environment. For service availability, see [Products available by region](https://azure.microsoft.com/global-infrastructure/services/?products=managed-applications,azure-policy,network-watcher,monitor,traffic-manager,automation,scheduler,site-recovery,cost-management,backup,blueprints,advisor&regions=usgov-non-regional,us-dod-central,us-dod-east,usgov-arizona,usgov-texas,usgov-virginia&rar=true).

articles/azure-government/compare-azure-government-global-azure.md

@@ -107,12 +107,12 @@ To identify weekly seasonality, the Dynamic Thresholds model requires at least t
 
 ## Dynamic Thresholds is showing values that are not within the range of expected values
 
-When a metric exhibits large fluctuation, Dynamic Thresholds builds a wider model around the metric values. This model can result in a lower border below zero when the metric only has positive values, or in an upper border above 100% when the metric can't exceed 100%. This scenario can happen when:
+When a metric value exhibits large fluctuations, dynamic thresholds may build a wide model around the metric values, which can result in a lower or higher boundary than expected. This scenario can happen when:
 
 - The sensitivity is set to low.
 - The metric exhibits an irregular behavior with high variance, which appears as spikes or dips in the data.
 
-When the lower bound has a negative value, it's plausible for the metric to reach a zero value given the metric's irregular behavior. Consider choosing a higher sensitivity or a larger **Aggregation granularity (Period)** to make the model less sensitive. Or, use the **Ignore data before** option to exclude a recent irregularity from the historical data used to build the model.
+Consider making the model less sensitive by choosing a higher sensitivity or selecting a larger **Aggregation granularity (Period)**.  You can also use the **Ignore data before** option to exclude a recent irregularity from the historical data used to build the model.
 
 ## The Dynamic Thresholds alert rule is too noisy or fires too much
 

articles/azure-monitor/alerts/alerts-dynamic-thresholds.md

@@ -8,7 +8,7 @@ ms.service: cognitive-services
 ms.subservice: openai
 ms.topic: tutorial
 ms.date: 12/14/2022
-author: mrbullwinkle
+author: noabenefraim
 ms.author: mbullwin
 recommendations: false
 ms.custom: