Merging changes synced from https://github.com/MicrosoftDocs/azure-docs-pr (branch live)

Author: Banani-Rath

.openpublishing.redirection.json

@@ -56373,6 +56373,11 @@
       "redirect_url": "/azure/communication-services/quickstarts/identity/service-principal-from-cli",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/communication-services/quickstarts/voice-video-calling/calling-client-samples.md",
+      "redirect_url": "/azure/communication-services/quickstarts/voice-video-calling/getting-started-with-calling",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/virtual-desktop/teams-on-wvd.md",
       "redirect_url": "/azure/virtual-desktop/teams-on-avd",

articles/active-directory/app-provisioning/on-premises-ecma-configure.md

@@ -163,7 +163,7 @@ After waiting, check your data source to see if new users are being provisioned.
 
 1. Use the provisioning logs to determine which users were provisioned successfully or unsuccessfully.
 1. Build custom alerts, dashboards, and queries by using the Azure Monitor integration.
-1. If the provisioning configuration seems to be in an unhealthy state, the application goes into quarantine. Learn more about [quarantine states](https://github.com/MicrosoftDocs/azure-docs-pr/compare/application-provisioning-quarantine-status.md?expand=1).
+1. If the provisioning configuration seems to be in an unhealthy state, the application goes into quarantine. Learn more about [quarantine states](https://github.com/MicrosoftDocs/azure-docs-pr/blob/master/articles/active-directory/app-provisioning/application-provisioning-quarantine-status.md).
 
 ## Next steps
 

articles/active-directory/authentication/howto-password-ban-bad-on-premises-deploy.md

@@ -94,7 +94,7 @@ The following core requirements apply:
     |`https://enterpriseregistration.windows.net`|Azure AD Password Protection functionality|
 
 > [!NOTE]
-> Some endpoints, such as the CRL endpoint, are not addressed in this article. For a list of all supported endpoints, see [Microsoft 365 URLs and IP address ranges](/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide#microsoft-365-common-and-office-online).
+> Some endpoints, such as the CRL endpoint, are not addressed in this article. For a list of all supported endpoints, see [Microsoft 365 URLs and IP address ranges](/microsoft-365/enterprise/urls-and-ip-address-ranges#microsoft-365-common-and-office-online).
 
 ### Azure AD Password Protection DC agent
 

articles/active-directory/conditional-access/concept-conditional-access-cloud-apps.md

@@ -172,7 +172,7 @@ Administrators can select published authentication contexts in their Conditional
 
 For more information about authentication context use in applications, see the following articles.
 
-- [Microsoft Information Protection sensitivity labels to protect SharePoint sites](/microsoft-365/compliance/sensitivity-labels-teams-groups-sites?view=o365-worldwide#more-information-about-the-dependencies-for-the-authentication-context-option&preserve-view=true)
+- [Microsoft Information Protection sensitivity labels to protect SharePoint sites](/microsoft-365/compliance/sensitivity-labels-teams-groups-sites#more-information-about-the-dependencies-for-the-authentication-context-option)
 - [Microsoft Cloud App Security](/cloud-app-security/session-policy-aad?branch=pr-en-us-2082#require-step-up-authentication-authentication-context)
 - [Custom applications](../develop/developer-guide-conditional-access-authentication-context.md)
 

articles/active-directory/develop/TOC.yml

@@ -365,6 +365,8 @@
           href: msal-net-migration.md
         - name: Migrate confidential client apps to MSAL.NET
           href: msal-net-migration-confidential-client.md
+        - name: Migrate public client apps to MSAL.NET
+          href: msal-net-migration-public-client.md
         - name: Migrate Xamarin Android app using broker to MSAL.NET
           href: msal-net-migration-android-broker.md
         - name: Migrate Xamarin iOS app using broker to MSAL.NET

articles/active-directory/develop/includes/msal-net-adoption-steps-public-clients.md

@@ -0,0 +1,23 @@
+---
+title: Common steps for public client migration to MSAL
+description: Include file that explains the common steps you need to take for all public client apps when it comes to migration from ADAL to MSAL.
+services: active-directory
+author: maliksahil
+manager: CelesteDG
+
+ms.service: active-directory
+ms.subservice: develop
+ms.workload: identity
+ms.topic: include
+ms.date: 09/08/2021
+ms.author: sahmalik
+ms.reviewer: jmprieur
+ms.custom: aaddev
+---
+
+The following steps for updating code apply across all the confidential client scenarios:
+
+1. Add the MSAL.NET namespace in your source code: `using Microsoft.Identity.Client;`.
+2. Instead of instantiating `AuthenticationContext`, use `PublicClientApplicationBuilder.Create` to instantiate `IPublicClientApplication`.
+3. Instead of the `resourceId` string, MSAL.NET uses scopes. Because applications that use ADAL.NET are preauthorized, you can always use the following scopes: `new string[] { $"{resourceId}/.default" }`.
+4. Replace the call to `AuthenticationContext.AcquireTokenAsync` with a call to `IPublicClientApplication.AcquireTokenXXX`, where *XXX* depends on your scenario.