MicrosoftDocs
diff --git a/‎.openpublishing.publish.config.json
Lines changed: 6 additions & 0 deletions b/‎.openpublishing.publish.config.json
Lines changed: 6 additions & 0 deletions
diff --git a/‎.openpublishing.redirection.active-directory.json
Lines changed: 5 additions & 0 deletions b/‎.openpublishing.redirection.active-directory.json
Lines changed: 5 additions & 0 deletions
diff --git a/‎.openpublishing.redirection.json
Lines changed: 121 additions & 16 deletions b/‎.openpublishing.redirection.json
Lines changed: 121 additions & 16 deletions
diff --git a/‎articles/active-directory-b2c/add-ropc-policy.md
Lines changed: 3 additions & 0 deletions b/‎articles/active-directory-b2c/add-ropc-policy.md
Lines changed: 3 additions & 0 deletions
diff --git a/‎articles/active-directory-b2c/data-residency.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-b2c/data-residency.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory-b2c/enable-authentication-in-node-web-app-with-api.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-b2c/enable-authentication-in-node-web-app-with-api.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory-b2c/enable-authentication-spa-app.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-b2c/enable-authentication-spa-app.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/app-provisioning/provision-on-demand.md
Lines changed: 2 additions & 2 deletions b/‎articles/active-directory/app-provisioning/provision-on-demand.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/active-directory/architecture/auth-sync-overview.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/architecture/auth-sync-overview.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/architecture/security-operations-devices.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/architecture/security-operations-devices.md
Lines changed: 1 addition & 1 deletion
@@ -248,6 +248,12 @@
       "branch": "main",
       "branch_mapping": {}
     },
+    {
+      "path_to_root": "azure-functions-nodejs-v4",
+      "url": "https://github.com/Azure/azure-functions-nodejs-samples",
+      "branch": "main",
+      "branch_mapping": {}
+    },
     {
       "path_to_root": "azure-functions-durable-js",
       "url": "https://github.com/Azure/azure-functions-durable-js",
 
@@ -105,6 +105,11 @@
       "redirect_url": "/azure/active-directory/saas-apps/gainsight-tutorial",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/active-directory/saas-apps/planview-id-tutorial.md",
+      "redirect_url": "/azure/active-directory/saas-apps/planview-admin-tutorial",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/active-directory/saas-apps/postman-provisioning-tutorialy.md",
       "redirect_url": "/azure/active-directory/saas-apps/postman-provisioning-tutorial",
 
@@ -14855,47 +14855,47 @@
         {
             "source_path_from_root": "/articles/scheduler/scheduler-intro.md",
             "redirect_url": "/azure/scheduler/migrate-from-scheduler-to-logic-apps",
-            "redirect_document_id": ""
+            "redirect_document_id": false
         },
         {
             "source_path_from_root": "/articles/scheduler/scheduler-advanced-complexity.md",
             "redirect_url": "/azure/scheduler/migrate-from-scheduler-to-logic-apps",
-            "redirect_document_id": ""
+            "redirect_document_id": false
         },
         {
             "source_path_from_root": "/articles/scheduler/scheduler-concepts-terms.md",
             "redirect_url": "/azure/scheduler/migrate-from-scheduler-to-logic-apps",
-            "redirect_document_id": ""
+            "redirect_document_id": false
         },
         {
             "source_path_from_root": "/articles/scheduler/scheduler-powershell-reference.md",
             "redirect_url": "/azure/scheduler/migrate-from-scheduler-to-logic-apps",
-            "redirect_document_id": ""
+            "redirect_document_id": false
         },
         {
             "source_path_from_root": "/articles/scheduler/scheduler-plans-billing.md",
             "redirect_url": "/azure/scheduler/migrate-from-scheduler-to-logic-apps",
-            "redirect_document_id": ""
+            "redirect_document_id": false
         },
         {
             "source_path_from_root": "/articles/scheduler/scheduler-limits-defaults-errors.md",
             "redirect_url": "/azure/scheduler/migrate-from-scheduler-to-logic-apps",
-            "redirect_document_id": ""
+            "redirect_document_id": false
         },
         {
             "source_path_from_root": "/articles/scheduler/scheduler-high-availability-reliability.md",
             "redirect_url": "/azure/scheduler/migrate-from-scheduler-to-logic-apps",
-            "redirect_document_id": ""
+            "redirect_document_id": false
         },
         {
             "source_path_from_root": "/articles/scheduler/scheduler-outbound-authentication.md",
             "redirect_url": "/azure/scheduler/migrate-from-scheduler-to-logic-apps",
-            "redirect_document_id": ""
+            "redirect_document_id": false
         },
         {
             "source_path_from_root": "/articles/scheduler/get-started-portal.md",
             "redirect_url": "/azure/scheduler/migrate-from-scheduler-to-logic-apps",
-            "redirect_document_id": ""
+            "redirect_document_id": false
         },
         {
             "source_path_from_root": "/articles/search/semantic-ranking.md",
@@ -17100,7 +17100,7 @@
         {
             "source_path_from_root": "/articles/service-fabric/service-fabric-deploy-multiple-apps.md",
             "redirect_url": "/azure/service-fabric/service-fabric-deploy-existing-app",
-            "redirect_document_id": ""
+            "redirect_document_id": false
         },
         {
             "source_path_from_root": "/articles/service-fabric/service-fabric-automate-powershell.md",
@@ -23402,6 +23402,111 @@
             "redirect_url": "/entra/msal/python/advanced/msal-python-token-cache-serialization",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-python-adfs-support.md",
+            "redirect_url": "/entra/msal/python/advanced/msal-python-adfs-support",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-error-handling-dotnet.md",
+            "redirect_url": "/entra/msal/dotnet/advanced/exceptions/msal-error-handling",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-logging-dotnet.md",
+            "redirect_url": "/entra/msal/dotnet/advanced/exceptions/msal-logging",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-net-acquire-token-silently.md",
+            "redirect_url": "/entra/msal/dotnet/acquiring-tokens/acquire-token-silently",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-net-adfs-support.md",
+            "redirect_url": "/entra/msal/dotnet/acquiring-tokens/desktop-mobile/adfs-support",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-net-b2c-considerations.md",
+            "redirect_url": "/entra/msal/dotnet/acquiring-tokens/desktop-mobile/social-identities",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-net-clear-token-cache.md",
+            "redirect_url": "/entra/msal/dotnet/acquiring-tokens/clear-token-cache",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-net-client-assertions.md",
+            "redirect_url": "/entra/msal/dotnet/acquiring-tokens/msal-net-client-assertions",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-net-differences-adal-net.md",
+            "redirect_url": "/entra/msal/dotnet/how-to/differences-adal-msal-net",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-net-initializing-client-applications.md",
+            "redirect_url": "/entra/msal/dotnet/getting-started/initializing-client-applications",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-net-instantiate-confidential-client-config-options.md",
+            "redirect_url": "/entra/msal/dotnet/getting-started/instantiate-confidential-client-config-options",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-net-instantiate-public-client-config-options.md",
+            "redirect_url": "/entra/msal/dotnet/getting-started/instantiate-public-client-config-options",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-net-migration-confidential-client.md",
+            "redirect_url": "/entra/msal/dotnet/how-to/migrate-confidential-client",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-net-migration-public-client.md",
+            "redirect_url": "/entra/msal/dotnet/how-to/migrate-public-client",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-net-provide-httpclient.md",
+            "redirect_url": "/entra/msal/dotnet/advanced/httpclient",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-net-token-cache-serialization.md",
+            "redirect_url": "/entra/msal/dotnet/how-to/token-cache-serialization",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-net-user-gets-consent-for-multiple-resources.md",
+            "redirect_url": "/entra/msal/dotnet/acquiring-tokens/user-gets-consent-for-multiple-resources",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-net-uwp-considerations.md",
+            "redirect_url": "/entra/msal/dotnet/acquiring-tokens/desktop-mobile/uwp",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-net-web-browsers.md",
+            "redirect_url": "/entra/msal/dotnet/acquiring-tokens/using-web-browsers",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-net-migration.md",
+            "redirect_url": "/entra/msal/dotnet/how-to/msal-net-migration",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/microsoft-identity-web.md",
+            "redirect_url": "/entra/msal/dotnet/microsoft-identity-web/",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/networking/azure-orbital-overview.md",
             "redirect_url": "/azure/orbital/overview",
@@ -23715,27 +23820,27 @@
         {
             "source_path_from_root": "/articles/aks/managed-cluster-snapshot.md",
             "redirect_url": "/azure/aks/intro-kubernetes",
-            "redirect_document_id": "false"
+            "redirect_document_id": false
         },
         {
             "source_path_from_root": "/articles/azure-arc/servers/onboard-group-policy-service-principal-encryption.md",
             "redirect_url": "/azure/azure-arc/servers/onboard-group-policy-powershell",
-            "redirect_document_id": "false"
+            "redirect_document_id": false
         },
         {
             "source_path_from_root": "/articles/azure-arc/servers/onboard-group-policy.md",
             "redirect_url": "/azure/azure-arc/servers/onboard-group-policy-powershell",
-            "redirect_document_id": "false"
+            "redirect_document_id": false
         },
         {
             "source_path_from_root": "/articles/azure-arc/kubernetes/plan-at-scale-deployment.md",
             "redirect_url": "/azure/azure-arc/kubernetes/overview",
-            "redirect_document_id": "false"
+            "redirect_document_id": false
         },
         {
             "source_path_from_root": "/articles/azure-arc/kubernetes/tutorial-workload-management.md",
             "redirect_url": "/azure/azure-arc/kubernetes/workload-management",
-            "redirect_document_id": "true"
+            "redirect_document_id": true
         },
         {
           "source_path": "articles/azure-cache-for-redis/redis-cache-insights-overview.md",
@@ -23745,7 +23850,7 @@
         {
             "source_path_from_root": "/articles/aks/uptime-sla.md",
             "redirect_url": "/azure/aks/free-standard-pricing-tiers",
-            "redirect_document_id": "false"
+            "redirect_document_id": false
         },
         {
           "source_path": "articles/dotnet-develop-multitenant-applications.md",
 
@@ -22,6 +22,9 @@ zone_pivot_groups: b2c-policy-type
 
 In Azure Active Directory B2C (Azure AD B2C), the resource owner password credentials (ROPC) flow is an OAuth standard authentication flow. In this flow, an application, also known as the relying party, exchanges valid credentials for tokens. The credentials include a user ID and password. The tokens returned are an ID token, access token, and a refresh token.
 
+> [!WARNING]
+> We recommend that you _don't_ use the ROPC flow. In most scenarios, more secure alternatives are available and recommended. This flow requires a very high degree of trust in the application and carries risks that aren't present in other flows. You should only use this flow when other more secure flows aren't viable.
+
 ## ROPC flow notes
 
 In Azure Active Directory B2C (Azure AD B2C), the following options are supported:
 
@@ -61,7 +61,7 @@ The following locations are in the process of being added to the list. For now,
 
 > Argentina, Brazil, Chile, Colombia, Ecuador, Iraq, Paraguay, Peru, Uruguay, and Venezuela
 
-To find the exact location where your data is located per country/country, refer to [where Azure Active Directory data is located](https://aka.ms/aaddatamap)service.   
+To find the exact location where your data is located per country/region, refer to [where Azure Active Directory data is located](https://aka.ms/aaddatamap)service.   
 
 
 ### Go-Local add-on
 
@@ -185,7 +185,7 @@ npm install @azure/msal-node
     - `authCodeRequest`: The configuration object used to retrieve authorization code. 
     - `tokenRequest`: The configuration object used to acquire a token by authorization code.
     - `sessionConfig`: The configuration object for express session. 
-    - `getAuthCode`: A method that creates the URL of the authorization request, letting the user input credentials and consent to the application. It uses the `getAuthCodeUrl` method, which is defined in the [ConfidentialClientApplication](https://azuread.github.io/microsoft-authentication-library-for-js/ref/classes/_azure_msal_node.confidentialclientapplication.html) class.
+    - `getAuthCode`: A method that creates the URL of the authorization request, letting the user input credentials and consent to the application. It uses the `getAuthCodeUrl` method, which is defined in the [ConfidentialClientApplication](https://azuread.github.io/microsoft-authentication-library-for-js/ref/classes/_azure_msal_node.ConfidentialClientApplication.html) class.
     
     **Express routes**:
     - `/`: 
 
@@ -221,7 +221,7 @@ To specify your Azure AD B2C user flows, do the following:
 
 In this step, implement the methods to initialize the sign-in flow, API access token acquisition, and the sign-out methods. 
 
-For more information, see the [MSAL PublicClientApplication class reference](https://azuread.github.io/microsoft-authentication-library-for-js/ref/classes/_azure_msal_browser.publicclientapplication.html), and [Use the Microsoft Authentication Library (MSAL) to sign in the user](../active-directory/develop/tutorial-v2-javascript-spa.md#use-the-msal-to-sign-in-the-user) articles.
+For more information, see the [Use the Microsoft Authentication Library (MSAL) to sign in the user](../active-directory/develop/tutorial-v2-javascript-spa.md#use-the-msal-to-sign-in-the-user) article.
 
 To sign in the user, do the following:
 
 
@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: app-provisioning
 ms.workload: identity
 ms.topic: how-to
-ms.date: 08/05/2023
+ms.date: 09/11/2023
 ms.author: kenwith
 ms.reviewer: arvinh
 zone_pivot_groups: app-provisioning-cross-tenant-synchronization
@@ -147,7 +147,7 @@ The **View details** section displays the attributes that were modified in the t
 
 #### Troubleshooting tips
 
-* Failures for exporting changes can vary greatly. Check the [documentation for provisioning logs](../reports-monitoring/concept-provisioning-logs.md#error-codes) for common failures.
+* Failures for exporting changes can vary greatly. Check the [documentation for provisioning logs](../reports-monitoring/howto-analyze-provisioning-logs.md#error-codes) for common failures.
 * On-demand provisioning says the group or user can't be provisioned because they're not assigned to the application. There's a replication delay of up to a few minutes between when an object is assigned to an application and when that assignment is honored in on-demand provisioning. You may need to wait a few minutes and try again.  
 
 ## Frequently asked questions
 
@@ -42,7 +42,7 @@ The following table presents authentication Azure AD integration with legacy aut
 | [LDAP authentication](auth-ldap.md)| ![check mark](./media/authentication-patterns/check.png)| | |  |
 | [OAuth 2.0 authentication](auth-oauth2.md)| ![check mark](./media/authentication-patterns/check.png)| ![check mark](./media/authentication-patterns/check.png)| ![check mark](./media/authentication-patterns/check.png)| ![check mark](./media/authentication-patterns/check.png) |
 | [OIDC authentication](auth-oidc.md)| ![check mark](./media/authentication-patterns/check.png)| ![check mark](./media/authentication-patterns/check.png)| ![check mark](./media/authentication-patterns/check.png)| ![check mark](./media/authentication-patterns/check.png) |
-| [Password based SSO authentication](auth-password-based-sso.md )| ![check mark](./media/authentication-patterns/check.png)| ![check mark](./media/authentication-patterns/check.png)| ![check mark](./media/authentication-patterns/check.png)| ![check mark](./media/authentication-patterns/check.png) |
+| [Password based SSO authentication](auth-password-based-sso.md)| ![check mark](./media/authentication-patterns/check.png)| ![check mark](./media/authentication-patterns/check.png)| ![check mark](./media/authentication-patterns/check.png)| ![check mark](./media/authentication-patterns/check.png) |
 | [RADIUS authentication]( auth-radius.md)| ![check mark](./media/authentication-patterns/check.png)| | ![check mark](./media/authentication-patterns/check.png)| ![check mark](./media/authentication-patterns/check.png) |
 | [Remote Desktop Gateway services](auth-remote-desktop-gateway.md)| ![check mark](./media/authentication-patterns/check.png)| ![check mark](./media/authentication-patterns/check.png)| ![check mark](./media/authentication-patterns/check.png)| ![check mark](./media/authentication-patterns/check.png) |
 | [Secure Shell (SSH)](auth-ssh.md) |  ![check mark](./media/authentication-patterns/check.png)| | ![check mark](./media/authentication-patterns/check.png)| ![check mark](./media/authentication-patterns/check.png) |
 
@@ -100,7 +100,7 @@ It might not be possible to block access to all cloud and software-as-a-service
 
 | What to monitor| Risk Level| Where| Filter/sub-filter| Notes |
 | - |- |- |- |- |
-| Sign-ins by non-compliant devices| High| Sign-in logs| DeviceDetail.isCompliant == false| If requiring sign-in from compliant devices, alert when: any sign in by non-compliant devices, or any access without MFA or a trusted location.<p>If working toward requiring devices, monitor for suspicious sign-ins.<br>[Microsoft Sentinel template](https://github.com/Azure/Azure-Sentinel/blob/master/Hunting%20Queries/SigninLogs/SuccessfulSigninFromNon-CompliantDevice.yaml)<br><br>[Sigma rules](https://github.com/SigmaHQ/sigma/tree/master/rules/cloud/azure) |
+| Sign-ins by non-compliant devices| High| Sign-in logs| DeviceDetail.isCompliant == false| If requiring sign-in from compliant devices, alert when: any sign in by non-compliant devices, or any access without MFA or a trusted location.<p>If working toward requiring devices, monitor for suspicious sign-ins.<br><br>[Sigma rules](https://github.com/SigmaHQ/sigma/tree/master/rules/cloud/azure) |
 | Sign-ins by unknown devices| Low| Sign-in logs| DeviceDetail is empty, single factor authentication, or from a non-trusted location| Look for: any access from out of compliance devices, any access without MFA or trusted location<br>[Microsoft Sentinel template](https://github.com/Azure/Azure-Sentinel/blob/master/Detections/SigninLogs/AnomolousSingleFactorSignin.yaml)<br><br>[Sigma rules](https://github.com/SigmaHQ/sigma/tree/master/rules/cloud/azure) |
 
 ### Use LogAnalytics to query