You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/develop/scenario-protected-web-api-app-configuration.md
+4Lines changed: 4 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -156,6 +156,10 @@ The validators are described in this table:
156
156
157
157
Thevalidatorsareallassociatedwithpropertiesofthe `TokenValidationParameters` class, themselvesinitializedfromtheASP.NET/ASP.NETCoreconfiguration. Inmostcases, youwon't have to change the parameters. There'soneexception, forappsthataren't single tenants. (That is, web apps that accept users from any organization or from personal Microsoft accounts.) In this case, the issuer must be validated.
158
158
159
+
## Token validation in Azure Functions
160
+
161
+
It's also possible to validate incoming access tokens in Azure functions. You can find examples of validating tokens in Azure functions in [Dotnet](https://github.com/Azure-Samples/ms-identity-dotnet-webapi-azurefunctions), [NodeJS](https://github.com/Azure-Samples/ms-identity-nodejs-webapi-azurefunctions), and [Python](https://github.com/Azure-Samples/ms-identity-python-webapi-azurefunctions).
Copy file name to clipboardExpand all lines: articles/active-directory/users-groups-roles/groups-dynamic-membership.md
+5-3Lines changed: 5 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -354,7 +354,10 @@ The custom property name can be found in the directory by querying a user's prop
354
354
355
355
## Rules for devices
356
356
357
-
You can also create a rule that selects device objects for membership in a group. You can't have both users and devices as group members. The **organizationalUnit** attribute is no longer listed and should not be used. This string is set by Intune in specific cases but is not recognized by Azure AD, so no devices are added to groups based on this attribute.
357
+
You can also create a rule that selects device objects for membership in a group. You can't have both users and devices as group members.
358
+
359
+
> [!NOTE]
360
+
> The **organizationalUnit** attribute is no longer listed and should not be used. This string is set by Intune in specific cases but is not recognized by Azure AD, so no devices are added to groups based on this attribute.
358
361
359
362
> [!NOTE]
360
363
> systemlabels is a read-only attribute that cannot be set with Intune.
@@ -376,9 +379,8 @@ The following device attributes can be used.
376
379
enrollmentProfileName | Apple Device Enrollment Profile, Device enrollment - Corporate device identifiers (Android - Kiosk), or Windows Autopilot profile name | (device.enrollmentProfileName -eq "DEP iPhones")
managementType | MDM (for mobile devices)<br>PC (for computers managed by the Intune PC agent) | (device.managementType -eq "MDM")
379
-
organizationalUnit | a valid on-premises organizational unit (OU) | (device.organizationalUnit -contains "laptop")
380
382
deviceId | a valid Azure AD device ID | (device.deviceId -eq "d4fe7726-5966-431c-b3b8-cddc8fdb717d")
381
-
objectId | a valid Azure AD object ID | (device.objectId -eq 76ad43c9-32c5-45e8-a272-7b58b58f596d")
383
+
objectId | a valid Azure AD object ID | (device.objectId -eq "76ad43c9-32c5-45e8-a272-7b58b58f596d")
382
384
devicePhysicalIds | any string value used by Autopilot, such as all Autopilot devices, OrderID, or PurchaseOrderID | (device.devicePhysicalIDs -any _ -contains "[ZTDId]") (device.devicePhysicalIds -any _ -eq "[OrderID]:179887111881") (device.devicePhysicalIds -any _ -eq "[PurchaseOrderId]:76222342342")
383
385
systemLabels | any string matching the Intune device property for tagging Modern Workplace devices | (device.systemLabels -contains "M365Managed")
Copy file name to clipboardExpand all lines: articles/app-service/configure-ssl-certificate.md
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -320,7 +320,7 @@ Once the renew operation is complete, click **Sync**. The sync operation automat
320
320
321
321
### Export certificate
322
322
323
-
Because App Service Certificates is a [Key Vault secret](../key-vault/about-keys-secrets-and-certificates.md#key-vault-secrets), you can export a PFX copy of it and use it for other Azure services or outside of Azure.
323
+
Because an App Service Certificate is a [Key Vault secret](../key-vault/about-keys-secrets-and-certificates.md#key-vault-secrets), you can export a PFX copy of it and use it for other Azure services or outside of Azure.
324
324
325
325
To export the App Service Certificate as a PFX file, run the following commands in the [Cloud Shell](https://shell.azure.com). You can also run it locally if you [installed Azure CLI](https://docs.microsoft.com/cli/azure/install-azure-cli). Replace the placeholders with the names you used when you [created the App Service certificate](#start-certificate-order).
326
326
@@ -339,7 +339,7 @@ az keyvault secret download \
339
339
--encoding base64
340
340
```
341
341
342
-
The downloaded *appservicecertificate.pfx* file is a raw PKCS12 file that contains both the public and private certificates. Whenever you're prompted, both the import password and the PEM pass phrase are the empty string.
342
+
The downloaded *appservicecertificate.pfx* file is a raw PKCS12 file that contains both the public and private certificates. In each prompt, use an empty string for the import password and the PEM pass phrase.
Copy file name to clipboardExpand all lines: articles/azure-functions/functions-networking-options.md
+6Lines changed: 6 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -112,6 +112,12 @@ When you create a function app, you must create or link to a general-purpose Azu
112
112
113
113
[Learn more about storage account requirements.](./functions-create-function-app-portal.md#storage-account-requirements)
114
114
115
+
### Using Key Vault references
116
+
117
+
Key Vault references allow you to use secrets from Azure Key Vault in your Azure Functions application without requiring any code changes. Azure Key Vault is a service that provides centralized secrets management, with full control over access policies and audit history.
118
+
119
+
Currently [Key Vault references](../app-service/app-service-key-vault-references.md) will not work if your Key Vault is secured with service endpoints. To connect to a Key Vault using virtual network integration you will need to call key vault in your application code.
120
+
115
121
## Virtual network triggers (non-HTTP)
116
122
117
123
Currently, to use function triggers other than HTTP from within a virtual network, you must run your function app in an App Service plan or in an App Service Environment.
Copy file name to clipboardExpand all lines: articles/azure-monitor/app/asp-net-core.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -209,7 +209,7 @@ For more information, see [Configure adaptive sampling for ASP.NET Core applicat
209
209
210
210
### Adding TelemetryInitializers
211
211
212
-
Use [telemetry initializers](https://docs.microsoft.com/azure/azure-monitor/app/api-filtering-sampling#add-properties-itelemetryinitializer) when you want to define global properties that are sent with all telemetry.
212
+
Use [telemetry initializers](https://docs.microsoft.com/azure/azure-monitor/app/api-filtering-sampling#addmodify-properties-itelemetryinitializer) when you want to define global properties that are sent with all telemetry.
213
213
214
214
Add any new `TelemetryInitializer` to the `DependencyInjection` container as shown in the following code. The SDK automatically picks up any `TelemetryInitializer` that's added to the `DependencyInjection` container.
Copy file name to clipboardExpand all lines: articles/azure-monitor/app/asp-net-troubleshoot-no-data.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -171,7 +171,7 @@ You can disable it, but this is not recommended. Sampling is designed so that re
171
171
On February 5 2018, we announced that we removed logging of the Client IP address. This does not affect Geo Location.
172
172
173
173
> [!NOTE]
174
-
> If you need the first 3 octets of the IP address, you can use a [telemetry initializer](https://docs.microsoft.com/azure/application-insights/app-insights-api-filtering-sampling#add-properties-itelemetryinitializer) to add a custom attribute.
174
+
> If you need the first 3 octets of the IP address, you can use a [telemetry initializer](https://docs.microsoft.com/azure/application-insights/app-insights-api-filtering-sampling#addmodify-properties-itelemetryinitializer) to add a custom attribute.
175
175
> This does not affect data collected prior to February 5, 2018.
0 commit comments