MicrosoftDocs
diff --git a/‎.openpublishing.redirection.json
Lines changed: 1 addition & 11 deletions b/‎.openpublishing.redirection.json
Lines changed: 1 addition & 11 deletions
diff --git a/‎articles/active-directory-b2c/solution-articles.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-b2c/solution-articles.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/develop/TOC.yml
Lines changed: 5 additions & 18 deletions b/‎articles/active-directory/develop/TOC.yml
Lines changed: 5 additions & 18 deletions
diff --git a/‎articles/active-directory/develop/desktop-app-quickstart.md
Lines changed: 32 additions & 0 deletions b/‎articles/active-directory/develop/desktop-app-quickstart.md
Lines changed: 32 additions & 0 deletions
diff --git a/‎articles/active-directory/develop/includes/desktop-app/quickstart-nodejs-electron.md
Lines changed: 218 additions & 0 deletions b/‎articles/active-directory/develop/includes/desktop-app/quickstart-nodejs-electron.md
Lines changed: 218 additions & 0 deletions
@@ -65,11 +65,6 @@
       "redirect_url": "/previous-versions/azure/machine-learning/classic/deploy-consume-web-service-guide",
       "redirect_document_id": false
     },
-    {
-      "source_path": "articles/machine-learning/classic/deploy-with-resource-manager-template.md",
-      "redirect_url": "/previous-versions/azure/machine-learning/classic/deploy-with-resource-manager-template",
-      "redirect_document_id": false
-    },
     {
       "source_path": "articles/machine-learning/classic/evaluate-model-performance.md",
       "redirect_url": "/previous-versions/azure/machine-learning/classic/evaluate-model-performance",
@@ -34570,7 +34565,7 @@
     },
     {
       "source_path_from_root": "/articles/security/fundamentals/channel-nine.md",
-      "redirect_url": "https://channel9.msdn.com/",
+      "redirect_url": "/teamblog/channel9joinedmicrosoftlearn/",
       "redirect_document_id": false
     },
     {
@@ -41793,11 +41788,6 @@
       "redirect_url": "/azure/cognitive-services/Content-Moderator/overview",
       "redirect_document_id": false
     },
-    {
-      "source_path_from_root": "/articles/cognitive-services/Content-Moderator/facebook-post-moderation.md",
-      "redirect_url": "/azure/cognitive-services/Content-Moderator/overview",
-      "redirect_document_id": false
-    },
     {
       "source_path_from_root": "/articles/cognitive-services/Content-Moderator/moderation-jobs-quickstart-dotnet.md",
       "redirect_url": "/azure/cognitive-services/Content-Moderator/overview",
 
@@ -18,7 +18,7 @@ Azure Active Directory B2C (Azure AD B2C) enables organizations to implement bus
 
 | Title | Medium | Description |
 | ----- | ------ |----------- |
-| [Customer Identity Management with Azure AD B2C](https://channel9.msdn.com/Shows/On-NET/Customer-Identity-Management-with-Azure-AD-B2C) | Video (20 minutes) | In this overview of the service, Parakh Jain ([@jainparakh](https://twitter.com/jainparakh)) from the Azure AD B2C team provides us an overview of how the service works, and also show how we can quickly connect B2C to an ASP.NET Core application. |
+| [Customer Identity Management with Azure AD B2C](/Shows/On-NET/Customer-Identity-Management-with-Azure-AD-B2C) | Video (20 minutes) | In this overview of the service, Parakh Jain ([@jainparakh](https://twitter.com/jainparakh)) from the Azure AD B2C team provides us an overview of how the service works, and also show how we can quickly connect B2C to an ASP.NET Core application. |
 | [Benefits of using Azure AD B2C](https://aka.ms/b2coverview) | PDF | Understand the benefits and common scenarios of Azure AD B2C, and how your application(s) can leverage this CIAM service. |
 | [Gaining Expertise in Azure AD B2C: A Course for Developers](https://aka.ms/learnAADB2C) | PDF | This end-to-end course takes developers through a complete journey on developing applications with Azure AD B2C as the authentication mechanism. Ten in-depth modules with labs cover everything from setting up an Azure subscription to creating custom policies that define the journeys that engage your customers. |
 | [Enabling partners, Suppliers, and Customers to Access Applications with Azure active Directory](https://aka.ms/aadexternalidentities) | PDF | Every organization’s success, regardless of its size, industry, or compliance and security posture, relies on organizational ability to collaborate with other organizations and connect with customers.<br><br>Bringing together Azure AD, Azure AD B2C, and Azure AD B2B Collaboration, this guide details the business value and the mechanics of building an application or web experience that provides a consolidated authentication experience tailored to the contexts of your employees, business partners and suppliers, and customers. |
 
@@ -25,24 +25,11 @@
   - name: Web app
     href: web-app-quickstart.md
   - name: Web API
-    items:
-    - name: ASP.NET
-      href: quickstart-v2-dotnet-native-aspnet.md
-    - name: ASP.NET Core
-      href: quickstart-v2-aspnet-core-web-api.md
-  - name: Mobile and desktop
-    items:
-    - name: Android
-      href: quickstart-v2-android.md
-    - name: iOS and macOS
-      href: quickstart-v2-ios.md
-    - name: Universal Windows Platform
-      displayName: UWP
-      href: quickstart-v2-uwp.md
-    - name: Windows Desktop .NET
-      href: quickstart-v2-windows-desktop.md
-    - name: Node.js Electron
-      href: quickstart-v2-nodejs-desktop.md
+    href: web-api-quickstart.md
+  - name: Mobile app
+    href: mobile-app-quickstart.md
+  - name: Desktop app
+    href: desktop-app-quickstart.md
   - name: Daemon or back-end service
     href: console-app-quickstart.md
 - name: Tutorials
 
@@ -0,0 +1,32 @@
+---
+title: "Quickstart: Sign in users and call Microsoft Graph in a desktop app | Azure"
+titleSuffix: Microsoft identity platform
+description: In this quickstart, learn how a desktop application can get an access token and call an API protected by the Microsoft identity platform.
+services: active-directory
+author: Dickson-Mwendia
+manager: CelesteDG
+
+ms.service: active-directory
+ms.subservice: develop
+ms.topic: quickstart
+ms.workload: identity
+ms.date: 01/14/2022
+ms.author: dmwendia
+ms.custom: aaddev, identityplatformtop40, "scenarios:getting-started", mode-api
+zone_pivot_groups: desktop-app-quickstart
+#Customer intent: As an application developer, I want to learn how my desktop application can get an access token and call an API that's protected by the Microsoft identity platform.
+---
+
+# Quickstart: Acquire a token and call Microsoft Graph API from a desktop application
+
+::: zone pivot="devlang-uwp"
+[!INCLUDE [Universal Windows Platform](./includes/desktop-app/quickstart-uwp.md)]
+::: zone-end
+
+::: zone pivot="devlang-windows-desktop"
+[!INCLUDE [Windows Desktop .NET](./includes/desktop-app/quickstart-windows-desktop.md)]
+::: zone-end
+
+::: zone pivot="devlang-nodejs-electron"
+[!INCLUDE [Node.js Electron](./includes/desktop-app/quickstart-nodejs-electron.md)]
+::: zone-end
@@ -0,0 +1,218 @@
+---
+title: "Quickstart: Call Microsoft Graph from a Node.js desktop app | Azure"
+titleSuffix: Microsoft identity platform
+description: In this quickstart, you learn how a Node.js Electron desktop application can sign-in users and get an access token to call an API protected by a Microsoft identity platform endpoint
+services: active-directory
+author: mmacy
+manager: CelesteDG
+ms.service: active-directory
+ms.subservice: develop
+ms.topic: include
+ms.date: 01/14/2022
+ms.author: marsma
+ms.custom: mode-api
+#Customer intent: As an application developer, I want to learn how my Node.js Electron desktop application can get an access token and call an API that's protected by a Microsoft identity platform endpoint.
+---
+
+In this quickstart, you download and run a code sample that demonstrates how an Electron desktop application can sign in users and acquire access tokens to call the Microsoft Graph API.
+
+This quickstart uses the [Microsoft Authentication Library for Node.js (MSAL Node)](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-node) with the [authorization code flow with PKCE](../../v2-oauth2-auth-code-flow.md).
+
+## Prerequisites
+
+* [Node.js](https://nodejs.org/en/download/)
+* [Visual Studio Code](https://code.visualstudio.com/download) or another code editor
+
+
+## Register and download the sample application
+
+Follow the steps below to get started.
+
+#### Step 1: Register the application
+To register your application and add the app's registration information to your solution manually, follow these steps:
+
+1. Sign in to the [Azure portal](https://portal.azure.com/).
+1. If you have access to multiple tenants, use the **Directories + subscriptions** filter :::image type="icon" source="./../../media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant in which you want to register the application.
+1. Search for and select **Azure Active Directory**.
+1. Under **Manage**, select **App registrations** > **New registration**.
+1. Enter a **Name** for your application, for example `msal-node-desktop`. Users of your app might see this name, and you can change it later.
+1. Select **Register** to create the application.
+1. Under **Manage**, select **Authentication**.
+1. Select **Add a platform** > **Mobile and desktop applications**.
+1. In the **Redirect URIs** section, enter `msal://redirect`.
+1. Select **Configure**.
+
+#### Step 2: Download the Electron sample project
+
+
+[Download the code sample](https://github.com/azure-samples/ms-identity-javascript-nodejs-desktop/archive/main.zip)
+
+#### Step 3: Configure the Electron sample project
+
+1. Extract the zip file to a local folder close to the root of the disk, for example, *C:/Azure-Samples*.
+1. Edit *.env* and replace the values of the fields `TENANT_ID` and `CLIENT_ID` with the following snippet:
+
+   ```
+   "TENANT_ID": "Enter_the_Tenant_Id_Here",
+   "CLIENT_ID": "Enter_the_Application_Id_Here"
+   ```
+   Where:
+   - `Enter_the_Application_Id_Here` - is the **Application (client) ID** for the application you registered.
+   - `Enter_the_Tenant_Id_Here` - replace this value with the **Tenant Id** or **Tenant name** (for example, contoso.microsoft.com)
+
+> [!TIP]
+> To find the values of **Application (client) ID**, **Directory (tenant) ID**, go to the app's **Overview** page in the Azure portal.
+
+#### Step 4: Run the application
+
+You'll need to install the dependencies of this sample once:
+
+```console
+npm install
+```
+
+Then, run the application via command prompt or console:
+
+```console
+npm start
+```
+
+You should see application's UI with a **Sign in** button.
+
+## About the code
+
+Below, some of the important aspects of the sample application are discussed.
+
+### MSAL Node
+
+[MSAL Node](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-node) is the library used to sign in users and request tokens used to access an API protected by Microsoft identity platform. For more information on how to use MSAL Node with desktop apps, see [this article](../../scenario-desktop-overview.md).
+
+You can install MSAL Node by running the following npm command.
+
+```console
+npm install @azure/msal-node --save
+```
+
+### MSAL initialization
+
+You can add the reference for MSAL Node by adding the following code:
+
+```javascript
+const { PublicClientApplication } = require('@azure/msal-node');
+```
+
+Then, initialize MSAL using the following code:
+
+```javascript
+const MSAL_CONFIG = {
+    auth: {
+        clientId: "Enter_the_Application_Id_Here",
+        authority: "https://login.microsoftonline.com/Enter_the_Tenant_Id_Here",
+    },
+};
+
+const pca = new PublicClientApplication(MSAL_CONFIG);
+```
+
+> | Where: |Description |
+> |---------|---------|
+> | `clientId` | Is the **Application (client) ID** for the application registered in the Azure portal. You can find this value in the app's **Overview** page in the Azure portal. |
+> | `authority`    | The STS endpoint for user to authenticate. Usually `https://login.microsoftonline.com/{tenant}` for public cloud, where {tenant} is the name of your tenant or your tenant Id.|
+
+### Requesting tokens
+
+In the first leg of authorization code flow with PKCE, prepare and send an authorization code request with the appropriate parameters. Then, in the second leg of the flow, listen for the authorization code response. Once the code is obtained, exchange it to obtain a token.
+
+```javascript
+// The redirect URI you setup during app registration with a custom file protocol "msal"
+const redirectUri = "msal://redirect";
+
+const cryptoProvider = new CryptoProvider();
+
+const pkceCodes = {
+    challengeMethod: "S256", // Use SHA256 Algorithm
+    verifier: "", // Generate a code verifier for the Auth Code Request first
+    challenge: "" // Generate a code challenge from the previously generated code verifier
+};
+
+/**
+ * Starts an interactive token request
+ * @param {object} authWindow: Electron window object
+ * @param {object} tokenRequest: token request object with scopes
+ */
+async function getTokenInteractive(authWindow, tokenRequest) {
+
+    /**
+     * Proof Key for Code Exchange (PKCE) Setup
+     *
+     * MSAL enables PKCE in the Authorization Code Grant Flow by including the codeChallenge and codeChallengeMethod
+     * parameters in the request passed into getAuthCodeUrl() API, as well as the codeVerifier parameter in the
+     * second leg (acquireTokenByCode() API).
+     */
+
+    const {verifier, challenge} = await cryptoProvider.generatePkceCodes();
+
+    pkceCodes.verifier = verifier;
+    pkceCodes.challenge = challenge;
+
+    const authCodeUrlParams = {
+        redirectUri: redirectUri
+        scopes: tokenRequest.scopes,
+        codeChallenge: pkceCodes.challenge, // PKCE Code Challenge
+        codeChallengeMethod: pkceCodes.challengeMethod // PKCE Code Challenge Method
+    };
+
+    const authCodeUrl = await pca.getAuthCodeUrl(authCodeUrlParams);
+
+    // register the custom file protocol in redirect URI
+    protocol.registerFileProtocol(redirectUri.split(":")[0], (req, callback) => {
+        const requestUrl = url.parse(req.url, true);
+        callback(path.normalize(`${__dirname}/${requestUrl.path}`));
+    });
+
+    const authCode = await listenForAuthCode(authCodeUrl, authWindow); // see below
+
+    const authResponse = await pca.acquireTokenByCode({
+        redirectUri: redirectUri,
+        scopes: tokenRequest.scopes,
+        code: authCode,
+        codeVerifier: pkceCodes.verifier // PKCE Code Verifier
+    });
+
+    return authResponse;
+}
+
+/**
+ * Listens for auth code response from Azure AD
+ * @param {string} navigateUrl: URL where auth code response is parsed
+ * @param {object} authWindow: Electron window object
+ */
+async function listenForAuthCode(navigateUrl, authWindow) {
+
+    authWindow.loadURL(navigateUrl);
+
+    return new Promise((resolve, reject) => {
+        authWindow.webContents.on('will-redirect', (event, responseUrl) => {
+            try {
+                const parsedUrl = new URL(responseUrl);
+                const authCode = parsedUrl.searchParams.get('code');
+                resolve(authCode);
+            } catch (err) {
+                reject(err);
+            }
+        });
+    });
+}
+```
+
+> |Where:| Description |
+> |---------|---------|
+> | `authWindow` | Current Electron window in process. |
+> | `tokenRequest` | Contains the scopes being requested, such as `"User.Read"` for Microsoft Graph or `"api://<Application ID>/access_as_user"` for custom web APIs. |
+
+## Next steps
+
+To learn more about Electron desktop app development with MSAL Node, see the tutorial:
+
+> [!div class="nextstepaction"]
+> [Tutorial: Sign in users and call the Microsoft Graph API in an Electron desktop app](../../tutorial-v2-nodejs-desktop.md)