Skip to content

Commit 4b25928

Browse files
author
Ian Whyte
committed
2 parents 0faae4c + 58baf53 commit 4b25928

File tree

1,300 files changed

+24385
-17371
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

1,300 files changed

+24385
-17371
lines changed

.openpublishing.publish.config.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1007,7 +1007,7 @@
10071007
{
10081008
"path_to_root": "azure-actions-workflow-samples",
10091009
"url": "https://github.com/Azure/actions-workflow-samples",
1010-
"branch": "main",
1010+
"branch": "master",
10111011
"branch_mapping": {}
10121012
}
10131013
],

.openpublishing.redirection.active-directory.json

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,20 @@
11
{
22
"redirections": [
3+
{
4+
"source_path_from_root": "/articles/active-directory/develop/active-directory-enterprise-app-role-management.md",
5+
"redirect_url": "/azure/active-directory/develop/enterprise-app-role-management",
6+
"redirect_document_id": false
7+
},
8+
{
9+
"source_path_from_root": "/articles/active-directory/develop/active-directory-schema-extensions.md",
10+
"redirect_url": "/azure/active-directory/develop/schema-extensions",
11+
"redirect_document_id": false
12+
},
13+
{
14+
"source_path_from_root": "/articles/active-directory/develop/active-directory-optional-claims.md",
15+
"redirect_url": "/azure/active-directory/develop/optional-claims",
16+
"redirect_document_id": false
17+
},
318
{
419
"source_path_from_root": "/articles/active-directory/develop/active-directory-jwt-claims-customization.md",
520
"redirect_url": "/azure/active-directory/develop/jwt-claims-customization",
@@ -6580,6 +6595,11 @@
65806595
"redirect_url": "/troubleshoot/azure/active-directory/troubleshoot-adding-apps",
65816596
"redirect_document_id": false
65826597
},
6598+
{
6599+
"source_path_from_root": "/articles/active-directory/manage-apps/scripts/powershell-export-apps-with-expriring-secrets.md",
6600+
"redirect_url": "/troubleshoot/azure/active-directory/manage-apps/scripts/powershell-export-apps-with-expiring-secrets",
6601+
"redirect_document_id": false
6602+
},
65836603
{
65846604
"source_path_from_root": "/articles/active-directory/application-config-add-app-problem-problem-adding-gallery-app.md",
65856605
"redirect_url": "/troubleshoot/azure/active-directory/troubleshoot-adding-apps",

.openpublishing.redirection.azure-monitor.json

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6150,6 +6150,11 @@
61506150
"source_path_from_root": "/articles/azure-monitor/logs/dashboard-upgrade.md",
61516151
"redirect_url": "/azure/azure-monitor/visualize/tutorial-logs-dashboards",
61526152
"redirect_document_id": false
6153+
},
6154+
{
6155+
"source_path_from_root": "/articles/azure-monitor/app/opentelemetry-dotnet-exporter.md",
6156+
"redirect_url": "/azure/azure-monitor/app/opentelemetry-enable",
6157+
"redirect_document_id": false
61536158
}
61546159

61556160
]

.openpublishing.redirection.json

Lines changed: 120 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7864,6 +7864,11 @@
78647864
"redirect_url": "/azure/azure-maps/power-bi-visual-add-3d-column-layer",
78657865
"redirect_document_id": false
78667866
},
7867+
{
7868+
"source_path_from_root": "/articles/azure-maps/power-bi-visual-migrate-from-bing-maps.md",
7869+
"redirect_url": "/azure/azure-maps/power-bi-visual-conversion",
7870+
"redirect_document_id": false
7871+
},
78677872
{
78687873
"source_path_from_root": "/articles/azure-portal/resource-group-portal-linked-resources.md",
78697874
"redirect_url": "/azure/azure-portal/azure-portal-dashboards",
@@ -22783,6 +22788,121 @@
2278322788
"source_path_from_root": "/articles/sentinel/data-connectors/threat-intelligence-upload-indicators-api.md",
2278422789
"redirect_url": "/azure/sentinel/data-connectors-reference",
2278522790
"redirect_document_id": false
22791+
},
22792+
{
22793+
"source_path_from_root": "/articles/networking/scripts/virtual-network-powershell-sample-peer-two-virtual-networks.md",
22794+
"redirect_url": "/azure/virtual-network/tutorial-connect-virtual-networks-powershell",
22795+
"redirect_document_id": false
22796+
},
22797+
{
22798+
"source_path_from_root": "/articles/networking/scripts/virtual-network-powershell-filter-network-traffic.md",
22799+
"redirect_url": "/azure/virtual-network/tutorial-filter-network-traffic",
22800+
"redirect_document_id": false
22801+
},
22802+
{
22803+
"source_path_from_root": "/articles/networking/powershell-samples.md",
22804+
"redirect_url": "/azure/networking/fundamentals/networking-overview",
22805+
"redirect_document_id": false
22806+
},
22807+
{
22808+
"source_path_from_root": "/articles/networking/scripts/virtual-network-filter-network-traffic.md",
22809+
"redirect_url": "/azure/virtual-network/tutorial-filter-network-traffic",
22810+
"redirect_document_id": false
22811+
},
22812+
{
22813+
"source_path_from_root": "/articles/virtual-network/scripts/virtual-network-powershell-sample-filter-network-traffic.md",
22814+
"redirect_url": "/azure/virtual-network/tutorial-filter-network-traffic",
22815+
"redirect_document_id": false
22816+
},
22817+
{
22818+
"source_path_from_root": "/articles/networking/scripts/virtual-network-powershell-sample-route-traffic-through-nva.md",
22819+
"redirect_url": "/azure/virtual-network/tutorial-create-route-table-portal",
22820+
"redirect_document_id": false
22821+
},
22822+
{
22823+
"source_path_from_root": "/articles/virtual-network/scripts/virtual-network-powershell-sample-route-traffic-through-nva.md",
22824+
"redirect_url": "/azure/virtual-network/tutorial-create-route-table-portal",
22825+
"redirect_document_id": false
22826+
},
22827+
{
22828+
"source_path_from_root": "/articles/networking/cli-samples.md",
22829+
"redirect_url": "/azure/networking/fundamentals/networking-overview",
22830+
"redirect_document_id": false
22831+
},
22832+
{
22833+
"source_path_from_root": "/articles/virtual-network/powershell-samples.md",
22834+
"redirect_url": "/azure/networking/fundamentals/networking-overview",
22835+
"redirect_document_id": false
22836+
},
22837+
{
22838+
"source_path_from_root": "/articles/virtual-network/cli-samples.md",
22839+
"redirect_url": "/azure/networking/fundamentals/networking-overview",
22840+
"redirect_document_id": false
22841+
},
22842+
{
22843+
"source_path_from_root": "/articles/networking/scripts/virtual-network-cli-sample-peer-two-virtual-networks.md",
22844+
"redirect_url": "/azure/virtual-network/tutorial-connect-virtual-networks-cli",
22845+
"redirect_document_id": false
22846+
},
22847+
{
22848+
"source_path_from_root": "/articles/virtual-network/scripts/virtual-network-powershell-sample-ipv6-dual-stack-standard-load-balancer.md",
22849+
"redirect_url": "/azure/load-balancer/virtual-network-ipv4-ipv6-dual-stack-standard-load-balancer-powershell",
22850+
"redirect_document_id": false
22851+
},
22852+
{
22853+
"source_path_from_root": "/articles/virtual-network/scripts/virtual-network-cli-sample-ipv6-dual-stack-standard-load-balancer.md",
22854+
"redirect_url": "/azure/load-balancer/virtual-network-ipv4-ipv6-dual-stack-standard-load-balancer-cli",
22855+
"redirect_document_id": false
22856+
},
22857+
{
22858+
"source_path_from_root": "/articles/networking/scripts/virtual-network-cli-sample-route-traffic-through-nva.md",
22859+
"redirect_url": "/azure/virtual-network/tutorial-create-route-table-portal",
22860+
"redirect_document_id": false
22861+
},
22862+
{
22863+
"source_path_from_root": "/articles/virtual-network/scripts/virtual-network-cli-sample-ipv6-dual-stack.md",
22864+
"redirect_url": "/azure/load-balancer/virtual-network-ipv4-ipv6-dual-stack-standard-load-balancer-cli",
22865+
"redirect_document_id": false
22866+
},
22867+
{
22868+
"source_path_from_root": "/articles/networking/scripts/virtual-network-cli-sample-multi-tier-application.md",
22869+
"redirect_url": "/azure/architecture/example-scenario/infrastructure/multi-tier-app-disaster-recovery",
22870+
"redirect_document_id": false
22871+
},
22872+
{
22873+
"source_path_from_root": "/articles/networking/scripts/virtual-network-powershell-sample-multi-tier-application.md",
22874+
"redirect_url": "/azure/architecture/example-scenario/infrastructure/multi-tier-app-disaster-recovery",
22875+
"redirect_document_id": false
22876+
},
22877+
{
22878+
"source_path_from_root": "/articles/virtual-network/scripts/virtual-network-powershell-sample-ipv6-dual-stack.md",
22879+
"redirect_url": "/azure/load-balancer/virtual-network-ipv4-ipv6-dual-stack-standard-load-balancer-powershell",
22880+
"redirect_document_id": false
22881+
},
22882+
{
22883+
"source_path_from_root": "/articles/virtual-network/scripts/virtual-network-cli-sample-filter-network-traffic.md",
22884+
"redirect_url": "/azure/virtual-network/tutorial-filter-network-traffic",
22885+
"redirect_document_id": false
22886+
},
22887+
{
22888+
"source_path_from_root": "/articles/virtual-network/scripts/virtual-network-cli-sample-route-traffic-through-nva.md",
22889+
"redirect_url": "/azure/virtual-network/tutorial-create-route-table-portal",
22890+
"redirect_document_id": false
22891+
},
22892+
{
22893+
"source_path_from_root": "/articles/virtual-network/scripts/virtual-network-cli-sample-multi-tier-application.md",
22894+
"redirect_url": "/azure/architecture/example-scenario/infrastructure/multi-tier-app-disaster-recovery",
22895+
"redirect_document_id": false
22896+
},
22897+
{
22898+
"source_path_from_root": "/articles/active-directory/authentication/how-to-migrate-mfa-server-to-azure-mfa-with-federation.md",
22899+
"redirect_url": "/azure/active-directory/authentication/how-to-migrate-mfa-server-to-mfa-with-federation",
22900+
"redirect_document_id": true
22901+
},
22902+
{
22903+
"source_path_from_root": "/articles/active-directory/manage-apps/migrate-okta-sync-provisioning-to-azure-active-directory.md",
22904+
"redirect_url": "/azure/active-directory/manage-apps/migrate-okta-sync-provisioning",
22905+
"redirect_document_id": true
2278622906
}
2278722907
]
2278822908
}

articles/active-directory-b2c/TOC.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -89,6 +89,7 @@
8989
href: azure-ad-b2c-global-identity-proof-of-concept-regional.md
9090
- name: Azure AD B2C best practices
9191
href: best-practices.md
92+
displayName: cache, caching, plan, planning
9293
- name: Application types
9394
href: application-types.md
9495
- name: Authentication protocols

articles/active-directory-b2c/best-practices.md

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ manager: CelesteDG
99
ms.service: active-directory
1010
ms.workload: identity
1111
ms.topic: conceptual
12-
ms.date: 12/29/2022
12+
ms.date: 05/29/2023
1313
ms.subservice: B2C
1414
---
1515

@@ -77,7 +77,8 @@ Manage your Azure AD B2C environment.
7777
| Use version control for your custom policies | Consider using GitHub, Azure Repos, or another cloud-based version control system for your Azure AD B2C custom policies. |
7878
| Use the Microsoft Graph API to automate the management of your B2C tenants | Microsoft Graph APIs:<br/>Manage [Identity Experience Framework](/graph/api/resources/trustframeworkpolicy?preserve-view=true&view=graph-rest-beta) (custom policies)<br/>[Keys](/graph/api/resources/trustframeworkkeyset?preserve-view=true&view=graph-rest-beta)<br/>[User Flows](/graph/api/resources/identityuserflow?preserve-view=true&view=graph-rest-beta) |
7979
| Integrate with Azure DevOps | A [CI/CD pipeline](deploy-custom-policies-devops.md) makes moving code between different environments easy and ensures production readiness always. |
80-
| Custom policy deployment | Azure AD B2C relies on caching to deliver performance to your end users. When you deploy a custom policy using whatever method, expect a delay of up to **30 minutes** for your users to see the changes. As a result of this behavior, consider the following practices when you deploy your custom policies: <br> - If you're deploying to a development environment, set the `DeploymentMode` attribute to `Development` in your custom policy file's `<TrustFrameworkPolicy>` element. <br> - Deploy your updated policy files to a production environment when traffic in your app is low. <br> - When you deploy to a production environment to update existing policy files, upload the updated files with new name(s), and then update your app reference to the new name(s). You can then remove the old policy files afterwards.<br> - You can set the `DeploymentMode` to `Development` in a production environment to bypass the caching behavior. However, we don't recommend this practice. If you [Collect Azure AD B2C logs with Application Insights](troubleshoot-with-application-insights.md), all claims sent to and from identity providers are collected, which is a security and performance risk. |
80+
| Deploy custom policy | Azure AD B2C relies on caching to deliver performance to your end users. When you deploy a custom policy using whatever method, expect a delay of up to **30 minutes** for your users to see the changes. As a result of this behavior, consider the following practices when you deploy your custom policies: <br> - If you're deploying to a development environment, set the `DeploymentMode` attribute to `Development` in your custom policy file's `<TrustFrameworkPolicy>` element. <br> - Deploy your updated policy files to a production environment when traffic in your app is low. <br> - When you deploy to a production environment to update existing policy files, upload the updated files with new name(s), and then update your app reference to the new name(s). You can then remove the old policy files afterwards.<br> - You can set the `DeploymentMode` to `Development` in a production environment to bypass the caching behavior. However, we don't recommend this practice. If you [Collect Azure AD B2C logs with Application Insights](troubleshoot-with-application-insights.md), all claims sent to and from identity providers are collected, which is a security and performance risk. |
81+
| Deploy app registration updates | When you modify your application registration in your Azure AD B2C tenant, such as updating the application's redirect URI, expect a delay of up to **2 hours (3600s)** for the changes to take effect in the production environment. We recommend that you modify your application registration in your production environment when traffic in your app is low.|
8182
| Integrate with Azure Monitor | [Audit log events](view-audit-logs.md) are only retained for seven days. [Integrate with Azure Monitor](azure-monitor.md) to retain the logs for long-term use, or integrate with third-party security information and event management (SIEM) tools to gain insights into your environment. |
8283
| Setup active alerting and monitoring | [Track user behavior](./analytics-with-application-insights.md) in Azure AD B2C using Application Insights. |
8384

articles/active-directory-b2c/claimsproviders.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ ms.subservice: B2C
1717

1818
[!INCLUDE [active-directory-b2c-advanced-audience-warning](../../includes/active-directory-b2c-advanced-audience-warning.md)]
1919

20-
A claims provide is an interface to communicate with different types of parties via its [technical profiles](technicalprofiles.md). Every claims provider must have one or more technical profiles that determine the endpoints and the protocols needed to communicate with the claims provider. A claims provider can have multiple technical profiles. For example, multiple technical profiles may be defined because the claims provider supports multiple protocols, various endpoints with different capabilities, or releases different claims at different assurance levels. It may be acceptable to release sensitive claims in one user journey, but not in another.
20+
A claims provider is an interface to communicate with different types of parties via its [technical profiles](technicalprofiles.md). Every claims provider must have one or more technical profiles that determine the endpoints and the protocols needed to communicate with the claims provider. A claims provider can have multiple technical profiles. For example, multiple technical profiles may be defined because the claims provider supports multiple protocols, various endpoints with different capabilities, or releases different claims at different assurance levels. It may be acceptable to release sensitive claims in one user journey, but not in another.
2121

2222
A user journey combines calling technical profiles via orchestration steps to define your business logic.
2323

articles/active-directory-b2c/claimsschema.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -68,7 +68,7 @@ The **DataType** element supports the following values:
6868
|boolean|Represents a Boolean (`true` or `false`) value.|
6969
|date| Represents an instant in time, typically expressed as a date of a day. The value of the date follows ISO 8601 convention.|
7070
|dateTime|Represents an instant in time, typically expressed as a date and time of day. The value of the date follows ISO 8601 convention during runtime and is converted to UNIX epoch time when issued as a claim into the token.|
71-
|duration|Represents a time interval in years, months, days, hours, minutes, and seconds. The format of is `PnYnMnDTnHnMnS`, where `P` indicates positive, or `N` for negative value. `nY` is the number of years followed by a literal `Y`. `nMo` is the number of months followed by a literal `Mo`. `nD` is the number of days followed by a literal `D`. Examples: `P21Y` represents 21 years. `P1Y2Mo` represents one year, and two months. `P1Y2Mo5D` represents one year, two months, and five days. `P1Y2M5DT8H5M620S` represents one year, two months, five days, eight hours, five minutes, and twenty seconds. |
71+
|duration|Represents a time interval in years, months, days, hours, minutes, and seconds. The format of is `PnYnMnDTnHnMnS`, where `P` indicates positive, or `N` for negative value. `nY` is the number of years followed by a literal `Y`. `nMo` is the number of months followed by a literal `Mo`. `nD` is the number of days followed by a literal `D`. Examples: `P21Y` represents 21 years. `P1Y2Mo` represents one year, and two months. `P1Y2Mo5D` represents one year, two months, and five days. `P1Y2M5DT8H5M20S` represents one year, two months, five days, eight hours, five minutes, and twenty seconds. |
7272
|phoneNumber|Represents a phone number. |
7373
|int| Represents number between -2,147,483,648 and 2,147,483,647|
7474
|long| Represents number between -9,223,372,036,854,775,808 to 9,223,372,036,854,775,807 |
@@ -251,7 +251,7 @@ The **UserInputType** element available user input types:
251251
|Password | `string` |Password text box.|
252252
|RadioSingleSelect |`string` | Collection of radio buttons. The claim value is the selected value.|
253253
|Readonly | `boolean`, `date`, `dateTime`, `duration`, `int`, `long`, `string`| Read-only text box. |
254-
|TextBox |`boolean`, `int`, `string` |Single-line text box. |
254+
|TextBox |`boolean`, `int`, `phoneNumber`, `string` |Single-line text box. |
255255

256256

257257
#### TextBox

articles/active-directory-b2c/customize-ui-with-html.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -233,7 +233,7 @@ To create a public container in Blob storage, perform the following steps:
233233
1. Under **Data storage** in the left-hand menu, select **Containers**.
234234
1. Select **+ Container**.
235235
1. For **Name**, enter *root*. The name can be a name of your choosing, for example *contoso*, but we use *root* in this example for simplicity.
236-
1. For **Public access level**, select **Blob**.
236+
1. For **Public access level**, select **Blob**. By selecting the **Blob** option, you allow an anonymous public read-only access for this container.
237237
1. Select **Create** to create the container.
238238
1. Select **root** to open the new container.
239239

articles/active-directory-b2c/embedded-login.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -73,6 +73,7 @@ The **Sources** attribute contains the URI of your web application. Add a space
7373
- The URI must be trusted and owned by your application.
7474
- The URI must use the https scheme.
7575
- The full URI of the web app must be specified. Wildcards are not supported.
76+
- The **JourneyFraming** element only allows site URLs with a **two to seven-character** Top-level domain (TLD) to align with commonly recognized TLDs.
7677

7778
In addition, we recommend that you also block your own domain name from being embedded in an iframe by setting the `Content-Security-Policy` and `X-Frame-Options` headers respectively on your application pages. This will mitigate security concerns around older browsers related to nested embedding of iframes.
7879

0 commit comments

Comments
 (0)