Merge pull request #287886 from MicrosoftDocs/main

Merge main to live, 4 AM

Author: v-ccolin

articles/active-directory-b2c/partner-asignio.md

@@ -6,7 +6,7 @@ author: gargi-sinha
 manager: martinco
 ms.service: active-directory
 ms.topic: how-to
-ms.date: 06/21/2024
+ms.date: 10/03/2024
 ms.author: gasinh
 ms.reviewer: kengaderdus
 ms.subservice: B2C
@@ -65,7 +65,7 @@ The following diagram illustrates the implementation.
 
 1. User opens Azure AD B2C sign in page on their mobile or web application, and then signs in or signs up.
 2. Azure AD B2C redirects the user to Asignio using an OpenID Connect (OIDC) request.
-3. The user is redirected to the Asignio web application for biometric sign in. If the user hasn't registered their Asignio Signature, they can use an SMS One-Time-Password (OTP) to authenticate. After authentication, user receives a registration link to create their Asignio Signature.
+3. The user is redirected to the Asignio web application for biometric sign in. If the user didn't register their Asignio Signature, they can use an SMS One-Time-Password (OTP) to authenticate. After authentication, user receives a registration link to create their Asignio Signature.
 4. The user authenticates with Asignio Signature and facial verification, or voice and facial verification.
 5. The challenge response goes to Asignio. 
 6. Asignio returns the OIDC response to Azure AD B2C sign in.
@@ -76,11 +76,11 @@ The following diagram illustrates the implementation.
 
 Configurating an application with Asignio is with the Asignio Partner Administration site. 
 
-1. Go to asignio.com [Asignio Partner Administration](https://partner.asignio.com) page to request access for your organization. 
+1. To request access for your organization, go to asignio.com [Asignio Partner Administration](https://partner.asignio.com) page. 
 2. With credentials, sign into Asignio Partner Administration.
 3. Create a record for the Azure AD B2C application using your Azure AD B2C tenant. When you use Azure AD B2C with Asignio, Azure AD B2C manages connected applications. Asignio apps represent apps in the Azure portal.
 4. In the Asignio Partner Administration site, generate a Client ID and Client Secret. 
-5. Note and store Client ID and Client Secret. You'll use them later. Asignio doesn't store Client Secrets.
+5. Note and store Client ID and Client Secret. You use them later. Asignio doesn't store Client Secrets.
 6. Enter the redirect URI in your site the user is returned to after authentication. Use the following URI pattern.
 
 `[https://<your-b2c-domain>.b2clogin.com/<your-b2c-domain>.onmicrosoft.com/oauth2/authresp]`.
@@ -99,6 +99,9 @@ For this tutorial, you're registering  `https://jwt.ms`, a Microsoft web applica
 
 Complete [Tutorial: Register a web application in Azure Active Directory B2C](tutorial-register-applications.md?tabs=app-reg-ga)
 
+>[!NOTE]
+>Enable implicit flow only for testing purposes. Don’t enable implicit flow in production.
+
 ## Configure Asignio as an identity provider in Azure AD B2C
 
 For the following instructions, use the Microsoft Entra tenant with the Azure subscription.

articles/active-directory-b2c/partner-trusona.md

@@ -6,7 +6,7 @@ author: gargi-sinha
 manager: martinco
 ms.service: active-directory
 ms.topic: how-to
-ms.date: 01/26/2024
+ms.date: 10/03/2024
 ms.author: gasinh
 ms.subservice: B2C
 
@@ -40,7 +40,7 @@ The following diagram shows the architecture.
 
 ![Diagram of the xID architecture.](./media/partner-xid/partner-xid-architecture-diagram.png)
 
-1. At the Azure AD B2C sign-in page user signs in or signs up.
+1. At the Azure AD B2C sign-in page, the user signs in or signs up.
 2. Azure AD B2C redirects the user to xID authorize API endpoint using an OpenID Connect (OIDC) request. An OIDC endpoint has endpoint information. xID identity provider (IdP) redirects the user to the xID authorization sign in page. User enters email address.
 3. xID IdP sends push notification to user mobile device.
 4. User opens the xID app, checks the request, enters a PIN, or uses biometrics. xID app activates the private key and creates an electronic signature.
@@ -56,7 +56,7 @@ The following diagram shows the architecture.
 
 ## Install xID
 
-1. To request API documents, fill out the request form.  Go to [Contact Us](https://xid.inc/contact-us). 
+1. To request API documents, fill out the request form. Go to [Contact Us](https://xid.inc/contact-us). 
 2. In the message, indicate you're using Azure AD B2C. 
 3. An xID sales representative contacts you. 
 4. Follow the instructions in the xID API document.
@@ -78,6 +78,9 @@ For testing, you register `https://jwt.ms`, a Microsoft web application with dec
 
 Complete [Tutorial: Register a web application in Azure AD B2C](tutorial-register-applications.md?tabs=app-reg-ga) 
 
+>[!NOTE]
+>Enable implicit flow only for testing purposes. Don’t enable implicit flow in production.
+
 <a name='create-a-xid-policy-key'></a>
 
 ## Create an xID policy key
@@ -407,7 +410,7 @@ There are identity claims xID supports referenced as part of the policy. Claims
 
 The relying party policy, for example [SignUpSignIn.xml](https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack/blob/main/LocalAccounts/SignUpOrSignin.xml), specifies the user journey the Azure AD B2C executes. 
 
-1. In the relying party,locate the **DefaultUserJourney** element. 
+1. In the relying party, locate the **DefaultUserJourney** element. 
 2. Update the **ReferenceId** to match the user journey ID you added to the identity provider.
 
 In the following example, for the xID user journey, the **ReferenceId** is set to `CombinedSignInAndSignUp`.

articles/active-directory-b2c/partner-xid.md

@@ -11,6 +11,9 @@ ms.collection: ce-skilling-ai-copilot
 ---
 # Azure App Service TLS overview
 
+> [!NOTE]
+> Customers may be aware of [the retirement notification of TLS 1.0 and 1.1 for interactions with Azure services](https://azure.microsoft.com/updates/azure-support-tls-will-end-by-31-october-2024-2/). This retirement does not affect applications running on App Service or Azure Functions.  Applications on either App Service or Azure Functions configured to accept TLS 1.0 or TLS 1.1 for incoming requests will continue to run unaffected.
+
 ## What does TLS do in App Service?
 
 Transport Layer Security (TLS) is a widely adopted security protocol designed to secure connections and communications between servers and clients. App Service allows customers to use TLS/SSL certificates to secure incoming requests to their web apps. App Service currently supports different set of TLS features for customers to secure their web apps. 

articles/app-service/overview-tls.md

@@ -5,7 +5,7 @@ services: application-gateway
 author: greg-lindsay
 ms.service: azure-application-gateway
 ms.topic: conceptual
-ms.date: 09/30/2023
+ms.date: 10/03/2024
 ms.author: greglin
 ---
 
@@ -35,8 +35,7 @@ Please refer to TLS offload and End-to-End TLS documentation for Application Gat
 ## Connection draining
 
 Connection draining helps you gracefully remove backend pool members during planned service updates. It applies to backend instances that are 
-- explicitly removed from the backend pool,
-- removed during scale-in operations, or
+- explicitly removed from the backend pool, or
 - reported as unhealthy by the health probes.
 
 You can apply this setting to all backend pool members by enabling Connection Draining in the Backend Setting. It ensures that all deregistering instances in a backend pool don't receive any new requests/connections while maintaining the existing connections until the configured timeout value. This is also true for WebSocket connections.

articles/application-gateway/configuration-http-settings.md

@@ -105,9 +105,8 @@ For more information, see [WebSocket support](application-gateway-websocket.md)
 ## Connection draining
 
 Connection draining helps you achieve graceful removal of backend pool members during planned service updates or problems with backend health. This setting is enabled via the [Backend Setting](configuration-http-settings.md) and is applied to all backend pool members during rule creation. Once enabled, the application gateway ensures all deregistering instances of a backend pool don't receive any new requests while allowing existing requests to complete within a configured time limit. It applies to cases where backend instances are:
-- explicitly removed from the backend pool after a configuration change by a user
-- reported as unhealthy by the health probes, or
-- removed during a scale-in operation
+- explicitly removed from the backend pool after a configuration change by a user, or
+- reported as unhealthy by the health probes
 
 The only exception is when requests continue to be proxied to the deregistering instances because of gateway-managed session affinity. 
 

articles/application-gateway/features.md

@@ -7,16 +7,17 @@ ms.custom: references_regions
 
 
 ms.topic: conceptual
-ms.date: 08/05/2024
+ms.date: 10/03/2024
 
 ---
 
 # What's New in Azure Cache for Redis
 
 ## September 2024
 
-###Enterprise tier E1 SKU GA ###
-The E1 SKU, which is intended primarily for dev/test scenarios, is now generally available. It runs on smaller burstable virtual machines. As a result, E1 offers variable performance depending on how much CPU is consumed. Unlike other Enterprise offerings, it isn't possible to scale E1 out. However, it is still possible to scale up to a larger SKU. The E1 SKU also does not support active geo-replication.
+### Enterprise tier E1 SKU GA
+
+The E1 SKU, part of the Enterprise tier, is now in General Availability (GA). The E1 SKU doesn't scale out and is intended primarily for dev/test scenarios. The E1 SKU also doesn't support active geo-replication.
 
 ## August 2024
 
@@ -44,7 +45,7 @@ You are able to manually trigger an upgrade to the latest version of Redis softw
 
 ### Enterprise tier E1 (preview) SKU
 
-The E1 SKU is intended primarily for dev/test scenarios. It runs on smaller [burstable virtual machines](/azure/virtual-machines/b-series-cpu-credit-model/b-series-cpu-credit-model). As a result, E1 offers variable performance depending on how much CPU is consumed. Unlike other Enterprise offerings, it isn't possible to scale E1 out. However, it is still possible to scale up to a larger SKU. The E1 SKU also does not support [active geo-replication](cache-how-to-active-geo-replication.md).
+The E1 SKU is intended primarily for dev/test scenarios. It runs on smaller [burstable virtual machines](/azure/virtual-machines/b-series-cpu-credit-model/b-series-cpu-credit-model). As a result, E1 offers variable performance depending on how much CPU is consumed. Unlike other Enterprise offerings, it isn't possible to scale out E1. However, it's still possible to scale up to a larger SKU. The E1 SKU also doesn't support [active geo-replication](cache-how-to-active-geo-replication.md).
 
 
 ### .NET Output cache and HybridCache

articles/azure-cache-for-redis/cache-whats-new.md

@@ -7,7 +7,7 @@ ms.service: azure-container-apps
 ms.custom:
   - ignite-2023
 ms.topic: conceptual
-ms.date: 05/02/2024
+ms.date: 10/02/2024
 ms.author: cshoe
 ---
 
@@ -122,6 +122,12 @@ Code interpreter sessions are billed based on running duration for the number al
 
 Custom container sessions are billed using the [Dedicated plan](#dedicated-plan), based on the amount of compute resources used to run the session pool and active sessions.
 
+Each custom container session pool runs on dedicated *E16* compute instances. The number of instances allocated to the session pool is based on the number of active and ready sessions in the pool. To view the number of instances currently allocated to a session pool, use the following Azure CLI command to retrieve the pool's `nodeCount` property. Replace the `<PLACEHOLDERS>` with your values.
+
+```bash
+az containerapp sessionpool show --resource-group <RESOURCE_GROUP> --name <POOL_NAME> --query "properties.nodeCount"
+```
+
 ## General terms
 
 - For pricing details in your account's currency, see [Azure Container Apps Pricing](https://azure.microsoft.com/pricing/details/container-apps/).

articles/container-apps/billing.md

@@ -5,7 +5,7 @@ services: container-apps
 author: anthonychu
 ms.service: azure-container-apps
 ms.topic: conceptual
-ms.date: 06/26/2024
+ms.date: 10/02/2024
 ms.author: antchu
 ms.collection: ce-skilling-ai-copilot
 ---
@@ -240,6 +240,10 @@ This request is forwarded to the custom container session with the identifier fo
 
 In the example, the session's container receives the request at `http://0.0.0.0:<INGRESS_PORT>/<API_PATH_EXPOSED_BY_CONTAINER>`.
 
+## Billing
+
+Custom container sessions are billed based on the resources consumed by the session pool. For more information, see [Azure Container Apps billing](billing.md#custom-container).
+
 ## Next steps
 
 > [!div class="nextstepaction"]

articles/container-apps/sessions-custom-container.md

@@ -6,6 +6,7 @@ ms.author: makromer
 ms.reviewer: jburchel
 ms.topic: conceptual
 ms.date: 01/05/2024
+ms.subservice: ci-cd
 ---
 
 # Applying DataOps to Azure Data Factory