Added Entra warning messages, wording, and sample links

Author: gsteve88

includes/iot-hub-howto-connect-service-iothub-entra-dotnet.md

@@ -8,7 +8,7 @@ ms.service: iot-hub
 ms.devlang: csharp
 ms.topic: include
 ms.manager: lizross
-ms.date: 11/06/2024
+ms.date: 11/19/2024
 ms.custom: mqtt, devx-track-csharp, devx-track-dotnet
 ---
 
@@ -76,3 +76,7 @@ In this example, the `TokenCredential` is passed to `RegistryManager.Create` to
 string hostname = "xxxxxxxxxx.azure-devices.net";
 registryManager = RegistryManager.Create(hostname, tokenCredential);
 ```
+
+##### Code samples
+
+For working samples of Microsoft Entra service authentication, see [Role based authentication sample](https://github.com/Azure/azure-iot-sdk-csharp/tree/main/iothub/service/samples/how%20to%20guides/RoleBasedAuthenticationSample).

includes/iot-hub-howto-connect-service-iothub-entra-java.md

@@ -8,7 +8,7 @@ ms.service: iot-hub
 ms.devlang: java
 ms.topic: include
 ms.manager: lizross
-ms.date: 11/06/2024
+ms.date: 11/19/2024
 ---
 
 A backend app that uses Microsoft Entra must successfully authenticate and obtain a security token credential before connecting to IoT Hub. This token is passed to a IoT Hub connection method. For general information about setting up and using Microsoft Entra for IoT Hub, see [Control access to IoT Hub by using Microsoft Entra ID](/azure/iot-hub/authenticate-authorize-azure-ad).
@@ -33,7 +33,7 @@ For more information about setting up a Microsoft Entra app, see [Quickstart: Re
 
 The easiest way to use Microsoft Entra to authenticate a backend application is to use [DefaultAzureCredential](/azure/developer/java/sdk/authentication/credential-chains#defaultazurecredential-overview), but it's recommended to use a different method in a production environment including a specific `TokenCredential` or pared-down `ChainedTokenCredential`.
 For more information about the pros and cons of using `DefaultAzureCredential`, see
-[ChainedTokenCredential](/azure/developer/java/sdk/authentication/credential-chains).
+[Credential chains in the Azure Identity client library for Java](/azure/developer/java/sdk/authentication/credential-chains).
 
 [DefaultAzureCredential](/java/api/com.azure.identity.defaultazurecredential) supports different authentication mechanisms and determines the appropriate credential type based on the environment it's executing in. It attempts to use multiple credential types in an order until it finds a working credential.
 

includes/iot-hub-howto-connect-service-iothub-entra-node.md

@@ -8,7 +8,7 @@ ms.service: iot-hub
 ms.devlang: javascript
 ms.topic: include
 ms.manager: lizross
-ms.date: 11/06/2024
+ms.date: 11/19/2024
 ---
 
 A backend app that uses Microsoft Entra must successfully authenticate and obtain a security token credential before connecting to IoT Hub. This token is passed to a IoT Hub connection method. For general information about setting up and using Microsoft Entra for IoT Hub, see [Control access to IoT Hub by using Microsoft Entra ID](/azure/iot-hub/authenticate-authorize-azure-ad).
@@ -88,3 +88,7 @@ const credential = new DefaultAzureCredential()
 hostName = 'MyAzureDomain.azure-devices.net';
 let registry = Registry.fromTokenCredential(hostName,credential);
 ```
+
+##### Code samples
+
+For working samples of Microsoft Entra service authentication, see [Azure identity examples](https://github.com/Azure/azure-sdk-for-js/blob/@azure/identity_4.5.0/sdk/identity/identity/samples/AzureIdentityExamples.md).

includes/iot-hub-howto-connect-service-iothub-entra-python.md

@@ -8,7 +8,7 @@ ms.service: iot-hub
 ms.devlang: python
 ms.topic: include
 ms.manager: lizross
-ms.date: 11/06/2024
+ms.date: 11/19/2024
 ---
 
 A backend app that uses Microsoft Entra must successfully authenticate and obtain a security token credential before connecting to IoT Hub. This token is passed to a IoT Hub connection method. For general information about setting up and using Microsoft Entra for IoT Hub, see [Control access to IoT Hub by using Microsoft Entra ID](/azure/iot-hub/authenticate-authorize-azure-ad).
@@ -50,7 +50,7 @@ from azure.identity import DefaultAzureCredential
 credential = DefaultAzureCredential()
 ```
 
-The resulting [AccessToken](/python/api/azure-core/azure.core.credentials.accesstoken) can then be passed to `from_token_credential` to connect to IoT Hub method for any SDK client that accepts Microsoft Entra credentials:
+The resulting [AccessToken](/python/api/azure-core/azure.core.credentials.accesstoken) can then be passed to `from_token_credential` to connect to IoT Hub for any SDK client that accepts Microsoft Entra credentials:
 
 * [IoTHubRegistryManager](/python/api/azure-iot-hub/azure.iot.hub.iothubregistrymanager?#azure-iot-hub-iothubregistrymanager-from-token-credential) to create a service connection to IoT Hub using an Entra token credential.
 * [IoTHubJobManager](/python/api/azure-iot-hub/azure.iot.hub.iothubjobmanager?#azure-iot-hub-iothubjobmanager-from-token-credential)
@@ -91,3 +91,7 @@ iothub_registry_manager = IoTHubRegistryManager.from_token_credential(
 url="MyAzureDomain.azure-devices.net",
 token_credential=credential)
 ```
+
+##### Code samples
+
+For working samples of Microsoft Entra service authentication, see [Microsoft Authentication Library (MSAL) for Python](https://github.com/AzureAD/microsoft-authentication-library-for-python/blob/1.22.0/README.md).

includes/iot-hub-howto-module-twins-dotnet.md

@@ -7,7 +7,7 @@ ms.author: kgremban
 ms.service: iot-hub
 ms.devlang: csharp
 ms.topic: include
-ms.date: 10/02/2024
+ms.date: 11/19/2024
 ms.custom: mqtt, devx-track-csharp, devx-track-dotnet
 ---
 
@@ -25,6 +25,8 @@ This section describes how to use device application code to:
 * Update reported module identity twin properties
 * Create a module desired property update callback handler
 
+[!INCLUDE [iot-authentication-device-connection-string.md](../../includes/iot-authentication-device-connection-string.md)]
+
 ### Required device NuGet package
 
 Device client applications written in C# require the **Microsoft.Azure.Devices.Client** NuGet package.
@@ -136,10 +138,10 @@ The Azure IoT SDK for .NET provides working samples of device apps that handle m
 
 ## Create a backend application
 
-The [RegistryManager](/dotnet/api/microsoft.azure.devices.registrymanager) class exposes all methods required to create a backend application to interact with module identity twins from the service.
-
 This section describes how to read and update module identity fields.
 
+The [RegistryManager](/dotnet/api/microsoft.azure.devices.registrymanager) class exposes all methods required to create a backend application to interact with module identity twins from the service.
+
 ### Required service NuGet package
 
 Backend service applications require the **Microsoft.Azure.Devices** NuGet package.
@@ -158,6 +160,8 @@ You can connect a backend service to IoT Hub using the following methods:
 * Shared access policy
 * Microsoft Entra
 
+[!INCLUDE [iot-authentication-service-connection-string.md](../../includes/iot-authentication-service-connection-string.md)]
+
 #### Connect using a shared access policy
 
 Connect a backend application to IoT hub using [CreateFromConnectionString](/dotnet/api/microsoft.azure.devices.registrymanager.createfromconnectionstring).

includes/iot-hub-howto-module-twins-node.md

@@ -7,7 +7,7 @@ ms.author: kgremban
 ms.service: iot-hub
 ms.devlang: nodejs
 ms.topic: include
-ms.date: 10/02/2024
+ms.date: 11/19/2024
 ms.custom: mqtt, devx-track-js
 ---
 
@@ -27,6 +27,8 @@ This section describes how to use the [azure-iot-device](/javascript/api/azure-i
 * Update module identity reported twin properties
 * Receive notice of module identity twin desired property changes
 
+[!INCLUDE [iot-authentication-device-connection-string.md](../../includes/iot-authentication-device-connection-string.md)]
+
 ### Install SDK packages
 
 Run this command to install the **azure-iot-device** device SDK on your development machine:
@@ -330,6 +332,8 @@ You can connect a backend service to IoT Hub using the following methods:
 * Shared access policy
 * Microsoft Entra
 
+[!INCLUDE [iot-authentication-service-connection-string.md](../../includes/iot-authentication-service-connection-string.md)]
+
 #### Connect using a shared access policy
 
 Use [fromConnectionString](/javascript/api/azure-iothub/registry?#azure-iothub-registry-fromconnectionstring) to connect to IoT hub.

includes/iot-hub-howto-module-twins-python.md

@@ -7,7 +7,7 @@ ms.author: kgremban
 ms.service: iot-hub
 ms.devlang: python
 ms.topic: include
-ms.date: 09/03/2024
+ms.date: 11/19/2024
 ms.custom: mqtt, devx-track-python, py-fresh-zinc
 ---
 
@@ -47,6 +47,8 @@ This section describes how to use device application code to:
 * Update module identity twin reported properties
 * Create a module identity twin desired property update callback handler
 
+[!INCLUDE [iot-authentication-device-connection-string.md](../../includes/iot-authentication-device-connection-string.md)]
+
 ### Import statements
 
 Add this `import` statement to use the device library.
@@ -169,6 +171,8 @@ You can connect a backend service to IoT Hub using the following methods:
 * Shared access policy
 * Microsoft Entra
 
+[!INCLUDE [iot-authentication-service-connection-string.md](../../includes/iot-authentication-service-connection-string.md)]
+
 #### Connect using a shared access policy
 
 Connect to IoT hub using [from_connection_string](/python/api/azure-iot-hub/azure.iot.hub.iothubregistrymanager?#azure-iot-hub-iothubregistrymanager-from-connection-string).