Merge pull request #241336 from MicrosoftDocs/main

Publish to live, Tuesday 4 AM PST, 6/13

Author: ttorble

articles/active-directory/app-provisioning/application-provisioning-quarantine-status.md

@@ -78,14 +78,9 @@ The logic documented here may be different for certain connectors to ensure best
 After the failure, the first retry will happen in 6 hours.
 - The second retry happens 12 hours after the first failure.
 - The third retry happens 24 hours after the first failure.
-- The fourth retry happens 48 hours after the first failure.
-- The fifth retry happens 96 hours after the first failure.
-- The sixth retry happens 192 hours after the first failure.
-- The seventh retry happens 384 hours after the first failure.
-- The eighth retry happens 768 hours after the first failure.
-
-The retries are stopped after the 8th retry and the escrow entry is removed. The job will continue unless it hits the escrow thresholds from the section above 
 
+There will be retries every 24 hours after the 3rd retry. The retries will go on for 28 days after the first failure after which the escrow entry is removed and the job is disabled.  
+If any of the retries above gets a successful response, the job is automatically put out of quarantine and shall resume regular sync behavior.
 
 ## How do I get my application out of quarantine?
 

articles/active-directory/develop/TOC.yml

@@ -14,6 +14,10 @@
     - name: Basics of the identity platform
       displayName: introduction, basics, overview
       items:
+        - name: Identity fundamentals
+          href: ../fundamentals/identity-fundamental-concepts.md?toc=/azure/active-directory/develop/toc.json&bc=/azure/active-directory/develop/breadcrumb/toc.json
+        - name: Introduction to identity and access management
+          href: ../fundamentals/introduction-identity-access-management.md?toc=/azure/active-directory/develop/toc.json&bc=/azure/active-directory/develop/breadcrumb/toc.json
         - name: Authentication vs. authorization
           href: authentication-vs-authorization.md
         - name: OAuth 2.0 and OpenID Connect

articles/active-directory/develop/breadcrumb/toc.yml

@@ -12,3 +12,6 @@
     - name: Develop
       tocHref: /azure/developer/java/spring-framework/
       topicHref: /azure/active-directory/develop/index
+    - name: Develop
+      tocHref: /azure/active-directory/fundamentals/
+      topicHref: /azure/active-directory/develop/index

articles/active-directory/develop/v2-oauth2-auth-code-flow.md

@@ -146,7 +146,7 @@ The following table describes the various error codes that can be returned in th
 
 ### Request an ID token as well or hybrid flow
 
-To learn who the user is before redeeming an authorization code, it's common for applications to also request an ID token when they request the authorization code. This approach is called the *hybrid flow* because it mixes the implicit grant with the authorization code flow.
+To learn who the user is before redeeming an authorization code, it's common for applications to also request an ID token when they request the authorization code. This approach is called the *hybrid flow* because it mixes OIDC with the OAuth2 authorization code flow.
 
 The hybrid flow is commonly used in web apps to render a page for a user without blocking on code redemption, notably in [ASP.NET](quickstart-v2-aspnet-core-webapp.md). Both single-page apps and traditional web apps benefit from reduced latency in this model.
 

articles/active-directory/external-identities/customers/how-to-single-page-app-vanillajs-configure-authentication.md

@@ -16,7 +16,7 @@ ms.date: 06/09/2023
 
 # Tutorial: Handle authentication flows in a vanilla JavaScript single-page app
 
-In the [previous article](./how-to-single-page-app-vanillajs-prepare-app.md), you created a vanilla JavaScript (JS) single-page application (SPA) and a server to host it. This article shows you how to configure the application to authenticate and authorize users to access protected resources.
+In the [previous article](./how-to-single-page-app-vanillajs-prepare-app.md), you created a vanilla JavaScript (JS) single-page application (SPA) and a server to host it. This tutorial demonstrates how to configure the application to authenticate and authorize users to access protected resources.
 
 In this tutorial;
 
@@ -278,4 +278,4 @@ The application uses *authPopup.js* to handle the authentication flow when the u
 ## Next steps
 
 > [!div class="nextstepaction"]
-> [Sign in and sign out of the vanilla JS SPA](./how-to-single-page-app-vanillajs-sign-in-sign-out.md)
+> [Sign in and sign out of the vanilla JS SPA](./how-to-single-page-app-vanillajs-sign-in-sign-out.md)