Merging changes synced from https://github.com/MicrosoftDocs/azure-docs-pr (branch live)

Author: Banani-Rath

.vscode/settings.json

@@ -1,4 +1,7 @@
 {
+    "markdown.docsetName": "azure",
+    "markdown.docsetRootFolderName": "articles",
+    "markdown.omitDefaultJsonProperties": true,
     "markdown.docsetLanguages": [
         ".NET Core CLI",
         "Apache",

articles/active-directory-b2c/TOC.yml

@@ -233,18 +233,16 @@
         href: direct-signin.md
     - name: Add your own business logic
       items:
+      - name: Integrate REST API
+        href: custom-policy-rest-api-intro.md
       - name: Validate user input
         href: custom-policy-rest-api-claims-validation.md
         displayName: rest claims validation, validate
       - name: Obtain additional claims
         href: custom-policy-rest-api-claims-exchange.md
         displayName: rest claims exchange
-      - name: Add your own RESTful API
-        href: rest-api-claims-exchange-dotnet.md
-      - name: Secure RESTful APIs with basic auth
-        href: secure-rest-api-dotnet-basic-auth.md
-      - name: Secure RESTful APIs with certificate auth
-        href: secure-rest-api-dotnet-certificate-auth.md
+      - name: Secure REST API
+        href: secure-rest-api.md
     - name: Define custom attributes
       href: custom-policy-custom-attributes.md
     - name: Troubleshooting

articles/active-directory-b2c/active-directory-technical-profile.md

@@ -9,7 +9,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: reference
-ms.date: 03/24/2020
+ms.date: 03/26/2020
 ms.author: mimart
 ms.subservice: B2C
 ---
@@ -251,7 +251,7 @@ The following technical profile deletes a social user account using **alternativ
 | ClientId | No | The client identifier for accessing the tenant as a third party. For more information, see [Use custom attributes in a custom profile edit policy](custom-policy-custom-attributes.md) |
 | IncludeClaimResolvingInClaimsHandling  | No | For input and output claims, specifies whether [claims resolution](claim-resolver-overview.md) is included in the technical profile. Possible values: `true`, or `false` (default). If you want to use a claims resolver in the technical profile, set this to `true`. |
 
-### Error messages
+### UI elements
 
 The following settings can be used to configure the error message displayed upon failure. The metadata should be configured in the [self-asserted](self-asserted-technical-profile.md) technical profile. The error messages can be [localized](localization.md).
 

articles/active-directory-b2c/custom-policy-keep-me-signed-in.md

@@ -8,7 +8,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 03/24/2020
+ms.date: 03/26/2020
 ms.author: mimart
 ms.subservice: B2C
 ---
@@ -48,9 +48,27 @@ To enable KMSI, set the content definition `DataUri` element to [page identifier
     </BuildingBlocks>
     ```
 
-1. Save the extensions file.
+## Add the metadata to the self-asserted technical profile
+
+To add the KMSI checkbox to the sign-up and sign-in page, set the `setting.enableRememberMe` metadata to false. Override the SelfAsserted-LocalAccountSignin-Email technical profiles in the extension file.
+
+1. Find the ClaimsProviders element. If the element doesn't exist, add it.
+1. Add the following claims provider to the ClaimsProviders element:
 
+```XML
+<ClaimsProvider>
+  <DisplayName>Local Account</DisplayName>
+  <TechnicalProfiles>
+    <TechnicalProfile Id="SelfAsserted-LocalAccountSignin-Email">
+      <Metadata>
+        <Item Key="setting.enableRememberMe">True</Item>
+      </Metadata>
+    </TechnicalProfile>
+  </TechnicalProfiles>
+</ClaimsProvider>
+```
 
+1. Save the extensions file.
 
 ## Configure a relying party file
 

articles/active-directory-b2c/custom-policy-rest-api-claims-exchange.md

@@ -9,7 +9,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 03/16/2020
+ms.date: 03/26/2020
 ms.author: mimart
 ms.subservice: B2C
 ---
@@ -18,28 +18,16 @@ ms.subservice: B2C
 
 [!INCLUDE [active-directory-b2c-advanced-audience-warning](../../includes/active-directory-b2c-advanced-audience-warning.md)]
 
-The Identity Experience Framework (IEF) that underpins Azure Active Directory B2C (Azure AD B2C) enables identity developers to integrate an interaction with a RESTful API in a user journey.
+The Identity Experience Framework (IEF) that underpins Azure Active Directory B2C (Azure AD B2C) enables identity developers to integrate an interaction with a RESTful API in a user journey.  At the end of this walkthrough, you'll be able to create an Azure AD B2C user journey that interacts with [RESTful services](custom-policy-rest-api-intro.md) to validate user input.
 
-At the end of this walkthrough, you will be able to create an Azure AD B2C user journey that interacts with RESTful services.
-
-IEF can send data that has been stored in a claims bag during a user journey to your REST API. It can also parse JSON responses received from the REST API into the Azure AD B2C claim bag. The interaction with the API:
-
-- Can be designed as a REST API claims exchange called from an orchestration step, or as a [validation technical profile](validation-technical-profile.md) called from within a [self asserted technical profile](self-asserted-technical-profile.md).
-- Typically validates input from the user. If the value from the user is rejected, the user can try again to enter a valid value with the opportunity to return an error message.
+In this scenario, we'll add the ability for users to enter a loyalty number into the Azure AD B2C sign-up page. We'll validate whether this combination of email and loyalty number is mapped to a promotional code by sending this data to a REST API. If the REST API finds a promotional code for this user, it will be returned to Azure AD B2C. Finally, the promotional code will be inserted into the token claims for the application to consume.
 
 You can also design the interaction as an orchestration step. This is suitable when the REST API will not be validating data on screen, and always return claims. For more information, see [Walkthrough: Integrate REST API claims exchanges in your Azure AD B2C user journey as an orchestration step](custom-policy-rest-api-claims-exchange.md).
 
-For the validation profile example, we will use the profile edit user journey in the starter pack file ProfileEdit.xml.
-
-We can verify that the name provided by the user in the profile edit is not part of an exclusion list.
-
-## Scenario
-
-In this scenario, we'll add the ability for users to enter a loyalty number into the Azure AD B2C sign-up page. We'll validate whether this combination of email and loyalty number is mapped to a promotional code by sending this data to a REST API. If the REST API finds a promotional code for this user, it will be returned to Azure AD B2C. Finally, the promotional code will be inserted into the token claims for the application to consume.
-
 ## Prerequisites
 
-Complete the steps in [Get started with custom policies](custom-policy-get-started.md). You should have a working custom policy for sign-up and sign-in with local accounts.
+- Complete the steps in [Get started with custom policies](custom-policy-get-started.md). You should have a working custom policy for sign-up and sign-in with local accounts.
+- Learn how to [Integrate REST API claims exchanges in your Azure AD B2C custom policy](custom-policy-rest-api-intro.md).
 
 ## Prepare a REST API endpoint
 
@@ -110,7 +98,7 @@ A [Restful technical profile](restful-technical-profile.md) provides support for
   <DisplayName>REST APIs</DisplayName>
   <TechnicalProfiles>
     <TechnicalProfile Id="REST-ValidateProfile">
-      <DisplayName>Check Player Tag Web Hook Azure Function</DisplayName>
+      <DisplayName>Check loyaltyId Azure Function web hook</DisplayName>
       <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.RestfulProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
       <Metadata>
         <Item Key="ServiceUrl">https://your-account.azurewebsites.net/api/ValidateProfile?code=your-code</Item>
@@ -138,7 +126,7 @@ A [Restful technical profile](restful-technical-profile.md) provides support for
 
 In this example, the `userLanguage` will be sent to the REST service as `lang` within the JSON payload. The value of the `userLanguage` claim contains the current user language ID. For more information, see [claim resolver](claim-resolver-overview.md).
 
-The comments above `AuthenticationType` and `AllowInsecureAuthInProduction` specify changes you should make when you move to a production environment. To learn how to secure your RESTful APIs for production, see [Secure RESTful APIs with basic auth](secure-rest-api-dotnet-basic-auth.md) and [Secure RESTful APIs with certificate auth](secure-rest-api-dotnet-certificate-auth.md).
+The comments above `AuthenticationType` and `AllowInsecureAuthInProduction` specify changes you should make when you move to a production environment. To learn how to secure your RESTful APIs for production, see [Secure RESTful API](secure-rest-api.md).
 
 ## Validate the user input
 
@@ -253,7 +241,7 @@ To return the promo code claim back to the relying party application, add an out
   "iat": 1584292103,
   "auth_time": 1584292103,
   "name": "Emily Smith",
-  "email": "joe@outlook.com",
+  "email": "emily@outlook.com",
   "given_name": "Emily",
   "family_name": "Smith",
   "promoCode": "84362"
@@ -263,10 +251,8 @@ To return the promo code claim back to the relying party application, add an out
 
 ## Next steps
 
-
 To learn how to secure your APIs, see the following articles:
 
 - [Walkthrough: Integrate REST API claims exchanges in your Azure AD B2C user journey as an orchestration step](custom-policy-rest-api-claims-exchange.md)
-- [Secure your RESTful API with basic authentication (username and password)](secure-rest-api-dotnet-basic-auth.md)
-- [Secure your RESTful API with client certificates](secure-rest-api-dotnet-certificate-auth.md)
+- [Secure your RESTful API](secure-rest-api.md)
 - [Reference: RESTful technical profile](restful-technical-profile.md)