Merge branch 'MicrosoftDocs:main' into main

Author: flang-msft

.openpublishing.publish.config.json

@@ -32,6 +32,12 @@
   "need_preview_pull_request": true,
   "contribution_branch_mappings": {},
   "dependent_repositories": [
+    {
+      "path_to_root": "azure-docs-snippets-pr",
+      "url": "https://github.com/MicrosoftDocs/azure-docs-snippets-pr",
+      "branch": "main",
+      "branch_mapping": {}
+    },
     {
       "path_to_root": "azure-dev-docs-pr",
       "url": "https://github.com/MicrosoftDocs/azure-dev-docs-pr",

.openpublishing.redirection.active-directory.json

@@ -1,5 +1,15 @@
 {
   "redirections": [
+    {
+      "source_path_from_root": "/articles/active-directory/develop/active-directory-claims-mapping.md",
+      "redirect_url": "/azure/active-directory/develop/active-directory-saml-claims-customization",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/active-directory/develop/configure-token-lifetimes.md",
+      "redirect_url": "/azure/active-directory/develop/active-directory-saml-claims-customization",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/active-directory/authentication/how-to-mfa-microsoft-managed.md",
       "redirect_url": "/azure/active-directory/authentication/concept-authentication-default-enablement",
@@ -50,6 +60,11 @@
       "redirect_url": "/azure/active-directory/saas-apps/safety-culture-tutorial",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/active-directory/saas-apps/firstbird-tutorial.md",
+      "redirect_url": "/azure/active-directory/saas-apps/radancys-employee-referrals-tutorial",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/active-directory/saas-apps/icertisicm-tutorial.md",
       "redirect_url": "/azure/active-directory/saas-apps/tutorial-list",
@@ -11035,6 +11050,11 @@
       "source_path_from_root": "/articles/active-directory/cloud-infrastructure-entitlement-management/permissions-management-trial-playbook.md",
       "redirect_url": "/azure/active-directory/cloud-infrastructure-entitlement-management/permissions-management-trial-user-guide",
       "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/active-directory/develop/microsoft-graph-intro.md",
+      "redirect_url": "/graph/overview?toc=/azure/active-directory/develop/toc.json&bc=/azure/active-directory/develop/breadcrumb/toc.json",
+      "redirect_document_id": false
     }
   ]
 }

.openpublishing.redirection.json

@@ -35,7 +35,7 @@
   # - name: 4 - Create custom policies
     # Create this file (tutorial-create-custom-policies.md), and content into it. You also need to update the index.yml's card, Customize, to reflect the new file name
     # What keywords users are searching in TOC: https://review.docs.microsoft.com/en-us/help/contribute/kusto/samples/discoverability-toc-filter?branch=main 
-    # href: tutorial-create-user-flows.md
+    # href:tutorial-create-user-flows.md
   - name: 4 - Manage your tenant
     href: tenant-management.md
     displayName: break glass account, emergence account
@@ -106,6 +106,7 @@
       href: user-flow-overview.md
     - name: Custom policy overview
       href: custom-policy-overview.md
+      displayName: extend, extensibility
   - name: API Connectors
     href: api-connectors-overview.md
     displayName: REST API, web API, API connectors, Dynamic data retrieval, external data sources, external identity data source, outbound webhooks, third-party integration
@@ -461,7 +462,8 @@
     - name: Integrate with our technology partners
       items:
       - name: Azure AD B2C partner gallery
-        href: partner-gallery.md      
+        href: partner-gallery.md     
+        displayName: marketplace, integration, extensibility, extend, customization, customisation
     # Secure
   - name: Secure
     items:

articles/active-directory-b2c/TOC.yml

@@ -4,43 +4,52 @@ titleSuffix: Azure AD B2C
 description: Learn about our partners who integrate with Azure AD B2C to provide identity proofing and verification solutions 
 services: active-directory-b2c
 author: gargi-sinha
-manager: CelesteDG
+manager: martinco
 ms.reviewer: kengaderdus
-
 ms.service: active-directory
 ms.workload: identity
 ms.topic: how-to
-ms.date: 09/13/2022
+ms.date: 01/18/2023
 ms.author: gasinh
-ms.subservice: B2C
 ---
 
 # Identity verification and proofing partners
 
-With Azure AD B2C partners, customers can enable identity verification and proofing of their end users before allowing  account registration or access. Identity verification and proofing can check document, knowledge-based information and liveness.
+With Azure Active Directory B2C (Azure AD B2C) and solutions from software-vendor partners, customers can enable end-user identity verification and proofing for account registration. Identity verification and proofing can check documents, knowledge-based information, and liveness.
+
+## Architecture diagram
+
+The following architecture diagram illustrates the verification and proofing flow.
 
-A high-level architecture diagram explains the flow.
+   ![Diagram of of the identity proofing flow, from registration to access approval.](./media/partner-gallery/third-party-identity-proofing.png)
 
-![Diagram shows the identity proofing flow](./media/partner-gallery/third-party-identity-proofing.png)
+1. User begins registration with a device.
+2. User enters information.
+3. Digital-risk score is assessed, then third-party identity proofing and identity validation occurs.
+4. Identity is validated or rejected.
+5. User attributes are passed to Azure Active Directory B2C.
+6. If user verification is successful, a user account is created in Azure AD B2C during sign-in.
+7. Based on the verification result, the user receives an access-approved or -denied message.
 
-Microsoft partners with the following ISV partners.
+## Software vendors and integration documentation
 
-| ISV partner | Description and integration walkthroughs |
-|:-------------------------|:--------------|
-| ![Screenshot of a deduce logo.](./media/partner-gallery/deduce-logo.png) | [Deduce](./partner-deduce.md) is an identity verification and proofing provider focused on stopping account takeover and registration fraud. It helps combat identity fraud and creates a trusted user experience. |
-| ![Screenshot of a eid-me logo](./media/partner-gallery/eid-me-logo.png) | [eID-Me](./partner-eid-me.md) is an identity verification and decentralized digital identity solution for Canadian citizens. It enables organizations to meet Identity Assurance Level (IAL) 2 and Know Your Customer (KYC) requirements. |
-|![Screenshot of an Experian logo.](./media/partner-gallery/experian-logo.png) | [Experian](./partner-experian.md) is an Identity verification and proofing provider that performs risk assessments based on user attributes to prevent fraud. |
-|![Screenshot of an IDology logo.](./media/partner-gallery/idology-logo.png) | [IDology](./partner-idology.md) is an Identity verification and proofing provider with ID verification solutions, fraud prevention solutions, compliance solutions, and others.|
-|![Screenshot of a Jumio logo.](./media/partner-gallery/jumio-logo.png) | [Jumio](./partner-jumio.md) is an ID verification service, which enables real-time automated ID verification, safeguarding customer data. |
-| ![Screenshot of a LexisNexis logo.](./media/partner-gallery/lexisnexis-logo.png) | [LexisNexis](./partner-lexisnexis.md) is a profiling and identity validation provider that verifies user identification and provides comprehensive risk assessment based on user’s device. |
-| ![Screenshot of a Onfido logo](./media/partner-gallery/onfido-logo.png) | [Onfido](./partner-onfido.md) is a document ID and facial biometrics verification solution that allows companies to meet *Know Your Customer* and identity requirements in real time.  |
+Microsoft partners with independent software vendors (ISVs). Use the following table to locate an ISV and related integration documentation. 
 
-## Additional information
+| ISV logo | ISV link and description| Integration documentation|
+|---|---|---|
+| ![Screenshot of the Deduce logo.](./media/partner-gallery/deduce-logo.png) | [Deduce](https://www.deduce.com/): Identity verification and proofing provider that helps stop account takeover and registration fraud. Use it to combat identity fraud and create a trusted user experience. |[Configure Azure AD B2C with Deduce to combat identity fraud and create a trusted user experience](partner-deduce.md)|
+| ![Screenshot of the eID-Me logo.](./media/partner-gallery/eid-me-logo.png) |  [Bluink, Ltd.](https://bluink.ca/): eID-Me is an identity verification and decentralized digital identity solution for Canadian citizens. Use it to meet Identity Assurance Level (IAL) 2 and Know Your Customer (KYC) requirements. |[Configure eID-Me with Azure AD B2C for identity verification](partner-eid-me.md)|
+|![Screenshot of the Experian logo.](./media/partner-gallery/experian-logo.png) | [Experian Information Solutions, Inc.](https://www.experian.com/business/products/crosscore): Identity verification and proofing provider with solutions that perform risk assessments based on user attributes. |[Tutorial: Configure Experian with Azure AD B2C](partner-experian.md)|
+|![Screenshot of the IDology logo.](./media/partner-gallery/idology-logo.png) | [IDology, a GBG company](https://www.idology.com/solutions/): Identity verification and proofing provider with ID verification, fraud prevention, and compliance solutions.|[Tutorial for configuring IDology with Azure AD B2C](partner-idology.md)|
+|![Screenshot of the Jumio logo.](./media/partner-gallery/jumio-logo.png) | [Jumio](https://www.jumio.com/): Identify verification service with products for real-time, automated ID verification. |[Tutorial for configuring Jumio with Azure AD B2C](partner-jumio.md)|
+| ![Screenshot of the LexisNexis logo.](./media/partner-gallery/lexisnexis-logo.png) | [LexisNexis Risk Solutions Group](https://risk.lexisnexis.com/products/threatmetrix): Profiling and identity validation provider that verifies user identification and provides risk assessment based on user devices. See, ThreatMetrix. |[Tutorial for configuring LexisNexis with Azure AD B2C](partner-lexisnexis.md)|
+| ![Screenshot of the Onfido logo.](./media/partner-gallery/onfido-logo.png) | [Onfido](https://onfido.com/): Document ID and facial biometrics verification solutions to meet Know Your Customer (KYC) and identity requirements.  |[Tutorial for configuring Onfido with Azure AD B2C](partner-onfido.md)|
 
-- [Custom policies in Azure AD B2C](./custom-policy-overview.md)
+## Resources
 
-- [Get started with custom policies in Azure AD B2C](./tutorial-create-user-flows.md?pivots=b2c-custom-policy&tabs=applications)
+- [Azure AD B2C custom policy overview](custom-policy-overview.md)
+- [Tutorial: Create user flows and custom policies in Azure Active Directory B2C](tutorial-create-user-flows.md?pivots=b2c-custom-policy&tabs=applications)
 
 ## Next steps
 
-Select a partner in the tables mentioned to learn how to integrate their solution with Azure AD B2C.
+Select and contact a partner from the previous table to get started on solution integration with Azure AD B2C. The partners have similar processes to contact them for a product demo.

articles/active-directory-b2c/identity-verification-proofing.md

@@ -69,6 +69,8 @@ Sometimes, your users may get messages from Multi-Factor Authentication because
 | **OathCodeIncorrect** | Wrong code entered\OATH Code Incorrect | The user entered the wrong code. Have them try again by requesting a new code or signing in again. |
 | **SMSAuthFailedMaxAllowedCodeRetryReached** | Maximum allowed code retry reached | The user failed the verification challenge too many times. Depending on your settings, they may need to be unblocked by an admin now.  |
 | **SMSAuthFailedWrongCodeEntered** | Wrong code entered/Text Message OTP Incorrect | The user entered the wrong code. Have them try again by requesting a new code or signing in again. |
+| **AuthenticationThrottled** | Too many attempts by user in a short period of time. Throttling. | Microsoft may limit repeated authentication attempts that are performed by the same user in a short period of time. This limitation does not apply to the Microsoft Authenticator or verification code. If you have hit these limits, you can use the Authenticator App, verification code or try to sign in again in a few minutes. |
+| **AuthenticationMethodLimitReached** | Authentication Method Limit Reached. Throttling. | Microsoft may limit repeated authentication attempts that are performed by the same user using the same authentication method type in a short period of time, specifically Voice call or SMS. This limitation does not apply to the Microsoft Authenticator or verification code. If you have hit these limits, you can use the Authenticator App, verification code or try to sign in again in a few minutes.|
 
 ## Errors that require support
 

articles/active-directory/authentication/howto-mfa-nps-extension-errors.md

@@ -143,7 +143,7 @@
     - name: Reactivate disabled Access Control Service namespaces
       href: howto-reactivate-disabled-acs-namespaces.md
   - name: Use the Microsoft Graph API
-    href: ../develop/microsoft-graph-intro.md?toc=/azure/active-directory/azuread-dev/toc.json&bc=/azure/active-directory/azuread-dev/breadcrumb/toc.json
+    href: /graph/overview?toc=/azure/active-directory/azuread-dev/toc.json&bc=/azure/active-directory/azuread-dev/breadcrumb/toc.json
   - name: AD FS for developers
     href: /windows-server/identity/ad-fs/ad-fs-overview
 - name: References
@@ -152,7 +152,7 @@
     displayName: ADAL
     href: active-directory-authentication-libraries.md
   - name: Microsoft Graph API
-    href: ../develop/microsoft-graph-intro.md?toc=/azure/active-directory/azuread-dev/toc.json&bc=/azure/active-directory/azuread-dev/breadcrumb/toc.json
+    href: /graph/overview?toc=/azure/active-directory/azuread-dev/toc.json&bc=/azure/active-directory/azuread-dev/breadcrumb/toc.json
   - name: Application manifest
     href: ../develop/reference-app-manifest.md?toc=/azure/active-directory/azuread-dev/toc.json&bc=/azure/active-directory/azuread-dev/breadcrumb/toc.json
   - name: Authentication and authorization error codes

articles/active-directory/azuread-dev/TOC.yml

@@ -26,7 +26,7 @@
         - name: Microsoft Authentication Library (MSAL)
           href: msal-overview.md
         - name: Microsoft Graph
-          href: microsoft-graph-intro.md
+          href: /graph/overview?toc=/azure/active-directory/develop/toc.json&bc=/azure/active-directory/develop/breadcrumb/toc.json
         - name: Glossary of terms
           displayName: dictionary, terminology
           href: developer-glossary.md
@@ -124,14 +124,10 @@
               href: active-directory-optional-claims.md
             - name: Configure role claim
               href: active-directory-enterprise-app-role-management.md
-            - name: Configure token lifetimes
-              href: configure-token-lifetimes.md
             - name: Customize JWT claims
               href: active-directory-jwt-claims-customization.md
             - name: Customize SAML claims
               href: active-directory-saml-claims-customization.md
-            - name: Customize claims using PowerShell
-              href: active-directory-claims-mapping.md
             - name: Directory extension attributes
               href: active-directory-schema-extensions.md
             - name: SAML app multi-instancing