Merge pull request #48343 from MicrosoftDocs/master

8/6 PM Publish

Author: huypub

.openpublishing.redirection.json

@@ -15365,6 +15365,161 @@
             "redirect_url": "/azure/active-directory/develop/quickstart-v1-openid-connect-code",
             "redirect_document_id": false
         },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-devquickstarts-angular.md",
+            "redirect_url": "/azure/active-directory/develop/quickstart-v1-angularjs-spa",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-devquickstarts-webapi-dotnet.md",
+            "redirect_url": "/azure/active-directory/develop/quickstart-v1-dotnet-webapi",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-devquickstarts-webapi-nodejs.md",
+            "redirect_url": "/azure/active-directory/develop/quickstart-v1-nodejs-webapi",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-v2-code-samples.md",
+            "redirect_url": "/azure/active-directory/develop/sample-v2-code",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-code-samples.md",
+            "redirect_url": "/azure/active-directory/develop/sample-v1-code",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-protocols-oauth-code.md",
+            "redirect_url": "/azure/active-directory/develop/v1-protocols-oauth-code",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-v2-protocols-oidc.md",
+            "redirect_url": "/azure/active-directory/develop/v2-protocols-oidc",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-protocols-openid-connect-code.md",
+            "redirect_url": "/azure/active-directory/develop/v1-protocols-openid-connect-code",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-dev-understanding-oauth2-implicit-grant.md",
+            "redirect_url": "/azure/active-directory/develop/v1-oauth2-implicit-grant-flow",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-v2-protocols-implicit.md",
+            "redirect_url": "/azure/active-directory/develop/v2-oauth2-implicit-grant-flow",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-v2-protocols-oauth-code.md",
+            "redirect_url": "/azure/active-directory/develop/v2-oauth2-auth-code-flow",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-protocols-oauth-on-behalf-of.md",
+            "redirect_url": "/azure/active-directory/develop/v1-oauth2-on-behalf-of-flow",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-v2-protocols-oauth-on-behalf-of.md",
+            "redirect_url": "/azure/active-directory/develop/v2-oauth2-on-behalf-of-flow",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-protocols-oauth-service-to-service.md",
+            "redirect_url": "/azure/active-directory/develop/v1-oauth2-client-creds-grant-flow",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-v2-protocols-oauth-client-creds.md",
+            "redirect_url": "/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-application-objects.md",
+            "redirect_url": "/azure/active-directory/develop/app-objects-and-service-principals",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-devhowto-multi-tenant-overview.md",
+            "redirect_url": "/azure/active-directory/develop/howto-convert-app-to-be-multi-tenant",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-token-and-claims.md",
+            "redirect_url": "/azure/active-directory/develop/v1-id-and-access-tokens",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-v2-tokens.md",
+            "redirect_url": "/azure/active-directory/develop/v2-id-and-access-tokens",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-permissions.md",
+            "redirect_url": "/azure/active-directory/develop/v1-permissions-and-consent",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-v2-scopes.md",
+            "redirect_url": "/azure/active-directory/develop/v2-permissions-and-consent",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-conditional-access-developer.md",
+            "redirect_url": "/azure/active-directory/develop/conditional-access-dev-guide",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-v2-compare.md",
+            "redirect_url": "/azure/active-directory/develop/azure-ad-endpoint-comparison",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-single-sign-on-protocol-reference.md",
+            "redirect_url": "/azure/active-directory/develop/single-sign-on-saml-protocol",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-single-sign-out-protocol-reference.md",
+            "redirect_url": "/azure/active-directory/develop/single-sign-out-saml-protocol",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-federation-metadata.md",
+            "redirect_url": "/azure/active-directory/develop/azure-ad-federation-metadata",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-branding-guidelines.md",
+            "redirect_url": "/azure/active-directory/develop/howto-add-branding-in-azure-ad-apps",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-app-terms-service-privacy-statement.md",
+            "redirect_url": "/azure/active-directory/develop/howto-add-terms-of-service-privacy-statement",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-sso-android.md",
+            "redirect_url": "/azure/active-directory/develop/howto-v1-enable-sso-on-android",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-sso-ios.md",
+            "redirect_url": "/azure/active-directory/develop/howto-v1-enable-sso-on-ios",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/develop/active-directory-saml-debugging.md",
+            "redirect_url": "/azure/active-directory/develop/howto-v1-debug-saml-sso-issues",
+            "redirect_document_id": false
+        },
         {
             "source_path": "articles/virtual-machines/virtual-machines-linux-expand-disks.md",
             "redirect_url": "/azure/virtual-machines/linux/expand-disks",
@@ -26811,6 +26966,21 @@
             "source_path": "articles/active-directory/active-directory-conditional-access-whatif.md",
             "redirect_url": "/azure/active-directory/conditional-access/what-if-tool",
             "redirect_document_id": true
+        },
+		{
+            "source_path": "articles/active-directory/active-directory-conditional-faqs.md",
+            "redirect_url": "/azure/active-directory/conditional-access/faqs",
+            "redirect_document_id": true
+        },
+		{
+            "source_path": "articles/active-directory/active-directory-conditional-access-migration.md",
+            "redirect_url": "/azure/active-directory/conditional-access/policy-migration",
+            "redirect_document_id": true
+        },
+		{
+            "source_path": "articles/active-directory/active-directory-conditional-access-migration-mfa.md",
+            "redirect_url": "/azure/active-directory/conditional-access/policy-migration-mfa",
+            "redirect_document_id": true
         }
     ]
 }

CODEOWNERS

@@ -5,3 +5,4 @@
 # articles/virtual-machines/windows/  @iainfoulds @cynthn
 # articles/application-insights/  @SergeyKanzhelev
 # articles/cosmos-db/ @mimig1
+articles/cognitive-services/ @nitinme

articles/active-directory-domain-services/active-directory-ds-troubleshoot-service-principals.md

@@ -26,7 +26,7 @@ This article helps you troubleshoot and resolve service principal-related config
 
 **Alert message:** *A Service Principal required for Azure AD Domain Services to function properly has been deleted from your Azure AD directory. This configuration impacts Microsoft's ability to monitor, manage, patch, and synchronize your managed domain.*
 
-[Service principals](../active-directory/develop/active-directory-application-objects.md) are applications that Microsoft uses to manage, update, and maintain your managed domain. If they are deleted, it breaks Microsoft's ability to service your domain.
+[Service principals](../active-directory/develop/app-objects-and-service-principals.md) are applications that Microsoft uses to manage, update, and maintain your managed domain. If they are deleted, it breaks Microsoft's ability to service your domain.
 
 
 ## Check for missing service principals

articles/active-directory/TOC.md

@@ -408,7 +408,7 @@
 ##### [Require terms of use to be accepted](conditional-access/require-tou.md)
 ##### [Block access when a session risk is detected](conditional-access/app-sign-in-risk.md)
 #### Tutorials
-##### [Migrate classic MFA policy](active-directory-conditional-access-migration-mfa.md)
+##### [Migrate classic MFA policy](conditional-access/policy-migration-mfa.md)
 #### Concepts
 ##### [Baseline Protection](conditional-access/baseline-protection.md)
 ##### [Conditions](conditional-access/conditions.md)
@@ -422,12 +422,12 @@
 ##### [Set up device-based conditional access](active-directory-conditional-access-policy-connected-applications.md)
 ##### [Set up app-based conditional access](active-directory-conditional-access-mam.md)
 ##### [Provide terms of use for users and apps](active-directory-tou.md)
-##### [Migrate classic policies](active-directory-conditional-access-migration.md)
+##### [Migrate classic policies](conditional-access/policy-migration.md)
 ##### [Set up VPN connectivity](https://docs.microsoft.com/windows-server/remote/remote-access/vpn/always-on-vpn/deploy/always-on-vpn-deploy)
 ##### [Set up SharePoint and Exchange Online](active-directory-conditional-access-no-modern-authentication.md)
 ##### [Remediation](active-directory-conditional-access-device-remediation.md)
 #### [Technical reference](active-directory-conditional-access-technical-reference.md)
-#### [FAQs](active-directory-conditional-faqs.md)
+#### [FAQs](conditional-access/faqs.md)
 
 ### Certificate-based Authentication
 #### [Android](active-directory-certificate-based-authentication-android.md)

articles/active-directory/active-directory-apps-index.md

@@ -37,7 +37,7 @@ This section provides quick access to relevant troubleshooting guides. More info
 
 | Feature Area |  |
 |:---:| --- |
-| Federated Single Sign-On |[Troubleshooting SAML-Based Single Sign-On](active-directory-saml-debugging.md) |
+| Federated Single Sign-On |[Troubleshooting SAML-Based Single Sign-On](develop/howto-v1-debug-saml-sso-issues.md) |
 | Password-Based Single Sign-On |[Troubleshooting the Access Panel Extension for Internet Explorer](active-directory-saas-ie-troubleshooting.md) |
 | Application Proxy |[App Proxy Troubleshooting Guide](manage-apps/application-proxy-troubleshoot.md) |
 | Single sign-on between on-prem AD and Azure AD |[Troubleshooting Password Hash Synchronization](connect/active-directory-aadconnectsync-implement-password-hash-synchronization.md#troubleshoot-password-hash-synchronization)<br /><br />[Troubleshooting Password Writeback](authentication/active-directory-passwords-troubleshoot.md#troubleshoot-password-writeback) |
@@ -53,7 +53,7 @@ Single sign-on allows users to access a variety of apps and services using only
 | Thousands of SaaS apps that are pre-integrated with Azure AD with simplified single sign-on configuration steps |[Getting started with the Azure AD application gallery](manage-apps/what-is-single-sign-on.md#get-started-with-the-azure-ad-application-gallery)<br /><br />[Full List of Pre-Integrated Apps that Support Federation](saas-apps/tutorial-list.md)<br /><br />[How to Add Your App to the Azure AD App Gallery](active-directory-app-gallery-listing.md) |
 | More than 150 app tutorials on how to configure single sign-on for apps such as [Salesforce](saas-apps/salesforce-tutorial.md), [ServiceNow](saas-apps/servicenow-tutorial.md), [Google Apps](saas-apps/google-apps-tutorial.md), [Workday](saas-apps/workday-tutorial.md), and many more |[List of Tutorials on How to Integrate SaaS Apps with Azure Active Directory](saas-apps/tutorial-list.md) |
 | How to manually set up and customize your single sign-on configuration |[How to Configure Federated Single Sign-On to Apps that are not in the Azure Active Directory Application Gallery](application-config-sso-how-to-configure-federated-sso-non-gallery.md)<br /><br />[How to Customize Claims Issued in the SAML Token for Pre-Integrated Apps](active-directory-saml-claims-customization.md) |
-| Troubleshooting guide for federated apps that use the SAML protocol |[Troubleshooting SAML-Based Single Sign-On](active-directory-saml-debugging.md) |
+| Troubleshooting guide for federated apps that use the SAML protocol |[Troubleshooting SAML-Based Single Sign-On](develop/howto-v1-debug-saml-sso-issues.md) |
 | How to configure your app's certificate's expiration date, and how to renew your certificates |[Managing Certificates for Federated Single Sign-On in Azure Active Directory](manage-apps/manage-certificates-for-federated-single-sign-on.md) |
 
 Federated single sign-on is available for all editions of Azure AD for up to ten apps per user. [Azure AD Premium](https://azure.microsoft.com/pricing/details/active-directory/) supports unlimited applications. If your organization has [Azure AD Basic](https://azure.microsoft.com/pricing/details/active-directory/) or [Azure AD Premium](https://azure.microsoft.com/pricing/details/active-directory/), then you can [use groups to assign access to federated applications](#managing-access-to-applications).

articles/active-directory/active-directory-configurable-token-lifetimes.md

@@ -45,7 +45,7 @@ You can set token lifetime policies for refresh tokens, access tokens, session t
 Clients use access tokens to access a protected resource. An access token can be used only for a specific combination of user, client, and resource. Access tokens cannot be revoked and are valid until their expiry. A malicious actor that has obtained an access token can use it for extent of its lifetime. Adjusting the lifetime of an access token is a trade-off between improving system performance and increasing the amount of time that the client retains access after the user’s account is disabled. Improved system performance is achieved by reducing the number of times a client needs to acquire a fresh access token.  The default is 1 hour - after 1 hour, the client must use the refresh token to (usually silently) acquire a new refresh token and access token. 
 
 ### Refresh tokens
-When a client acquires an access token to access a protected resource, the client also receives a refresh token. The refresh token is used to obtain new access/refresh token pairs when the current access token expires. A refresh token is bound to a combination of user and client. A refresh token can be [revoked at any time](develop/active-directory-token-and-claims.md#token-revocation), and the token's validity is checked every time the token is used.  
+When a client acquires an access token to access a protected resource, the client also receives a refresh token. The refresh token is used to obtain new access/refresh token pairs when the current access token expires. A refresh token is bound to a combination of user and client. A refresh token can be [revoked at any time](develop/v1-id-and-access-tokens.md#token-revocation), and the token's validity is checked every time the token is used.  
 
 It's important to make a distinction between confidential clients and public clients, as this impacts how long refresh tokens can be used. For more information about different types of clients, see [RFC 6749](https://tools.ietf.org/html/rfc6749#section-2.1).
 
@@ -103,7 +103,7 @@ You can create and then assign a token lifetime policy to a specific application
 * If no policy is explicitly assigned to the service principal or to the organization, the policy assigned to the application is enforced.
 * If no policy has been assigned to the service principal, the organization, or the application object, the default values is enforced. (See the table in [Configurable token lifetime properties](#configurable-token-lifetime-properties).)
 
-For more information about the relationship between application objects and service principal objects, see [Application and service principal objects in Azure Active Directory](active-directory-application-objects.md).
+For more information about the relationship between application objects and service principal objects, see [Application and service principal objects in Azure Active Directory](develop/app-objects-and-service-principals.md).
 
 A token’s validity is evaluated at the time the token is used. The policy with the highest priority on the application that is being accessed takes effect.
 

articles/active-directory/active-directory-saas-custom-apps.md

@@ -144,7 +144,7 @@ Assigning a user will allow Azure AD to issue a token for the user. It also caus
 
 ### Test the SAML application
 
-Before testing the SAML application, you must have set up the application with Azure AD, and assigned users or groups to the application. To test the SAML application, see [How to debug SAML-based single sign-on to applications in Azure Active Directory](develop/active-directory-saml-debugging.md).
+Before testing the SAML application, you must have set up the application with Azure AD, and assigned users or groups to the application. To test the SAML application, see [How to debug SAML-based single sign-on to applications in Azure Active Directory](develop/howto-v1-debug-saml-sso-issues.md).
 
 ## Password single sign-on
 

articles/active-directory/conditional-access/best-practices.md

@@ -145,7 +145,7 @@ Consider migrating the policies you have not created in the Azure portal because
 - The Azure classic portal has been retired.   
 
 
-For more information, see [Migrate classic policies in the Azure portal](../active-directory-conditional-access-migration.md).
+For more information, see [Migrate classic policies in the Azure portal](policy-migration.md).
 
 
 ## Next steps