Merge pull request #248281 from alexbuckgit/alexbuckgit/docutune-autopr-20230815-021313-5631380-ignore-build

[BULK] DocuTune - Update stale local links (part 10)

Author: ttorble

articles/active-directory/develop/refresh-tokens.md

@@ -56,7 +56,7 @@ The server can revoke refresh tokens because of a change in credentials, user ac
 
 - [Access tokens in the Microsoft identity platform](access-tokens.md) 
 - [ID tokens in the Microsoft identity platform](id-tokens.md)
-- [Invalidate refresh token](https://learn.microsoft.com/powershell/module/microsoft.graph.beta.users.actions/invoke-mgbetainvalidateuserrefreshtoken?view=graph-powershell-beta.md)
+- [Invalidate refresh token](/powershell/module/microsoft.graph.beta.users.actions/invoke-mgbetainvalidateuserrefreshtoken?view=graph-powershell-beta)
 - [Single sign-out](v2-protocols-oidc.md#single-sign-out)
 
 ## Next steps

articles/active-directory/manage-apps/migrate-adfs-apps-phases-overview.md

@@ -41,11 +41,11 @@ Your applications are likely using the following types of authentication:
 
 To ensure that the users can easily and securely access applications, your goal is to have a single set of access controls and policies across your on-premises and cloud environments.
 
-[Azure AD](../fundamentals/active-directory-whatis.md) offers a universal identity platform that provides your employees, partners, and customers a single identity to access the applications they want and collaborate from any platform and device.
+[Azure AD](../fundamentals/whatis.md) offers a universal identity platform that provides your employees, partners, and customers a single identity to access the applications they want and collaborate from any platform and device.
 
 :::image type="content" source="media/migrate-adfs-apps-phases-overview/connectivity.png" alt-text="Diagram showing Azure AD connectivity.":::
 
-Azure AD has a [full suite of identity management capabilities](../fundamentals/active-directory-whatis.md#which-features-work-in-azure-ad). Standardizing your app authentication and authorization to Azure AD gets you the benefits that these capabilities provide.
+Azure AD has a [full suite of identity management capabilities](../fundamentals/whatis.md#which-features-work-in-azure-ad). Standardizing your app authentication and authorization to Azure AD gets you the benefits that these capabilities provide.
 
 You can find more migration resources at [https://aka.ms/migrateapps](./migration-resources.md)
 

articles/active-directory/manage-apps/migrate-adfs-apps-stages.md

@@ -31,7 +31,7 @@ For more information, see:
 * [Using Azure AD Application Proxy to publish on-premises apps for remote users](../app-proxy/what-is-application-proxy.md).
 * [What is application management?](what-is-application-management.md)
 * [AD FS application activity report to migrate applications to Azure AD](migrate-adfs-application-activity.md).
-* [Monitor AD FS using Azure AD Connect Health](../hybrid/how-to-connect-health-adfs.md).
+* [Monitor AD FS using Azure AD Connect Health](../hybrid/connect/how-to-connect-health-adfs.md).
 
 ## The migration process
 
@@ -65,7 +65,7 @@ Update the configuration of your production app to point to your production Azur
 
 :::image type="content" source="media/migrate-adfs-apps-stages/stage4.jpg" alt-text="Diagram showing migration stage 4.":::
 
- Apps that authenticate with AD FS can use Active Directory groups for permissions. Use [Azure AD Connect sync](../hybrid/how-to-connect-sync-whatis.md) to sync identity data between your on-premises environment and Azure AD before you begin migration. Verify those groups and membership before migration so that you can grant access to the same users when the application is migrated.
+ Apps that authenticate with AD FS can use Active Directory groups for permissions. Use [Azure AD Connect sync](../hybrid/connect/how-to-connect-sync-whatis.md) to sync identity data between your on-premises environment and Azure AD before you begin migration. Verify those groups and membership before migration so that you can grant access to the same users when the application is migrated.
 
 ## Line of business apps
 

articles/active-directory/manage-apps/migrate-adfs-discover-scope-apps.md

@@ -24,9 +24,9 @@ The first decision in the migration process is which apps to migrate, which if a
 
 Discover applications using ADFS:
 
-- **Use Azure AD Connect Health for ADFS**: If you have an Azure AD Premium license, we recommend deploying [Azure AD Connect Health](../hybrid/how-to-connect-health-adfs.md) to analyze the app usage in your on-premises environment. You can use the [ADFS application report](./migrate-adfs-application-activity.md) to discover ADFS applications that can be migrated and evaluate the readiness of the application to be migrated.
+- **Use Azure AD Connect Health for ADFS**: If you have an Azure AD Premium license, we recommend deploying [Azure AD Connect Health](../hybrid/connect/how-to-connect-health-adfs.md) to analyze the app usage in your on-premises environment. You can use the [ADFS application report](./migrate-adfs-application-activity.md) to discover ADFS applications that can be migrated and evaluate the readiness of the application to be migrated.
 
-- If you don’t have Azure AD Premium licenses, we recommend using the ADFS to Azure AD app migration tools based on [PowerShell](https://github.com/AzureAD/Deployment-Plans/tree/master/ADFS%20to%20AzureAD%20App%20Migration). Refer to [solution guide](./migrate-adfs-apps-to-azure.md):
+- If you don’t have Azure AD Premium licenses, we recommend using the ADFS to Azure AD app migration tools based on [PowerShell](https://github.com/AzureAD/Deployment-Plans/tree/master/ADFS%20to%20AzureAD%20App%20Migration). Refer to [solution guide](./migrate-adfs-apps-stages.md):
 
 > [!VIDEO https://www.youtube.com/embed/PxLIacDpHh4]
 
@@ -65,7 +65,7 @@ Once you've taken the automated approaches described in this article, you have a
 
 Once you find your apps, you identify these types of apps in your organization:
 
-- Apps that use modern authentication protocols such as [Security Assertion Markup Language (SAML)](../fundamentals/auth-saml.md) or [OpenID Connect (OIDC)](../fundamentals/auth-oidc.md).
+- Apps that use modern authentication protocols such as [Security Assertion Markup Language (SAML)](../architecture/auth-saml.md) or [OpenID Connect (OIDC)](../architecture/auth-oidc.md).
 - Apps that use legacy authentication such as [Kerberos](https://techcommunity.microsoft.com/t5/itops-talk-blog/deep-dive-how-azure-ad-kerberos-works/ba-p/3070889) or NT LAN Manager (NTLM) that you choose to modernize.
 - Apps that use legacy authentication protocols that you choose NOT to modernize
 - New Line of Business (LoB) apps
@@ -90,7 +90,7 @@ For certain apps using legacy authentication protocols, sometimes modernizing th
 - Apps connected to an on-premises identity or federation provider that you don't want to change.
 - Apps developed using on-premises authentication standards that you have no plans to move
 
-Azure AD can bring great benefits to these legacy apps. You can enable modern Azure AD security and governance features like [Multi-Factor Authentication](../authentication/concept-mfa-howitworks.md), [Conditional Access](../conditional-access/overview.md), [Identity Protection](../identity-protection/index.yml), [Delegated Application Access](./access-panel-manage-self-service-access.md), and [Access Reviews](../governance/manage-user-access-with-access-reviews.md#create-and-perform-an-access-review) against these apps without touching the app at all!
+Azure AD can bring great benefits to these legacy apps. You can enable modern Azure AD security and governance features like [Multi-Factor Authentication](../authentication/concept-mfa-howitworks.md), [Conditional Access](../conditional-access/overview.md), [Identity Protection](../identity-protection/index.yml), [Delegated Application Access](./manage-self-service-access.md), and [Access Reviews](../governance/manage-user-access-with-access-reviews.md#create-and-perform-an-access-review) against these apps without touching the app at all!
 
 - Start by extending these apps into the cloud with [Azure AD Application Proxy](../app-proxy/application-proxy.md).
 - Or explore using on of our [Secure Hybrid Access (SHA) partner integrations](secure-hybrid-access.md) that you might have deployed already.

articles/active-directory/manage-apps/migrate-adfs-plan-management-insights.md

@@ -55,9 +55,9 @@ Azure AD provides a centralized access location to manage your migrated apps. Si
 
 You can also use the [Azure portal](https://portal.azure.com/) to audit all your apps from a centralized location,
 
-- **Audit your app** using **Enterprise Applications, Audit**, or access the same information from the [Azure AD Reporting API](../reports-monitoring/concept-reporting-api.md) to integrate into your favorite tools.
+- **Audit your app** using **Enterprise Applications, Audit**, or access the same information from the [Azure AD Reporting API](../reports-monitoring/howto-configure-prerequisites-for-reporting-api.md) to integrate into your favorite tools.
 - **View the permissions for an app** using **Enterprise Applications, Permissions** for apps using OAuth/OpenID Connect.
-- **Get sign-in insights** using **Enterprise Applications, Sign-Ins**. Access the same information from the [Azure AD Reporting API.](../reports-monitoring/concept-reporting-api.md)
+- **Get sign-in insights** using **Enterprise Applications, Sign-Ins**. Access the same information from the [Azure AD Reporting API.](../reports-monitoring/howto-configure-prerequisites-for-reporting-api.md)
 - **Visualize your app’s usage** from the [Azure AD Power BI content pack](../reports-monitoring/howto-use-azure-monitor-workbooks.md)
 
 ## Exit criteria
@@ -71,7 +71,7 @@ You're successful in this phase when you:
 
 Deployment plans walk you through the business value, planning, implementation steps, and management of Azure AD solutions, including app migration scenarios. They bring together everything that you need to start deploying and getting value out of Azure AD capabilities. The deployment guides include content such as Microsoft recommended best practices, end-user communications, planning guides, implementation steps, test cases, and more.
 
-Many [deployment plans](../fundamentals/deployment-plans.md) are available for your use, and we’re always making more!
+Many [deployment plans](../architecture/deployment-plans.md) are available for your use, and we’re always making more!
 
 ## Contact support
 
@@ -83,4 +83,4 @@ Visit the following support links to create or track support ticket and monitor
 
 ## Next steps
 
-- [Migration process](migrate-adfs-apps-to-azure.md)
+- [Migration process](./migrate-adfs-apps-stages.md)

articles/active-directory/manage-apps/migrate-adfs-represent-security-policies.md

@@ -52,7 +52,7 @@ Explicit group authorization in AD FS:
 
 To map this rule to Azure AD:
 
-1. In the [Entra portal](https://entra.microsoft.com/#home), [create a user group](../fundamentals/active-directory-groups-create-azure-portal.md) that corresponds to the group of users from AD FS.
+1. In the [Entra portal](https://entra.microsoft.com/#home), [create a user group](../fundamentals/how-to-manage-groups.md) that corresponds to the group of users from AD FS.
 1. Assign app permissions to the group:
 
    :::image type="content" source="media/migrate-adfs-represent-security-policies/allow-a-group-explicitly-2.png" alt-text="Screenshot shows how to add a user assignment to the app.":::
@@ -85,7 +85,7 @@ The users/groups selector is a rule that allows you to enforce MFA on a per-grou
 
 Specify MFA rules for a user or a group in Azure AD:
 
-1. Create a [new Conditional Access policy](../authentication/tutorial-enable-azure-mfa.md?bc=%2fazure%2factive-directory%2fconditional-access%2fbreadcrumb%2ftoc.json&toc=%2fazure%2factive-directory%2fconditional-access%2ftoc.json).
+1. Create a [new Conditional Access policy](../authentication/tutorial-enable-azure-mfa.md?bc=/azure/active-directory/conditional-access/breadcrumb/toc.json&toc=/azure/active-directory/conditional-access/toc.json).
 1. Select **Assignments**. Add the user(s) or group(s) for which you want to enforce MFA.
 1. Configure the **Access controls** options as shown in the following screenshots:
 
@@ -95,7 +95,7 @@ Specify MFA rules for a user or a group in Azure AD:
 
 Specify MFA rules for unregistered devices in Azure AD:
 
-1. Create a [new Conditional Access policy](../authentication/tutorial-enable-azure-mfa.md?bc=%2fazure%2factive-directory%2fconditional-access%2fbreadcrumb%2ftoc.json&toc=%2fazure%2factive-directory%2fconditional-access%2ftoc.json).
+1. Create a [new Conditional Access policy](../authentication/tutorial-enable-azure-mfa.md?bc=/azure/active-directory/conditional-access/breadcrumb/toc.json&toc=/azure/active-directory/conditional-access/toc.json).
 1. Set the **Assignments** to **All users**.
 1. Configure the **Access controls** options as shown below:
 
@@ -107,7 +107,7 @@ When you set the **For multiple controls** option to **Require one of the select
 
 Specify MFA rules based on a user's location in Azure AD:
 
-1. Create a [new Conditional Access policy](../authentication/tutorial-enable-azure-mfa.md?bc=%2fazure%2factive-directory%2fconditional-access%2fbreadcrumb%2ftoc.json&toc=%2fazure%2factive-directory%2fconditional-access%2ftoc.json).
+1. Create a [new Conditional Access policy](../authentication/tutorial-enable-azure-mfa.md?bc=/azure/active-directory/conditional-access/breadcrumb/toc.json&toc=/azure/active-directory/conditional-access/toc.json).
 1. Set the **Assignments** to **All users**.
 1. [Configure named locations in Azure AD](../conditional-access/location-condition.md). Otherwise, federation from inside your corporate network is trusted.
 1. Configure the **Conditions rules** to specify the locations for which you would like to enforce MFA.
@@ -141,7 +141,7 @@ Built-in access control policies in AD FS 2016:
    :::image type="content" source="media/migrate-adfs-represent-security-policies/map-built-in-access-control-policies-1.png" alt-text="Screenshot shows Azure AD built in access control.":::
 
 
-To implement built-in policies in Azure AD, use a [new Conditional Access policy](../authentication/tutorial-enable-azure-mfa.md?bc=%2fazure%2factive-directory%2fconditional-access%2fbreadcrumb%2ftoc.json&toc=%2fazure%2factive-directory%2fconditional-access%2ftoc.json) and configure the access controls, or use the custom policy designer in AD FS 2016 to configure access control policies. The Rule Editor has an exhaustive list of Permit and Except options that can help you make all kinds of permutations.
+To implement built-in policies in Azure AD, use a [new Conditional Access policy](../authentication/tutorial-enable-azure-mfa.md?bc=/azure/active-directory/conditional-access/breadcrumb/toc.json&toc=/azure/active-directory/conditional-access/toc.json) and configure the access controls, or use the custom policy designer in AD FS 2016 to configure access control policies. The Rule Editor has an exhaustive list of Permit and Except options that can help you make all kinds of permutations.
 
 :::image type="content" source="media/migrate-adfs-represent-security-policies/map-built-in-access-control-policies-2.png" alt-text="Screenshot shows Azure AD built in access control policies.":::
 
@@ -164,7 +164,7 @@ Here's an example of how to configure the Exclude option for trusted locations i
 
 When you map authorization rules, apps that authenticate with AD FS may use Active Directory groups for permissions. In such a case, use [Azure AD Connect](https://go.microsoft.com/fwlink/?LinkId=615771) to sync these groups with Azure AD before migrating the applications. Make sure that you verify those groups and membership before migration so that you can grant access to the same users when the application is migrated.
 
-For more information, see [Prerequisites for using Group attributes synchronized from Active Directory](../hybrid/how-to-connect-fed-group-claims.md).
+For more information, see [Prerequisites for using Group attributes synchronized from Active Directory](../hybrid/connect/how-to-connect-fed-group-claims.md).
 
 ### Set up user self-provisioning