Merge branch 'main' into patch-14

Author: mries

.openpublishing.redirection.azure-resource-manager.json

@@ -1649,6 +1649,11 @@
             "source_path_from_root": "/articles/dns/dns-getstarted-create-recordset.md",
             "redirect_url": "/azure/dns/dns-getstarted-powershell",
             "redirect_document_id": false
+        },
+		{
+            "source_path_from_root": "/articles/time-series-insights/migration-to-adx.md",
+            "redirect_url": "/azure/time-series-insights/migration-to-fabric.md",
+            "redirect_document_id": false
         },
         {
             "source_path_from_root": "/articles/dns/dns-operations-dnszones-cli-nodejs.md",

.openpublishing.redirection.json

@@ -537,8 +537,6 @@
             href: partner-nok-nok.md
           - name: Transmit Security for passwordless
             href: partner-bindid.md
-          - name: Transmit Security for risk detection
-            href: partner-transmit-security.md
           - name: Trusona
             href: partner-trusona.md
           - name: Twilio
@@ -571,6 +569,8 @@
         - name: Microsoft Dynamics 365 Fraud Protection
           href: partner-dynamics-365-fraud-protection.md
           displayName: m365 dynamics, dynamics fraud protection, fraud, 365 protection
+        - name: Transmit Security
+          href: partner-transmit-security.md
       - name: Investigate risk with Identity Protection
         href: identity-protection-investigate-risk.md
       - name: Configure Conditional Access

articles/active-directory-b2c/TOC.yml

@@ -422,7 +422,7 @@ Upon an application sign-out request, Azure AD B2C attempts to sign out from you
 
 ## Debug SAML protocol
 
-To help configure and debug federation with a SAML identity provider, you can use a browser extension for the SAML protocol, such as [SAML DevTools extension](https://chrome.google.com/webstore/detail/saml-devtools-extension/jndllhgbinhiiddokbeoeepbppdnhhio) for Chrome, [SAML-tracer](https://addons.mozilla.org/es/firefox/addon/saml-tracer/) for FireFox, or [Microsoft Edge or IE Developer tools](https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/gathering-a-saml-token-using-edge-or-ie-developer-tools/ba-p/320957).
+To help configure and debug federation with a SAML identity provider, you can use a browser extension for the SAML protocol, such as [SAML DevTools extension](https://chrome.google.com/webstore/detail/saml-devtools-extension/jndllhgbinhiiddokbeoeepbppdnhhio) for Chrome, [SAML-tracer](https://addons.mozilla.org/es/firefox/addon/saml-tracer/) for FireFox, or [Microsoft Edge or Internet Explorer developer tools](https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/gathering-a-saml-token-using-edge-or-ie-developer-tools/ba-p/320957).
 
 Using these tools, you can check the integration between Azure AD B2C and your SAML identity provider. For example:
 

articles/active-directory-b2c/identity-provider-generic-saml-options.md

@@ -532,7 +532,7 @@ The following IDs are used for an [Microsoft Entra ID multifactor authentication
 | `UserMessageIfMaxAllowedCodeRetryReached` | Wrong code entered too many times, please try again later.|
 | `UserMessageIfServerError` | Cannot use MFA service, please try again later.|
 | `UserMessageIfThrottled` | Your request has been throttled, please try again later.|
-| `UserMessageIfWrongCodeEntered` |Wrong code entered, please try again.|
+| `UserMessageIfIncorrectOTPCodeEntered` |Wrong code entered, please try again.|
 
 <a name='azure-ad-mfa-example'></a>
 
@@ -684,4 +684,4 @@ This example shows localized messages for CAPTCHA display control.
 See the following articles for localization examples:
 
 - [Language customization with custom policy in Azure AD B2C](language-customization.md)
-- [Language customization with user flows in Azure AD B2C](language-customization.md)
+- [Language customization with user flows in Azure AD B2C](language-customization.md)

articles/active-directory-b2c/localization-string-ids.md

@@ -22,7 +22,7 @@ ms.custom: fasttrack-edit
 
  This article discusses how you can manage the user data in Azure Active Directory B2C (Azure AD B2C) by using the operations that are provided by the [Microsoft Graph API](/graph/use-the-api). Managing user data includes deleting or exporting data from audit logs.
 
-[!INCLUDE [gdpr-intro-sentence.md](../../includes/gdpr-intro-sentence.md)]
+[!INCLUDE [gdpr-intro-sentence.md](~/reusable-content/ce-skilling/azure/includes/gdpr-intro-sentence.md)]
 
 ## Delete user data
 

articles/active-directory-b2c/manage-user-data.md

@@ -9,7 +9,7 @@ manager: CelesteDG
 ms.service: active-directory
 
 ms.topic: reference
-ms.date: 01/11/2024
+ms.date: 05/07/2024
 ms.author: kengaderdus
 ms.subservice: B2C
 
@@ -73,6 +73,43 @@ The following example shows a technical profile for `ReturnOAuth2Error`:
 </ClaimsProviders> -->
 ```
 
+## Define claims transformation to generate custom values of error code and error message
+
+Use these steps to generate custom values of error code and error message:
+
+1. Locate the `ClaimsTransformations` element, then add the following code inside it
+
+    ```xml
+    <!--
+     <ClaimsTransformations> -->
+    <ClaimsTransformation Id="GenerateErrorCode" TransformationMethod="CreateStringClaim">
+            <InputParameters>
+              <InputParameter Id="value" DataType="string" Value="Error_001" />
+            </InputParameters>
+            <OutputClaims>
+              <OutputClaim ClaimTypeReferenceId="errorCode" TransformationClaimType="createdClaim" />
+            </OutputClaims>
+          </ClaimsTransformation>
+          <ClaimsTransformation Id="GenerateErrorMessage" TransformationMethod="CreateStringClaim">
+            <InputParameters>
+              <InputParameter Id="value" DataType="string" Value="Insert error description." />
+            </InputParameters>
+            <OutputClaims>
+              <OutputClaim ClaimTypeReferenceId="errorMessage" TransformationClaimType="createdClaim" />
+            </OutputClaims>
+          </ClaimsTransformation>
+    <!--
+    </ClaimsTransformations> -->
+    ```
+
+1. Add the two claims transformations in the `OutputClaimsTransformations` element of any technical profile before Oauth2 technical that you define:
+
+    ```xml
+        <OutputClaimsTransformations>
+          <OutputClaimsTransformation ReferenceId="generateErrorCode" />
+          <OutputClaimsTransformation ReferenceId="generateErrorMessage" />
+        </OutputClaimsTransformations>
+    ```
 ## Input claims
 
 The **InputClaims** element contains a list of claims required to return OAuth2 error. 
@@ -123,6 +160,20 @@ In the following example:
 </UserJourney>
 ```
 
+Optionally, you can use preconditions to manipulate the Oauth2 error technical profile. For example, if there is no email claim, you can set to call Oauth2 error technical profile:
+
+```xml
+<OrchestrationStep Order="3" Type="SendClaims" CpimIssuerTechnicalProfileReferenceId="ReturnOAuth2Error">
+      <Preconditions>
+        <Precondition Type="ClaimsExist" ExecuteActionsIf="false">
+          <Value>email</Value>
+          <Action>SkipThisOrchestrationStep</Action>
+        </Precondition>
+      </Preconditions>
+    </OrchestrationStep>
+```
+
+
 ## Next steps
 
 Learn about [UserJourneys](userjourneys.md)

articles/active-directory-b2c/oauth2-error-technical-profile.md

@@ -179,7 +179,7 @@ Azure AD B2C page layout uses the following versions of the [jQuery library](htt
 - Added support for [display controls](display-controls.md) in custom policies.
 
 **1.2.0**
-- The username/email and password fields now use the `form` HTML element to allow Microsoft Edge and Internet Explorer (IE) to properly save this information.
+- The username/email and password fields now use the `form` HTML element to allow Microsoft Edge and Internet Explorer to properly save this information.
 - Added a configurable user input validation delay for improved user experience.
 - Accessibility fixes
 - Fix  an accessibility issue so that error messages are read by Narrator. 
@@ -273,7 +273,7 @@ Azure AD B2C page layout uses the following versions of the [jQuery library](htt
 - When the [sign-in option](sign-in-options.md) is set to Email, the sign-in header presents "Sign in with your sign-in name". The username field presents "Sign in name". For more information, see [localization](localization-string-ids.md#sign-up-or-sign-in-page-elements).
 
 **1.2.0**
-- The username/email and password fields now use the `form` HTML element to allow Microsoft Edge and Internet Explorer (IE) to properly save this information.
+- The username/email and password fields now use the `form` HTML element to allow Microsoft Edge and Internet Explorer to properly save this information.
 - Accessibility fixes
 - You can now add the `data-preload="true"` attribute [in your HTML tags](customize-ui-with-html.md#guidelines-for-using-custom-page-content) to control the load order for CSS and JavaScript.
   - Load linked CSS files at the same time as your HTML template so it doesn't 'flicker' between loading the files.
@@ -313,7 +313,7 @@ Azure AD B2C page layout uses the following versions of the [jQuery library](htt
 
 **1.2.7**
 - Fixed accessibility issue on label for retries code.
-- Fixed issue caused by incompatibility of default parameter on IE 11.
+- Fixed issue caused by incompatibility of default parameter on Internet Explorer 11.
 - Set up `H1` heading and enable by default.
 - Updated HandlebarJS version to 4.7.7.
 

articles/active-directory-b2c/page-layout.md

@@ -23,10 +23,12 @@ In this tutorial, learn to enable passwordless authentication in Azure Active Di
 To get started, you'll need:
 
 - A Nevis demo account
-  - Go to nevis.net for [Nevis + Microsoft Azure AD B2C](https://www.nevis-security.com/aadb2c/) to request an account
-* An Azure subscription
+  - Go to `nevis.net` for [Nevis + Microsoft Azure AD B2C](https://www.nevis-security.com/aadb2c/) to request an account
+
+- An Azure subscription
 
   - If you don't have one, you can get an [Azure free account](https://azure.microsoft.com/free/)
+
 - An [Azure AD B2C tenant](./tutorial-create-tenant.md) linked to your Azure subscription
 
 >[!NOTE]
@@ -56,17 +58,17 @@ The diagram shows the implementation.
 
 ### Request a Nevis account 
 
-1. Go to nevis.net for [Nevis + Microsoft Azure AD B2C](https://www.nevis-security.com/aadb2c/). 
+1. Go to `nevis.net` for [Nevis + Microsoft Azure AD B2C](https://www.nevis-security.com/aadb2c/).
 2. Use the form request an account.
 3. Two emails arrive:
 
-*  Management account notification
-*  Mobile app invitation
+- Management account notification
+- Mobile app invitation
 
 ### Add your Azure AD B2C tenant to your Nevis account
 
 1. From the management account trial email, copy your management key.
-2. In a browser, open https://console.nevis.cloud/.
+2. In a browser, open the [Nevis management console](https://console.nevis.cloud/).
 3. Use the management key to sign in to the management console.
 4. Select **Add Instance**.
 5. Select the created instance.
@@ -99,14 +101,14 @@ The diagram shows the implementation.
 10. For **Key Usage**, select **Encryption**.
 11. Select **Create**.
 
-### Configure and upload the nevis.html to Azure blob storage
+### Configure and upload the nevis.html file to Azure blob storage
 
 1. In your Identity Environment (IDE), go to the [/master/samples/Nevis/policy](https://github.com/azure-ad-b2c/partner-integrations/tree/master/samples/Nevis/policy) folder.
-2. In [/samples/Nevis/policy/nevis.html](https://github.com/azure-ad-b2c/partner-integrations/blob/master/samples/Nevis/policy/nevis.html) open the nevis.html file.
+2. In [/samples/Nevis/policy/nevis.html](https://github.com/azure-ad-b2c/partner-integrations/blob/master/samples/Nevis/policy/nevis.html) open the `nevis.html` file.
 3. Replace the  **authentication_cloud_url** with the Nevis Admin console URL `https://<instance_id>.mauth.nevis.cloud`.
 4. Select **Save**.
 5. [Create an Azure Blob storage account](./customize-ui-with-html.md#2-create-an-azure-blob-storage-account).
-6. Upload the nevis.html file to your Azure blob storage.
+6. Upload the `nevis.html` file to your Azure blob storage.
 7. [Configure CORS](./customize-ui-with-html.md#3-configure-cors).
 8. Enable cross-origin resource sharing (CORS) for the file.
 9. In the list, select the **nevis.html** file.
@@ -132,7 +134,7 @@ The diagram shows the implementation.
 3. Replace **your tenant** with your Azure tenant account name in **TenantId**.
 4. Replace **your tenant** with your Azure tenant account name in **PublicPolicyURI**.
 5. Under **BasePolicy**, in the **TenantId**, replace **your tenant** with your Azure tenant account name.
-6. Under **BuildingBlocks**, replace **LoadUri** with the nevis.html blob link URL, in your blob storage account.
+6. Under **BuildingBlocks**, replace **LoadUri** with the `nevis.html` blob link URL, in your blob storage account.
 7. Select **Save**.
 
 ### Customize SignUpOrSignin.xml

articles/active-directory-b2c/partner-nevis.md

@@ -70,6 +70,9 @@ The following architecture diagram illustrates the implementation.
 2. Create delegated administration policies.
 3. Assign users the delegated administrator role.
 
+>[!NOTE]
+>User administrator role will be required for a Service Principal Name (SPN) to integrate with Saviynt EIC system. 
+
 ## Configure Azure AD B2C with Saviynt
 
 Use the following instructions to create an application, delete users, and more.