MicrosoftDocs
diff --git a/‎.openpublishing.redirection.json
Lines changed: 5 additions & 0 deletions b/‎.openpublishing.redirection.json
Lines changed: 5 additions & 0 deletions
diff --git a/‎articles/active-directory-b2c/active-directory-b2c-faqs.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-b2c/active-directory-b2c-faqs.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/develop/authentication-flows-app-scenarios.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/develop/authentication-flows-app-scenarios.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/develop/id-tokens.md
Lines changed: 6 additions & 0 deletions b/‎articles/active-directory/develop/id-tokens.md
Lines changed: 6 additions & 0 deletions
diff --git a/‎articles/active-directory/develop/msal-authentication-flows.md
Lines changed: 2 additions & 2 deletions b/‎articles/active-directory/develop/msal-authentication-flows.md
Lines changed: 2 additions & 2 deletions
@@ -46595,6 +46595,11 @@
       "redirect_url": "/azure/load-balancer/load-balancer-overview",
       "redirect_document_id": false
     },
+    {
+        "source_path": "articles/backup/backup-azure-files.md",
+        "redirect_url": "/azure/backup/backup-afs",
+        "redirect_document_id": false
+    },
     {
       "source_path": "articles/load-balancer/load-balancer-arm.md",
       "redirect_url": "/azure/load-balancer/load-balancer-overview",
 
@@ -23,7 +23,7 @@ There are two common reasons for why the Azure AD extension is not working for y
 
 ### Can I use Azure AD B2C features in my existing, employee-based Azure AD tenant?
 
-Azure AD and Azure AD B2C are separate product offerings and cannot coexist in the same tenant. An Azure AD tenant represents an organization. An Azure AD B2C tenant represents a collection of identities to be used with relying party applications. With custom policies, Azure AD B2C can federate to Azure AD allowing authentication of employees in an organization.
+Azure AD and Azure AD B2C are separate product offerings and cannot coexist in the same tenant. An Azure AD tenant represents an organization. An Azure AD B2C tenant represents a collection of identities to be used with relying party applications. By adding **New OpenID Connect provider** under **Azure AD B2C > Identity providers** or with custom policies, Azure AD B2C can federate to Azure AD allowing authentication of employees in an organization.
 
 ### Can I use Azure AD B2C to provide social login (Facebook and Google+) into Office 365?
 
 
@@ -235,7 +235,7 @@ Scenarios that involve acquiring tokens also map to OAuth 2.0 authentication flo
  </tr>
 
   <tr>
-   <td><a href="scenario-desktop-acquire-token.md#command-line-tool-without-web-browser"><img alt="Browserless application" src="media/scenarios/device-code-flow-app.svg"></a></td>
+   <td><a href="scenario-desktop-acquire-token.md#command-line-tool-without-a-web-browser"><img alt="Browserless application" src="media/scenarios/device-code-flow-app.svg"></a></td>
    <td><a href="v2-oauth2-device-code.md">Device code</a></td>
    <td>Work or school accounts</td>
  </tr>
 
@@ -82,6 +82,12 @@ This list shows the claims that are in most id_tokens by default (except where n
 |`uti` | Opaque String | An internal claim used by Azure to revalidate tokens. Should be ignored. |
 |`ver` | String, either 1.0 or 2.0 | Indicates the version of the id_token. |
 
+
+> [!NOTE]
+> The v1 and v2 id_token have differences in the amount of information they will carry as seen from the examples above. The version essentially specifies the Azure AD platform endpoint from where it was issued. [Azure AD Oauth implementation](https://docs.microsoft.com/azure/active-directory/develop/about-microsoft-identity-platform) have evolved through the years. Currently we have two different oAuth endpoints for AzureAD applications. You can use any of the new endpoints which are categorized as v2 or the old one which is said to be v1. The Oauth endpoints for both of them are different. The V2 endpoint is the newer one where we are trying to migrate all the features of v1 endpoint and recommend new developers to use the v2 endpoint. 
+> - V1: Azure Active Directory Endpoints: `https://login.microsoftonline.com/common/oauth2/authorize`
+> - V2: Microsoft Identity Platform Endpoints: `https://login.microsoftonline.com/common/oauth2/v2.0/authorize`
+
 ## Validating an id_token
 
 Validating an `id_token` is similar to the first step of [validating an access token](access-tokens.md#validating-tokens) - your client should validate that the correct issuer has sent back the token and that it hasn't been tampered with. Because `id_tokens` are always a JWT, many libraries exist to validate these tokens - we recommend you use one of these rather than doing it yourself.
 
@@ -29,9 +29,9 @@ This article describes the different authentication flows provided by Microsoft
 | [Authorization code](#authorization-code) | Used in apps that are installed on a device to gain access to protected resources, such as web APIs. This allows you to add sign-in and API access to your mobile and desktop apps. | [Desktop apps](scenario-desktop-overview.md), [mobile apps](scenario-mobile-overview.md), [web apps](scenario-web-app-call-api-overview.md) | 
 | [On-behalf-of](#on-behalf-of) | An application invokes a service or web API, which in turn needs to call another service or web API. The idea is to propagate the delegated user identity and permissions through the request chain. | [Web APIs](scenario-web-api-call-api-overview.md) |
 | [Client credentials](#client-credentials) | Allows you to access web-hosted resources by using the identity of an application. Commonly used for server-to-server interactions that must run in the background, without immediate interaction with a user. | [Daemon apps](scenario-daemon-overview.md) |
-| [Device code](#device-code) | Allows users to sign in to input-constrained devices such as a smart TV, IoT device, or printer. | [Desktop/mobile apps](scenario-desktop-acquire-token.md#command-line-tool-without-web-browser) |
+| [Device code](#device-code) | Allows users to sign in to input-constrained devices such as a smart TV, IoT device, or printer. | [Desktop/mobile apps](scenario-desktop-acquire-token.md#command-line-tool-without-a-web-browser) |
 | [Integrated Windows Authentication](scenario-desktop-acquire-token.md#integrated-windows-authentication) | Allows applications on domain or Azure Active Directory (Azure AD) joined computers to acquire a token silently (without any UI interaction from the user).| [Desktop/mobile apps](scenario-desktop-acquire-token.md#integrated-windows-authentication) |
-| [Username/password](scenario-desktop-acquire-token.md#username--password) | Allows an application to sign in the user by directly handling their password. This flow isn't recommended. | [Desktop/mobile apps](scenario-desktop-acquire-token.md#username--password) |
+| [Username/password](scenario-desktop-acquire-token.md#username-and-password) | Allows an application to sign in the user by directly handling their password. This flow isn't recommended. | [Desktop/mobile apps](scenario-desktop-acquire-token.md#username-and-password) |
 
 ## How each flow emits tokens and codes