Merge branch 'main' into ninallam-vuh-limits

Author: ninallam

.github/policies/disallow-edits.yml

@@ -160,8 +160,8 @@ configuration:
               matchAny: true
               pattern: articles/reliability/*
           - commentContains:
-              pattern: \#sign-off
-              isRegex: false
+              pattern: '\#sign-off'
+              isRegex: true
           - not:
               or:
                 - isActivitySender:

.openpublishing.publish.config.json

@@ -242,12 +242,6 @@
             "branch": "main",
             "branch_mapping": {}
         },
-        {
-            "path_to_root": "azure-proactive-resiliency-library",
-            "url": "https://github.com/Azure/Azure-Proactive-Resiliency-Library",
-            "branch": "main",
-            "branch_mapping": {}
-        },
         {
             "path_to_root": "azure-sdk-for-go-samples",
             "url": "https://github.com/Azure-Samples/azure-sdk-for-go-samples",
@@ -590,6 +584,12 @@
             "branch": "main",
             "branch_mapping": {}
         },
+        {
+            "path_to_root": "laravel-tasks",
+            "url": "https://github.com/Azure-Samples/laravel-tasks",
+            "branch": "main",
+            "branch_mapping": {}
+        },
         {
             "path_to_root": "playwright-testing-service",
             "url": "https://github.com/microsoft/playwright-testing-service",

.openpublishing.redirection.json

@@ -1,5 +1,10 @@
 {
   "redirections": [
+    {
+      "source_path": "articles/migrate/tutorial-modernize-asp-net-aks.md",
+      "redirect_url": "/azure/migrate/migrate-services-overview",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/databox-online/azure-stack-edge-gpu-deploy-sample-module-marketplace.md",
       "redirect_url": "https://azuremarketplace.microsoft.com/marketplace/apps?page=1",
@@ -30,6 +35,11 @@
       "redirect_url": "/previous-versions/azure/partner-solutions/logzio/troubleshoot",
       "redirect_document_id": false
     },
+    {
+      "source_path": "articles/event-grid/event-schema-storage-actions.md",
+      "redirect_url": "/azure/storage-actions/overview",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/hdinsight-aks/index.yml",
       "redirect_url": "/previous-versions/azure/hdinsight-aks",
@@ -1855,6 +1865,11 @@
       "redirect_url": "/azure/api-management/monitor-api-management",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/vpn-gateway/vpn-gateway-cross-premises-options.md",
+      "redirect_url": "/previous-versions/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/vpn-gateway/vpn-gateway-about-forced-tunneling.md",
       "redirect_url": "/previous-versions/azure/vpn-gateway/vpn-gateway-about-forced-tunneling",
@@ -4075,36 +4090,6 @@
       "redirect_url": "/azure/notification-hubs/notification-hubs-push-notification-http2-token-authentication",
       "redirect_document_id": false
     },
-    {
-      "source_path_from_root": "/articles/openshift/howto-encrypt-data-disks.md",
-      "redirect_url": "/azure/openshift/howto-byok",
-      "redirect_document_id": false
-    },
-    {
-      "source_path_from_root": "/articles/openshift/howto-deploy-java-jboss-enterprise-application-platform-with-auto-redeploy.md",
-      "redirect_url": "/azure/openshift/index",
-      "redirect_document_id": false
-    },
-    {
-      "source_path_from_root": "/articles/openshift/quickstart-portal.md",
-      "redirect_url": "/azure/openshift/create-cluster",
-      "redirect_document_id": false
-    },
-    {
-      "source_path_from_root": "/articles/openshift/tutorial-connect-cluster.md",
-      "redirect_url": "/azure/openshift/connect-cluster",
-      "redirect_document_id": false
-    },
-    {
-      "source_path_from_root": "/articles/openshift/tutorial-create-cluster.md",
-      "redirect_url": "/azure/openshift/create-cluster",
-      "redirect_document_id": false
-    },
-    {
-      "source_path_from_root": "/articles/openshift/tutorial-delete-cluster.md",
-      "redirect_url": "/azure/openshift/delete-cluster",
-      "redirect_document_id": false
-    },
     {
       "source_path_from_root": "/articles/operator-service-manager/overview.md",
       "redirect_url": "azure/operator-service-manager/azure-operator-service-manager-overview",
@@ -5935,6 +5920,11 @@
       "redirect_url": "/azure/reliability/overview-reliability-guidance",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/reliability/sovereign-cloud-china.md",
+      "redirect_url": "/azure/china/concepts-service-availability",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/managed-grafana/concept-role-based-access-control.md",
       "redirect_url": "/azure/managed-grafana/how-to-manage-access-permissions-users-identities",
@@ -5949,6 +5939,26 @@
       "source_path": "articles/sentinel/resources.md",
       "redirect_url": "/azure/sentinel/overview",
       "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/nat-gateway/tutorial-dual-stack-outbound-nat-load-balancer.md",
+      "redirect_url": "/azure/nat-gateway/nat-overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/sentinel/kusto-resources.md",
+      "redirect_url": "/kusto/query/kql-learning-resources?view=microsoft-sentinel?view=microsoft-sentinel&preserve-view=true&toc=/azure/sentinel/TOC.json&bc=/azure/sentinel/breadcrumb/toc.json",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/reliability/availability-zones-baseline.md",
+      "redirect_url": "/azure/reliability/availability-zones-migration-overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/virtual-network/virtual-network-for-azure-services.md",
+      "redirect_url": "/azure/virtual-network/vnet-integration-for-azure-services",
+      "redirect_document_id": false
     }
   ]
-}
+}

articles/active-directory-b2c/add-captcha.md

@@ -1,11 +1,11 @@
 ---
 title: Enable CAPTCHA in Azure Active Directory B2C  
-description: How to enable CAPTCHA for user flows and custom policies in Azure Active Directory B2C.
+description: Learn how to enable CAPTCHA in Azure AD B2C for user flows and custom policies to protect sign-in and sign-up flows from automated attacks.
 author: kengaderdus
 manager: mwongerapk
 ms.service: azure-active-directory
 ms.topic: how-to
-ms.date: 05/03/2024
+ms.date: 02/18/2024
 ms.custom: project-no-code
 ms.author: kengaderdus
 ms.subservice: b2c
@@ -50,7 +50,7 @@ Azure Active Directory B2C (Azure AD B2C) allows you to enable CAPTCHA to preven
 
 ## Test the user flow
 
-Use the steps in [Test the user flow](tutorial-create-user-flows.md?pivots=b2c-user-flow#test-the-user-flow-1) to test and confirm that CAPTCHA is enabled for your chosen flow. You should be prompted to enter the characters you see or hear depending on the CAPTCHA type, visual or audio, you choose.
+Use the steps in [Test the user flow](tutorial-create-user-flows.md?pivots=b2c-user-flow#test-the-user-flow-1) to test and confirm that CAPTCHA is enabled for your chosen flow. You should be prompted to enter the characters you see or hear depending on the CAPTCHA type, visual, or audio, you choose.
 
 ::: zone-end
 
@@ -387,15 +387,15 @@ Use the steps in [Upload the policies](tutorial-create-user-flows.md?pivots=b2c-
 
 ## Test the custom policy
 
-Use the steps in [Test the custom policy](tutorial-create-user-flows.md?pivots=b2c-custom-policy#test-the-custom-policy) to test and confirm that CAPTCHA is enabled for your chosen flow. You should be prompted to enter the characters you see or hear depending on the CAPTCHA type, visual or audio, you choose.
+Use the steps in [Test the custom policy](tutorial-create-user-flows.md?pivots=b2c-custom-policy#test-the-custom-policy) to test and confirm that CAPTCHA is enabled for your chosen flow. You should be prompted to enter the characters you see or hear depending on the CAPTCHA type, visual, or audio, you choose.
 
 ::: zone-end
 
 > [!NOTE]
 > - You can't add CAPTCHA to an MFA step in a sign-up only user flow.
 > - In an MFA flow, CAPTCHA is applicable where the MFA method you select is SMS or phone call, SMS only or Phone call only.
 
-## Next steps 
+## Related content
 
 - Learn how to [Define a CAPTCHA technical profile](captcha-technical-profile.md).
 - Learn how to [Configure CAPTCHA display control](display-control-captcha.md).

articles/active-directory-b2c/add-password-change-policy.md

@@ -9,7 +9,7 @@ manager: CelesteDG
 ms.service: azure-active-directory
 
 ms.topic: how-to
-ms.date: 01/11/2024
+ms.date: 02/19/2025
 ms.author: kengaderdus
 ms.subservice: b2c
 zone_pivot_groups: b2c-policy-type
@@ -164,7 +164,7 @@ The password change flow involves the following steps:
 1. For **Application**, select the application that you registered earlier. To see the token, the **Reply URL** should show `https://jwt.ms`.
 1. Select **Run now**. In the new tab that opens, remove "&prompt=login" from the URL and refresh the tab. Then, sign in with the account you created earlier. A password change dialog gives you the option to change the password.
 
-## Next steps
+## Related content
 
 * Find the [sample policy on GitHub](https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack/tree/master/scenarios/password-change).
 * Learn about how you can [configure password complexity in Azure AD B2C](password-complexity.md).

articles/active-directory-b2c/add-password-reset-policy.md

@@ -6,7 +6,7 @@ author: garrodonnell
 manager: CelesteDG
 ms.service: azure-active-directory
 ms.topic: how-to
-ms.date: 11/27/2024
+ms.date: 02/18/2024
 ms.author: godonnell
 ms.subservice: b2c
 zone_pivot_groups: b2c-policy-type
@@ -40,16 +40,16 @@ The default name of the **Change email** button in *selfAsserted.html* is **chan
 [!INCLUDE [active-directory-b2c-customization-prerequisites](../../includes/active-directory-b2c-customization-prerequisites.md)]
 
 
-- The B2C Users need to have an authentication method specified for self-service password reset. Select the B2C User, in the left menu under **Manage**,  select **Authentication methods**, ensure **Authentication contact info** is set. B2C users created via a SignUp flow will have this set by default. For users created via Azure Portal or by Graph API need to have this set for SSPR to work. 
+- The B2C Users need to have an authentication method specified for self-service password reset. Select the B2C User, in the left menu under **Manage**, select **Authentication methods**. Ensure **Authentication contact info** is set. B2C users created via a Sign-up flow has this set by default. For users created via Azure Portal or by Graph API, you need to set **Authentication contact info** for SSPR to work. 
 
 
 ## Self-service password reset (recommended)
 
-The new password reset experience is now part of the sign-up or sign-in policy. When the user selects the **Forgot your password?** link, they are immediately sent to the Forgot Password experience. Your application no longer needs to handle the [AADB2C90118 error code](#password-reset-policy-legacy), and you don't need a separate policy for password reset.
+The new password reset experience is now part of the sign-up or sign-in policy. When the user selects the **Forgot your password?** link, they're immediately sent to the Forgot Password experience. Your application no longer needs to handle the [AADB2C90118 error code](#password-reset-policy-legacy), and you don't need a separate policy for password reset.
 
 ::: zone pivot="b2c-user-flow"
 
-The self-service password reset experience can be configured for the Sign in (Recommended) or Sign up and sign in (Recommended) user flows. If you don't have one of these user flows set up, create a [sign-up or sign-in](add-sign-up-and-sign-in-policy.md) user flow.
+The self-service password reset experience can be configured for the Sign in (Recommended) or Sign up and sign in (Recommended) user flows. If you don't have one of these user flows setup, create a [sign-up or sign-in](add-sign-up-and-sign-in-policy.md) user flow.
 
 To set up self-service password reset for the sign-up or sign-in user flow:
 
@@ -192,7 +192,7 @@ The sub journey is called from the user journey and performs the specific steps
 
 ### Prepare your user journey
 
-Next, to connect the **Forgot your password?** link to the **Forgot Password** sub journey you will need to reference the **Forgot Password** sub journey ID in the **ClaimsProviderSelection** element of the **CombinedSignInAndSignUp** step.
+Next, to connect the **Forgot your password?** link to the **Forgot Password** sub journey you need to reference the **Forgot Password** sub journey ID in the **ClaimsProviderSelection** element of the **CombinedSignInAndSignUp** step.
 
 If you don't have your own custom user journey that has a **CombinedSignInAndSignUp** step, complete the following steps to duplicate an existing sign-up or sign-in user journey. Otherwise, continue to the next section.
 
@@ -352,14 +352,14 @@ To test the user flow:
 
 ### Create a password reset policy
 
-Custom policies are a set of XML files that you upload to your Azure AD B2C tenant to define user journeys. We provide [starter packs](https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack) that have several pre-built policies, including sign up and sign in, password reset, and profile editing policies. For more information, see [Get started with custom policies in Azure AD B2C](tutorial-create-user-flows.md?pivots=b2c-custom-policy).
+Custom policies are a set of XML files that you upload to your Azure AD B2C tenant to define user journeys. We provide [starter packs](https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack) that have several prebuilt policies, including sign up and sign in, password reset, and profile editing policies. For more information, see [Get started with custom policies in Azure AD B2C](tutorial-create-user-flows.md?pivots=b2c-custom-policy).
 
 ::: zone-end
 
 ## Troubleshoot Azure AD B2C user flows and custom policies
 Your application needs to handle certain errors coming from Azure B2C service. Learn [how to troubleshoot Azure AD B2C's user flows and custom policies](troubleshoot.md).
 
-## Next steps
+## Related content
 
 Set up a [force password reset](force-password-reset.md).
 

articles/active-directory-b2c/add-ropc-policy.md

@@ -9,7 +9,7 @@ manager: CelesteDG
 ms.service: azure-active-directory
 
 ms.topic: how-to
-ms.date: 09/11/2024
+ms.date: 02/24/2025
 ms.author: kengaderdus
 ms.subservice: b2c
 zone_pivot_groups: b2c-policy-type

articles/active-directory-b2c/b2clogin.md

@@ -1,15 +1,15 @@
 ---
 title: Migrate applications and APIs to b2clogin.com
 titleSuffix: Azure AD B2C
-description: Learn about using b2clogin.com in your redirect URLs for Azure Active Directory B2C.
+description: Learn how to update redirect URLs in Azure AD B2C applications to use b2clogin.com or a custom domain for authentication endpoints.
 
 author: kengaderdus
 manager: CelesteDG
 
 ms.service: azure-active-directory
 
 ms.topic: how-to
-ms.date: 01/26/2024
+ms.date: 02/26/2025
 ms.author: kengaderdus
 ms.subservice: b2c
 
@@ -40,9 +40,9 @@ With Azure AD B2C [custom domain](./custom-domain.md) the corresponding updated
 - <code>https://<b>login.contoso.com</b>/\<tenant-name\>.onmicrosoft.com/<b>\<policy-name\></b>/oauth2/v2.0/authorize</code> or <code>https://<b>login.contoso.com</b>/\<tenant-name\>.onmicrosoft.com/oauth2/v2.0/authorize?<b>p=\<policy-name\></b></code> for the `/authorize` endpoint.
 - <code>https://<b>login.contoso.com</b>/\<tenant-name\>.onmicrosoft.com/<b>\<policy-name\></b>/oauth2/v2.0/logout</code> or <code>https://<b>login.contoso.com</b>/\<tenant-name\>.onmicrosoft.com/oauth2/v2.0/logout?<b>p=\<policy-name\></b></code> for the `/logout` endpoint.
 
-## Endpoints that are not affected
+## Endpoints that aren't affected
 
-Some customers use the shared capabilities of Microsoft Entra enterprise tenants. For example, acquiring an access token to call the [MS Graph API](microsoft-graph-operations.md#code-discussion) of the Azure AD B2C tenant.
+Some customers use the shared capabilities of Microsoft Entra enterprise tenants. For example, acquiring an access token to call the [MS Graph API](microsoft-graph-operations.md) of the Azure AD B2C tenant.
 
 This change doesn't affect all endpoints, which don't contain a policy parameter in the URL. They're accessed only with the Microsoft Entra ID's login.microsoftonline.com endpoints, and can't be used with the *b2clogin.com*, or custom domains. The following example shows a valid token endpoint of the Microsoft identity platform:
 
@@ -64,7 +64,6 @@ There are several modifications you might need to make to migrate your applicati
 * Update your Azure AD B2C applications to use *b2clogin.com*, or custom domain in their user flow and token endpoint references. The change may include updating your use of an authentication library like Microsoft Authentication Library (MSAL).
 * Update any **Allowed Origins** that you define in the CORS settings for [user interface customization](customize-ui-with-html.md).
 
-
 ## Change identity provider redirect URLs
 
 On each identity provider's website in which you've created an application, change all trusted URLs to redirect to `your-tenant-name.b2clogin.com`, or a custom domain instead of *login.microsoftonline.com*.
@@ -146,7 +145,7 @@ this.clientApplication = new UserAgentApplication(
 );
 ```
 
-## Next steps
+## Related content
 
 For information about migrating OWIN-based web applications to b2clogin.com, see [Migrate an OWIN-based web API to b2clogin.com](multiple-token-endpoints.md).
 

articles/active-directory-b2c/claim-resolver-overview.md

@@ -1,15 +1,15 @@
 ---
 title: Claim resolvers in custom policies
 titleSuffix: Azure AD B2C
-description: Learn how to use claims resolvers in a custom policy in Azure Active Directory B2C.
+description: Learn how to use claim resolvers in Azure AD B2C custom policies to provide context information and populate claims with dynamic values.
 
 author: kengaderdus
 manager: CelesteDG
 
 ms.service: azure-active-directory
 
 ms.topic: reference
-ms.date: 01/17/2024
+ms.date: 02/19/2025
 ms.author: kengaderdus
 ms.subservice: b2c
 
@@ -161,7 +161,7 @@ The following table lists the [OAuth2 identity provider](oauth2-technical-profil
 | {oauth2:access_token} | The OAuth2 identity provider access token. The `access_token` attribute. | `eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1Ni...` |
 | {oauth2:token_type}   | The type of the access token. The `token_type` attribute. | Bearer  |
 | {oauth2:expires_in}   | The length of time that the access token is valid in seconds. The `expires_in` attribute. The output claim [DataType](claimsschema.md#datatype) must be `int` or `long`. | 960000 |
-| {oauth2:refresh_token} | The OAuth2 identity provider refresh token. The `refresh_token` attribute. | `eyJraWQiOiJacW9pQlp2TW5pYVc2MUY...` |
+| {oauth2:refresh_token} | The OAuth2 identity providers refresh token. The `refresh_token` attribute. | `eyJraWQiOiJacW9pQlp2TW5pYVc2MUY...` |
 
 To use the OAuth2 identity provider claim resolvers, set the output claim's `PartnerClaimType` attribute to the claim resolver.  The following example demonstrates how the get the external identity provider claims:
 
@@ -312,6 +312,6 @@ In a [Relying party](relyingparty.md) policy technical profile, you may want to
   </RelyingParty>
 ```
 
-## Next steps
+## Related content
 
 - Find more [claims resolvers samples](https://github.com/azure-ad-b2c/unit-tests/tree/main/claims-resolver) on the Azure AD B2C community GitHub repo