toc conflict

Author: greg-lindsay

.openpublishing.redirection.json

@@ -5,7 +5,7 @@ author: kengaderdus
 manager: CelesteDG
 ms.service: azure-active-directory
 ms.topic: reference
-ms.date: 09/11/2024
+ms.date: 03/10/2025
 ms.author: kengaderdus
 ms.subservice: b2c
 ms.custom: fasttrack-edit
@@ -29,7 +29,7 @@ A monthly active user (MAU) is a unique user that performs an authentication wit
 
 If Azure AD B2C [Go-Local add-on](data-residency.md#go-local-add-on) is available in your country/region, and you enable it, you'll be charged per MAU, which is an added charge to your Azure AD B2C [Premium P1 or P2 pricing](https://azure.microsoft.com/pricing/details/active-directory-b2c/) license. Learn more [About Local Data Residency add-on](#about-go-local-add-on)  
 
-Also, if you choose to provide higher levels of assurance by using multifactor authentication (MFA) for Voice and SMS, you'll be charged a worldwide flat fee for each MFA attempt that month, whether the sign in is successful or unsuccessful. 
+Also, if you choose to provide higher levels of assurance by using multifactor authentication (MFA) for Voice and SMS, you'll be charged a fee for each MFA attempt that month, whether the sign in is successful or unsuccessful. 
 
 
 > [!IMPORTANT]
@@ -85,7 +85,7 @@ A subscription linked to an Azure AD B2C tenant can be used for the billing of A
 ### Create the link
 
 1. Sign in to the [Azure portal](https://portal.azure.com).
-1. If you have access to multiple tenants, select the **Settings** icon in the top menu to switch to your Azure AD B2C tenant from the **Directories + subscriptions** menu.
+1. If you have access to multiple tenants, select the **Settings** icon in the top menu to switch to your Microsoft Entra tenant from the **Directories + subscriptions** menu.
 1. Select **Create a resource**, and then, in the **Search services and Marketplace** field, search for and select **Azure Active Directory B2C**.
 1. Select **Create**.
 1. Select **Link an existing Azure AD B2C Tenant to my Azure subscription**.

articles/active-directory-b2c/billing.md

@@ -129,4 +129,4 @@ During the [desktop app registration](configure-authentication-sample-wpf-deskto
 
 ## Next steps
 
-- To learn more, see [MSAL for .NET, UWP, NetCore, and Xamarin configuration options](https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki).
+- To learn more, see [MSAL for .NET, UWP and NetCore configuration options](https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki).

articles/active-directory-b2c/enable-authentication-wpf-desktop-app-options.md

@@ -9,7 +9,7 @@ manager: CelesteDG
 ms.service: azure-active-directory
 
 ms.topic: reference
-ms.date: 01/11/2024
+ms.date: 03/13/2025
 ms.author: kengaderdus
 ms.subservice: b2c
 
@@ -24,7 +24,7 @@ The following errors can be returned by the Azure Active Directory B2C service.
 
 | Error code | Message | Notes |
 | ---------- | ------- | ----- |
-| `AADB2C90001` | This user already exists, and profile '{0}' does not allow the same user to be created again. | [Sign-up flow](add-sign-up-and-sign-in-policy.md) |
+| `AADB2C90001` | The server hosting resource '{0}' is not enabled for CORS requests. Ensure that the 'Access-Control-Allow-Origin' header has been configured. | |
 | `AADB2C90002` | The CORS resource '{0}' returned a 404 not found. | [Hosting the page content](customize-ui-with-html.md#hosting-the-page-content) |
 | `AADB2C90006` | The redirect URI '{0}' provided in the request is not registered for the client ID '{1}'. | [Register a web application](tutorial-register-applications.md), [Sending authentication requests](openid-connect.md#send-authentication-requests) |
 | `AADB2C90007` | The application associated with client ID '{0}' has no registered redirect URIs. | [Register a web application](tutorial-register-applications.md), [Sending authentication requests](openid-connect.md#send-authentication-requests) |
@@ -52,7 +52,7 @@ The following errors can be returned by the Azure Active Directory B2C service.
 | `AADB2C90040` | User journey '{0}' does not contain a send claims step. | [User journey orchestration steps](userjourneys.md#orchestrationsteps) |
 | `AADB2C90043` | The prompt included in the request contains invalid values. Expected 'none', 'login', 'consent' or 'select_account'. |  |
 | `AADB2C90044` | The claim '{0}' is not supported by the claim resolver '{1}'. | [Claim resolvers](claim-resolver-overview.md) |
-| `AADB2C90046` | We are having trouble loading your current state. You might want to try starting your session over from the beginning. |  |
+| `AADB2C90046` |We are having trouble signing you in. You might want to try starting your session over from the beginning. |  |
 | `AADB2C90047` | The resource '{0}' contains script errors preventing it from being loaded. | [Configure CORS](customize-ui-with-html.md#3-configure-cors) |
 | `AADB2C90048` | An unhandled exception has occurred on the server. |
 | `AADB2C90051` | No suitable claims providers were found. |
@@ -65,7 +65,7 @@ The following errors can be returned by the Azure Active Directory B2C service.
 | `AADB2C99059` | The supplied request must present a code_challenge. Required for single-page apps using the authorization code flow.| [Authorization code flow](authorization-code-flow.md) |
 | `AADB2C90067` | The post logout redirect URI '{0}' has an invalid format. Specify an https based URL such as 'https://example.com/return' or for native clients use the IETF native client URI 'urn:ietf:wg:oauth:2.0:oob'. | [Send a sign-out request](openid-connect.md#send-a-sign-out-request) |
 | `AADB2C90068` | The provided application with ID '{0}' is not valid against this service. Please use an application created via the B2C portal and try again. | [Register a web application in Azure AD B2C](tutorial-register-applications.md) |
-| `AADB2C90073` | KeyContainer with 'id': '{0}' cannot be found in the directory '{1}' |
+| `AADB2C90073` | {0} with {1}: '{2}' cannot be found in the directory '{3}'. |
 | `AADB2C90075` | The claims exchange '{0}' specified in step '{1}' returned HTTP error response with Code '{2}' and Reason '{3}'. |
 | `AADB2C90077` | User does not have an existing session and request prompt parameter has a value of '{0}'. |
 | `AADB2C90079` | Clients must send a client_secret when redeeming a confidential grant. | [Create a web app client secret](configure-authentication-sample-web-app-with-api.md#step-24-create-a-web-app-client-secret) |
@@ -114,7 +114,7 @@ The following errors can be returned by the Azure Active Directory B2C service.
 | `AADB2C90205` | This application does not have sufficient permissions against this web resource to perform the operation. | [Register web API and configure scopes](configure-authentication-sample-web-app-with-api.md#step-2-register-web-applications) |
 | `AADB2C90206` | A time out has occurred initialization the client. |  |
 | `AADB2C90208` | The provided id_token_hint parameter is expired. Please provide another token and try again. | [Token format](id-token-hint.md#token-format) |
-| `AADB2C90209` | The provided id_token_hint parameter does not contain an accepted audience. Valid audience values: '{0}'. Please provide another token and try again. |[Token format](id-token-hint.md#token-format) |
+| `AADB2C90209` | The provided id_token_hint parameter does not contain an accepted audience. Please provide another token and try again. |[Token format](id-token-hint.md#token-format) |
 | `AADB2C90210` | The provided id_token_hint parameter could not be validated. Please provide another token and try again. |[Token format](id-token-hint.md#token-format), [Issue a token with symmetric keys](id-token-hint.md#how-to-guide) |
 | `AADB2C90211` | The request contained an incomplete state cookie. |
 | `AADB2C90212` | The request contained an invalid state cookie. |
@@ -123,18 +123,18 @@ The following errors can be returned by the Azure Active Directory B2C service.
 | `AADB2C90224` | Resource owner flow has not been enabled for the application. | [Register a ROPC flow enabled application](add-ropc-policy.md#register-an-application) |
 | `AADB2C90225` | The username or password provided in the request are invalid. |
 | `AADB2C90226` | The specified token exchange is only supported over HTTP POST. |[Token format](id-token-hint.md#token-format) |
-| `AADB2C90232` | The provided id_token_hint parameter does not contain an accepted issuer. Valid issuers: '{0}'. Please provide another token and try again. |
+| `AADB2C90232` | The provided id_token_hint parameter does not contain an accepted issuer. Please provide another token and try again. |
 | `AADB2C90233` | The provided id_token_hint parameter failed signature validation. Please provide another token and try again. | [Issue a token with symmetric keys](id-token-hint.md#how-to-guide) |
-| `AADB2C90235` | The provided id_token is expired. Please provide another token and try again. | [Token format](id-token-hint.md#token-format) |
-| `AADB2C90237` | The provided id_token does not contain a valid audience. Valid audience values: '{0}'. Please provide another token and try again. | [Token format](id-token-hint.md#token-format) |
-| `AADB2C90238` | The provided id_token does not contain a valid issuer. Valid issuer values: '{0}'. Please provide another token and try again. | [Token format](id-token-hint.md#token-format) |
-| `AADB2C90239` | The provided id_token failed signature validation. Please provide another token and try again. | [Issue a token with symmetric keys](id-token-hint.md#how-to-guide) |
-| `AADB2C90240` | The provided id_token is malformed and could not be parsed. Please provide another token and try again. | [Issue a token with symmetric keys](id-token-hint.md#how-to-guide) |
+| `AADB2C90235` | The provided token is expired. Please provide another token and try again. | [Token format](id-token-hint.md#token-format) |
+| `AADB2C90237` | The provided token does not contain a valid audience. Please provide another token and try again. | [Token format](id-token-hint.md#token-format) |
+| `AADB2C90238` | The provided token does not contain a valid issuer. Please provide another token and try again. | [Token format](id-token-hint.md#token-format) |
+| `AADB2C90239` | The provided token failed signature validation. Please provide another token and try again. | [Issue a token with symmetric keys](id-token-hint.md#how-to-guide) |
+| `AADB2C90240` | The provided token is malformed and could not be parsed. Please provide another token and try again. | [Issue a token with symmetric keys](id-token-hint.md#how-to-guide) |
 | `AADB2C90242` | The SAML technical profile '{0}' specifies PartnerEntity CDATA which cannot be loaded for reason '{1}'. | [Configure the SAML technical profile](identity-provider-generic-saml.md#configure-the-saml-technical-profile) |
 | `AADB2C90243` | The IDP's client key/secret is not properly configured. | [Add an IDP to your Azure AD B2C tenant](add-identity-provider.md) |
 | `AADB2C90244` | There are too many requests at this moment. Please wait for some time and try again. | [Azure AD B2C service limits and restrictions](service-limits.md) |
 | `AADB2C90248` | Resource owner flow can only be used by applications created through the B2C admin portal. | [Register a ROPC flow enabled application](add-ropc-policy.md#register-an-application) |
-| `AADB2C90250` | The generic login endpoint is not supported. |  [Supported and unsupported SAML modalities](saml-service-provider.md#supported-and-unsupported-saml-modalities) |
+| `AADB2C90250` | SAML IDP initiated SSO is not enabled for this policy. |  [Supported and unsupported SAML modalities](saml-service-provider.md#supported-and-unsupported-saml-modalities) |
 | `AADB2C90255` | The claims exchange specified in technical profile '{0}' did not complete as expected. You might want to try starting your session over from the beginning. |
 | `AADB2C90261` | The claims exchange '{0}' specified in step '{1}' returned HTTP error response that could not be parsed. |
 | `AADB2C90272` | The id_token_hint parameter has not been specified in the request. Please provide token and try again. | [Issue a token with symmetric keys](id-token-hint.md#how-to-guide) |
@@ -145,16 +145,16 @@ The following errors can be returned by the Azure Active Directory B2C service.
 | `AADB2C90279` | The provided client ID '{0}' does not match the client ID that issued the grant. | [Web sign-in with OpenID Connect](openid-connect.md) |
 | `AADB2C90284` | The application with identifier '{0}' has not been granted consent and is unable to be used for local accounts. | [Register a web application in Azure AD B2C](tutorial-register-applications.md) |
 | `AADB2C90285` | The application with identifier '{0}' was not found. | [Register a web application in Azure AD B2C](tutorial-register-applications.md) |
-| `AADB2C90288` | UserJourney with ID '{0}' referenced in TechnicalProfile '{1}' for refresh token redemption for tenant '{2}' does not exist in policy '{3}' or any of its base policies. |
 | `AADB2C90287` | The request contains invalid redirect URI '{0}'.| [Register a web application](tutorial-register-applications.md), [Sending authentication requests](openid-connect.md#send-authentication-requests) |
+| `AADB2C90288` | UserJourney with ID '{0}' referenced in TechnicalProfile '{1}' for refresh token redemption for tenant '{2}' does not exist in policy '{3}' or any of its base policies. |
 | `AADB2C90289` | We encountered an error connecting to the identity provider. Please try again later. |  [Add an IDP to your Azure AD B2C tenant](add-identity-provider.md) |
-| `AADB2C90289` | We encountered an 'invalid_client' error connecting to the identity provider. Please try again later. | Make sure the application secret is correct or it hasn't expired. Learn how to [Register apps](register-apps.md).|
+| `AADB2C90289` | We encountered an '{0}' error connecting to the identity provider. Please try again later. | Make sure the application secret is correct or it hasn't expired. Learn how to [Register apps](register-apps.md).|
 | `AADB2C90296` | Application has not been configured correctly. Please contact administrator of the site you are trying to access. | [Register a web application](tutorial-register-applications.md) |
+| `AADB2C99002` | This user does not exist and profile '{0}' requires the user to have already been created. |
 | `AADB2C99005` | The request contains an invalid scope parameter which includes an illegal character '{0}'. | [Web sign-in with OpenID Connect](openid-connect.md) | 
-| `AADB2C99006` | Azure AD B2C cannot find the extensions app with app ID '{0}'. Please visit https://go.microsoft.com/fwlink/?linkid=851224 for more information. | [Azure AD B2C extensions app](extensions-app.md) |
+| `AADB2C99006` | Azure AD cannot find the extensions app with app id '{0}'. Please visit https://go.microsoft.com/fwlink/?linkid=851224 for more information. | [Azure AD B2C extensions app](extensions-app.md) |
 | `AADB2C99011` | The metadata value '{0}' has not been specified in TechnicalProfile '{1}' in policy '{2}'. | [Custom policy Technical profiles](technicalprofiles.md) |
 | `AADB2C99013` | The supplied grant_type [{0}] and token_type [{1}] combination is not supported. |
 | `AADB2C99015` | Profile '{0}' in policy '{1}' in tenant '{2}' is missing all InputClaims required for resource owner password credential flow. | [Create a resource owner policy](add-ropc-policy.md#create-a-resource-owner-policy) |
-|`AADB2C99002`| User doesn't exist. Please sign up before you can sign in. |
 | `AADB2C99027` | Policy '{0}' does not contain an AuthorizationTechnicalProfile with a corresponding ClientAssertionType. | [Client credentials flow](client-credentials-grant-flow.md) |
-|`AADB2C90229`|Azure AD B2C throttled traffic if too many requests are sent from the same source in a short period of time| [Best practices for Azure Active Directory B2C](best-practices.md#testing) |
+|`AADB2C90229`|Your request is throttled temporarily. Please retry after the time specified in the additional information of the error message. | [Best practices for Azure Active Directory B2C](best-practices.md#testing) |

articles/active-directory-b2c/error-codes.md

@@ -50,5 +50,3 @@ landingContent:
         links:
           - text: iOS (Objective-C)
             url: https://github.com/Azure-Samples/active-directory-b2c-ios-native-appauth
-          - text: Xamarin native  
-            url: https://github.com/Azure-Samples/active-directory-b2c-xamarin-native

articles/active-directory-b2c/index-mobile.yml

@@ -47,7 +47,6 @@ The following tables provide links to samples for applications including iOS, An
 | [ios-native-appauth](https://github.com/Azure-Samples/active-directory-b2c-ios-native-appauth) | A sample that shows how you can use a third-party library to build an iOS application in Objective-C that authenticates Microsoft identity users to our Azure AD B2C identity service. |
 | [android-native-appauth](https://github.com/Azure-Samples/active-directory-b2c-android-native-appauth) | A sample that shows how you can use a third-party library to build an Android application that authenticates Microsoft identity users to our B2C identity service and calls a web API using OAuth 2.0 access tokens. |
 | [dotnet-desktop](https://github.com/Azure-Samples/active-directory-b2c-dotnet-desktop) | A sample that shows how a Windows Desktop .NET (WPF) application can sign in a user using Azure AD B2C, get an access token using MSAL.NET and call an API. |
-| [xamarin-native](https://github.com/Azure-Samples/active-directory-b2c-xamarin-native) | A simple Xamarin Forms app showcasing how to use MSAL to authenticate users via Azure Active Directory B2C, and access a Web API with the resulting tokens. |
 
 ## Console/Daemon apps
 

articles/active-directory-b2c/integrate-with-app-code-samples.md

@@ -89,7 +89,7 @@ The technical profile also returns claims that aren't returned by the identity p
 | HttpBinding | No | The expected HTTP binding to the access token and claims token endpoints. Possible values: `GET` or `POST`.  |
 | ValidTokenIssuerPrefixes | No | A key that can be used to sign in to each of the tenants when using a multi-tenant identity provider such as Microsoft Entra ID. |
 | UsePolicyInRedirectUri | No | Indicates whether to use a policy when constructing the redirect URI. When you configure your application in the identity provider, you need to specify the redirect URI. The redirect URI points to Azure AD B2C, `https://{your-tenant-name}.b2clogin.com/{your-tenant-name}.onmicrosoft.com/oauth2/authresp`.  If you specify `true`, you need to add a redirect URI for each policy you use. For example: `https://{your-tenant-name}.b2clogin.com/{your-tenant-name}.onmicrosoft.com/{policy-name}/oauth2/authresp`. |
-| MarkAsFailureOnStatusCode5xx | No | Indicates whether a request to an external service should be marked as a failure if the Http status code is in the 5xx range. The default is `false`. |
+| MarkAsFailureOnStatusCode5xx | No | Indicates whether a request to an external service should be marked as a failure if the HTTP status code is in the 5xx range. The default is `false`. |
 | DiscoverMetadataByTokenIssuer | No | Indicates whether the OIDC metadata should be discovered by using the issuer in the JWT.If you need to build the metadata endpoint URL based on Issuer, set this to `true`.|
 | IncludeClaimResolvingInClaimsHandling  | No | For input and output claims, specifies whether [claims resolution](claim-resolver-overview.md) is included in the technical profile. Possible values: `true`, or `false` (default). If you want to use a claims resolver in the technical profile, set this to `true`. |
 |token_endpoint_auth_method| No | Specifies how Azure AD B2C sends the authentication header to the token endpoint. Possible values: `client_secret_post` (default), and `client_secret_basic`, `private_key_jwt`. For more information, see [OpenID Connect client authentication section](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication). |