acrolinx corrections

Author: davidmu1

articles/active-directory/develop/active-directory-jwt-claims-customization.md

@@ -19,7 +19,7 @@ The Microsoft identity platform supports single sign-on (SSO) with most enterpri
 
 These JSON Web tokens (JWT) used by OIDC & OAuth applications contain pieces of information about the user known as *claims*. A *claim* is information that an identity provider states about a user inside the token they issue for that user.
 
-In an [OIDC response](https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc), *claims* data is typically contained in the ID Token issued by the identity provider in the form of a JWT.
+In an [OIDC response](v2-protocols-oidc.md), *claims* data is typically contained in the ID Token issued by the identity provider in the form of a JWT.
 
 ## View or edit claims
 
@@ -47,7 +47,7 @@ You can use the following special claims transformations functions.
 
 | Function | Description |
 |----------|-------------|
-| **ExtractMailPrefix()** | Removes the domain suffix from either the email address or the user principal name. This funtion extracts only the first part of the user name being passed through (for example, "joe_smith" instead of [email protected]). |
+| **ExtractMailPrefix()** | Removes the domain suffix from either the email address or the user principal name. This function extracts only the first part of the user name being passed through (for example, "joe_smith" instead of [email protected]). |
 | **ToLower()** | Converts the characters of the selected attribute into lowercase characters. |
 | **ToUpper()** | Converts the characters of the selected attribute into uppercase characters. |
 
@@ -74,8 +74,8 @@ You can use the following functions to transform claims.
 
 | Function | Description |
 |----------|-------------|
-| **ExtractMailPrefix()** | Removes the domain suffix from either the email address or the user principal name. This extracts only the first part of the user name being passed through (for example, "joe_smith" instead of [email protected]). |
-| **Join()** | Creates a new value by joining two attributes. Optionally, you can use a separator between the two attributes. For NameID claim transformation, the Join() function has specific behavior when the transformation input has a domain part. It removes the domain part from input before joining it with the separator and the selected parameter. For example, if the input of the transformation is '[email protected]' and the separator is '@' and the parameter is 'fabrikam.com', this input combiniation results in '[email protected]'. |
+| **ExtractMailPrefix()** | Removes the domain suffix from either the email address or the user principal name. This function extracts only the first part of the user name being passed through (for example, "joe_smith" instead of [email protected]). |
+| **Join()** | Creates a new value by joining two attributes. Optionally, you can use a separator between the two attributes. For NameID claim transformation, the Join() function has specific behavior when the transformation input has a domain part. It removes the domain part from input before joining it with the separator and the selected parameter. For example, if the input of the transformation is '[email protected]' and the separator is '@' and the parameter is 'fabrikam.com', this input combination results in '[email protected]'. |
 | **ToLowercase()** | Converts the characters of the selected attribute into lowercase characters. |
 | **ToUppercase()** | Converts the characters of the selected attribute into uppercase characters. |
 | **Contains()** | Outputs an attribute or constant if the input matches the specified value. Otherwise, you can specify another output if there's no match. <br/>For example, if you want to emit a claim where the value is the user's email address if it contains the domain "@contoso.com", otherwise you want to output the user principal name. To perform this function, you configure the following values:<br/>*Parameter 1(input)*: user.email<br/>*Value*: "@contoso.com"<br/>Parameter 2 (output): user.email<br/>Parameter 3 (output if there's no match): user.userprincipalname |
@@ -124,7 +124,7 @@ The following table provides information about using transformations. The action
 | 18 | Test transformation result | If evaluation succeeds, an output of test transformation will be rendered against the **Test transformation result** label. |
 | 19 | Remove transformation | The administrator can remove the second level transformation by selecting **Remove transformation**. |
 | 20 | Specify output if no match | When a regex input value is configured against the **Parameter 1** which doesn't matches the **Regular expression**, the transformation is skipped. In such cases, the administrator can configure the alternate user attribute, which is added to the token for the claim by checking **Specify output if no match**. |
-| 21 | Parameter 3 | If an administrator wants to return alternate user attribute when there is no match and **Specify output if no match** is checked, they can select an alternate user attribute by using the dropdown. This dropdown is available against **Parameter 3 (output if no match)**. |
+| 21 | Parameter 3 | If an administrator wants to return alternate user attribute when there's no match and **Specify output if no match** is checked, they can select an alternate user attribute by using the dropdown. This dropdown is available against **Parameter 3 (output if no match)**. |
 | 22 | Summary | At the bottom of the blade, a full summary of the format is displayed that explains the meaning of the transformation in simple text. |
 | 23 | Add | Once the administrator is satisfied with the configuration settings for the transformation, they can save it to claims policy by selecting **Add**. Changes won't be saved unless the administrator manually selects **Save** available on **Manage Claim** blade. |
 
@@ -137,7 +137,7 @@ When the following conditions occur after **Add** or **Run test** is selected, a
 * Input parameters with duplicate user attributes aren't allowed.
 * Unused input parameters found. Defined input parameters should have respective usage into the Replacement pattern text.
 * The provided test regex input doesn't match with the provided regular expression.
-* The source for the groups into the replacement pattern aren't found.
+* The source for the groups into the replacement pattern isn't found.
 
 ## Emit claims based on conditions
 

articles/active-directory/develop/active-directory-saml-claims-customization.md

@@ -94,7 +94,7 @@ You can use the following special claims transformations functions.
 
 | Function | Description |
 |----------|-------------|
-| **ExtractMailPrefix()** | Removes the domain suffix from either the email address or the user principal name. This funtion extracts only the first part of the user name being passed through (for example, "joe_smith" instead of [email protected]). |
+| **ExtractMailPrefix()** | Removes the domain suffix from either the email address or the user principal name. This function extracts only the first part of the user name being passed through (for example, "joe_smith" instead of [email protected]). |
 | **ToLower()** | Converts the characters of the selected attribute into lowercase characters. |
 | **ToUpper()** | Converts the characters of the selected attribute into uppercase characters. |
 
@@ -121,8 +121,8 @@ You can use the following functions to transform claims.
 
 | Function | Description |
 |----------|-------------|
-| **ExtractMailPrefix()** | Removes the domain suffix from either the email address or the user principal name. This extracts only the first part of the user name being passed through (for example, "joe_smith" instead of [email protected]). |
-| **Join()** | Creates a new value by joining two attributes. Optionally, you can use a separator between the two attributes. For NameID claim transformation, the Join() function has specific behavior when the transformation input has a domain part. It removes the domain part from input before joining it with the separator and the selected parameter. For example, if the input of the transformation is '[email protected]' and the separator is '@' and the parameter is 'fabrikam.com', this input combiniation results in '[email protected]'. |
+| **ExtractMailPrefix()** | Removes the domain suffix from either the email address or the user principal name. This function extracts only the first part of the user name being passed through (for example, "joe_smith" instead of [email protected]). |
+| **Join()** | Creates a new value by joining two attributes. Optionally, you can use a separator between the two attributes. For NameID claim transformation, the Join() function has specific behavior when the transformation input has a domain part. It removes the domain part from input before joining it with the separator and the selected parameter. For example, if the input of the transformation is '[email protected]' and the separator is '@' and the parameter is 'fabrikam.com', this input combination results in '[email protected]'. |
 | **ToLowercase()** | Converts the characters of the selected attribute into lowercase characters. |
 | **ToUppercase()** | Converts the characters of the selected attribute into uppercase characters. |
 | **Contains()** | Outputs an attribute or constant if the input matches the specified value. Otherwise, you can specify another output if there's no match. <br/>For example, if you want to emit a claim where the value is the user's email address if it contains the domain "@contoso.com", otherwise you want to output the user principal name. To perform this function, you configure the following values:<br/>*Parameter 1(input)*: user.email<br/>*Value*: "@contoso.com"<br/>Parameter 2 (output): user.email<br/>Parameter 3 (output if there's no match): user.userprincipalname |
@@ -171,7 +171,7 @@ The following table provides information about using transformations. The action
 | 18 | Test transformation result | If evaluation succeeds, an output of test transformation will be rendered against the **Test transformation result** label. |
 | 19 | Remove transformation | The administrator can remove the second level transformation by selecting **Remove transformation**. |
 | 20 | Specify output if no match | When a regex input value is configured against the **Parameter 1** which doesn't matches the **Regular expression**, the transformation is skipped. In such cases, the administrator can configure the alternate user attribute, which is added to the token for the claim by checking **Specify output if no match**. |
-| 21 | Parameter 3 | If an administrator wants to return alternate user attribute when there is no match and **Specify output if no match** is checked, they can select an alternate user attribute by using the dropdown. This dropdown is available against **Parameter 3 (output if no match)**. |
+| 21 | Parameter 3 | If an administrator wants to return alternate user attribute when there's no match and **Specify output if no match** is checked, they can select an alternate user attribute by using the dropdown. This dropdown is available against **Parameter 3 (output if no match)**. |
 | 22 | Summary | At the bottom of the blade, a full summary of the format is displayed that explains the meaning of the transformation in simple text. |
 | 23 | Add | Once the administrator is satisfied with the configuration settings for the transformation, they can save it to claims policy by selecting **Add**. Changes won't be saved unless the administrator manually selects **Save** available on **Manage Claim** blade. |
 
@@ -184,7 +184,7 @@ When the following conditions occur after **Add** or **Run test** is selected, a
 * Input parameters with duplicate user attributes aren't allowed.
 * Unused input parameters found. Defined input parameters should have respective usage into the Replacement pattern text.
 * The provided test regex input doesn't match with the provided regular expression.
-* The source for the groups into the replacement pattern aren't found.
+* The source for the groups into the replacement pattern isn't found.
 
 ## Add the UPN claim to SAML tokens
 

articles/active-directory/fundamentals/whats-new-archive.md

@@ -4200,7 +4200,7 @@ Azure Support is now available for Azure AD integration components of Microsoft
 **Service category:** Enterprise Apps  
 **Product capability:** SSO
 
-Previously, the number of groups you could use when you conditionally change claims based on group membership within any single application configuration was limited to 10. The use of group membership conditions in SSO claims configuration has now increased to a maximum of 50 groups. For more information on how to configure claims, refer to [Enterprise Applications SSO claims configuration](../develop/active-directory-saml-claims-customization.md#emitting-claims-based-on-conditions). 
+Previously, the number of groups you could use when you conditionally change claims based on group membership within any single application configuration was limited to 10. The use of group membership conditions in SSO claims configuration has now increased to a maximum of 50 groups. For more information on how to configure claims, refer to [Enterprise Applications SSO claims configuration](../develop/active-directory-saml-claims-customization.md). 
 
 ---
 

articles/active-directory/manage-apps/application-sign-in-problem-application-error.md

@@ -17,7 +17,7 @@ ms.collection: M365-identity-device-management
 
 In this scenario, Azure Active Directory (Azure AD) signs the user in. But the application displays an error message and doesn't let the user finish the sign-in flow. The problem is that the app didn't accept the response that Azure AD issued.
 
-There are several possible reasons why the app didn't accept the response from Azure AD. If there is an error message or code displayed, use the following resources to diagnose the error:
+There are several possible reasons why the app didn't accept the response from Azure AD. If there's an error message or code displayed, use the following resources to diagnose the error:
 
 * [Azure AD Authentication and authorization error codes](../develop/reference-aadsts-error-codes.md)
 
@@ -96,7 +96,7 @@ To change the User Identifier value, follow these steps:
 
 ### Change the NameID format
 
-If the application expects another format for the **NameID** (User Identifier) attribute, see [Editing nameID](../develop/active-directory-saml-claims-customization.md#editing-nameid) to change the NameID format.
+If the application expects another format for the **NameID** (User Identifier) attribute, see the [Edit nameID](../develop/active-directory-saml-claims-customization.md#edit-nameid) section to change the NameID format.
 
 Azure AD selects the format for the **NameID** attribute (User Identifier) based on the value that's selected or the format that's requested by the app in the SAML AuthRequest. For more information, see the "NameIDPolicy" section of [Single sign-on SAML protocol](../develop/single-sign-on-saml-protocol.md#nameidpolicy).