Merge pull request #236540 from MicrosoftDocs/main

Publish to live, Tuesday 4 AM PST, 5/2

Author: ttorble

.openpublishing.redirection.active-directory.json

@@ -2492,7 +2492,16 @@
     },
     {
       "source_path_from_root": "/articles/active-directory/active-directory-configurable-token-lifetimes.md",
-      "redirect_url": "/azure/active-directory/develop/active-directory-configurable-token-lifetimes",
+      "redirect_url": "/azure/active-directory/develop/configurable-token-lifetimes",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/active-directory/develop/active-directory-configurable-token-lifetimes.md",
+      "redirect_url": "/azure/active-directory/develop/configurable-token-lifetimes",
+      "redirect_document_id": true
+    },{
+      "source_path_from_root": "/articles/active-directory/develop/reference-aadsts-error-codes.md",
+      "redirect_url": "/azure/active-directory/develop/reference-error-codes",
       "redirect_document_id": true
     },
     {
@@ -2665,6 +2674,11 @@
       "redirect_url": "/azure/active-directory/develop/active-directory-saml-debugging",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/active-directory/develop/howto-add-branding-in-azure-ad-apps.md",
+      "redirect_url": "/azure/active-directory/develop/howto-add-branding-in-apps.md",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/active-directory/active-directory-java-view-saml-returned-by-access-control.md",
       "redirect_url": "/azure/active-directory/develop/active-directory-saml-protocol-reference",
@@ -2677,7 +2691,12 @@
     },
     {
       "source_path_from_root": "/articles/active-directory/active-directory-signing-key-rollover.md",
-      "redirect_url": "/azure/active-directory/develop/active-directory-signing-key-rollover",
+      "redirect_url": "/azure/active-directory/develop/signing-key-rollover",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/active-directory/develop/active-directory-signing-key-rollover.md",
+      "redirect_url": "/azure/active-directory/develop/signing-key-rollover",
       "redirect_document_id": false
     },
     {

.openpublishing.redirection.azure-monitor.json

@@ -6026,11 +6026,6 @@
             "redirect_url": "/previous-versions/azure/azure-monitor/alerts/monitoring-classic-retirement",
             "redirect_document_id": false
         },
-        {
-            "source_path_from_root": "/articles/azure-monitor/alerts/alerts-log-api-switch.md",
-            "redirect_url": "/previous-versions/azure/azure-monitor/alerts/alerts-log-api-switch",
-            "redirect_document_id": false
-        },
         {
             "source_path_from_root": "/articles/azure-monitor/visualize/view-designer.md",
             "redirect_url": "/previous-versions/azure/azure-monitor/visualize/view-designer",

.openpublishing.redirection.azure-vmware.json

@@ -4,6 +4,11 @@
             "source_path_from_root": "/articles/azure-vmware/send-logs-to-log-analytics.md",
             "redirect_url": "/azure/azure-vmware/configure-vmware-syslogs",
             "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/azure-vmware/attach-disk-pools-to-azure-vmware-solution-hosts.md",
+            "redirect_url": "/azure/storage/elastic-san/elastic-san-introduction",
+            "redirect_document_id": false
         }
     ]
 }

articles/active-directory-b2c/custom-policies-series-sign-up-or-sign-in.md

@@ -177,8 +177,8 @@ In the `ContosoCustomPolicy.XML` file, locate the `SignInUser` technical profile
             <Item Key="SignUpTarget">AccountTypeInputCollectorClaimsExchange</Item>
         </Metadata>
         <DisplayClaims>
-            <OutputClaim ClaimTypeReferenceId="email" Required="true" />
-            <OutputClaim ClaimTypeReferenceId="password" Required="true" />
+            <DisplayClaim ClaimTypeReferenceId="email" Required="true" />
+            <DisplayClaim ClaimTypeReferenceId="password" Required="true" />
         </DisplayClaims>
         <OutputClaims>
             <OutputClaim ClaimTypeReferenceId="email" />
@@ -327,4 +327,4 @@ You can sign in by entering the **Email Address** and **Password** of an existin
 
 - Learn how to [Remove the sign-up link](add-sign-in-policy.md), so users can just sign in.  
 
-- Learn more about [OpenID Connect technical profile](openid-connect-technical-profile.md).
+- Learn more about [OpenID Connect technical profile](openid-connect-technical-profile.md).

articles/active-directory-b2c/custom-policies-series-validate-user-input.md

@@ -195,7 +195,7 @@ While the *Predicates* define the validation to check against a claim type, the
         </Parameters>
       </Predicate>
 
-      <Predicate Id="AllowedAADCharacters" Method="MatchesRegex" HelpText="An invalid character was provided.">
+      <Predicate Id="AllowedCharacters" Method="MatchesRegex" HelpText="An invalid character was provided.">
         <Parameters>
           <Parameter Id="RegularExpression">(^([0-9A-Za-z\d@#$%^&amp;*\-_+=[\]{}|\\:',?/`~"();! ]|(\.(?!@)))+$)|(^$)</Parameter>
         </Parameters>

articles/active-directory/app-proxy/application-proxy-understand-cors-issues.md

@@ -109,7 +109,7 @@ You can change your app to support CORS by adding the Access-Control-Allow-Origi
 
 ### Option 5: Extend the lifetime of the access token
 
-Some CORS issues can't be resolved, such as when your app redirects to *login.microsoftonline.com* to authenticate, and the access token expires. The CORS call then fails. A workaround for this scenario is to extend the lifetime of the access token, to prevent it from expiring during a user’s session. For more information about how to do this, see [Configurable token lifetimes in Azure AD](../develop/active-directory-configurable-token-lifetimes.md).
+Some CORS issues can't be resolved, such as when your app redirects to *login.microsoftonline.com* to authenticate, and the access token expires. The CORS call then fails. A workaround for this scenario is to extend the lifetime of the access token, to prevent it from expiring during a user’s session. For more information about how to do this, see [Configurable token lifetimes in Azure AD](../develop/configurable-token-lifetimes.md).
 
 ## See also
 - [Tutorial: Add an on-premises application for remote access through Application Proxy in Azure Active Directory](../app-proxy/application-proxy-add-on-premises-application.md) 

articles/active-directory/authentication/howto-password-smart-lockout.md

@@ -93,7 +93,7 @@ Smart lockout tracks the last three bad password hashes to avoid incrementing th
 
 
 ## Default protections
-In addition to Smart lockout, Azure AD also protects against attacks by analyzing signals including IP traffic and identifying anomalous behavior. Azure AD will block these malicious sign-ins by default and return [AADSTS50053 - IdsLocked error code](../develop/reference-aadsts-error-codes.md), regardless of the password validity.
+In addition to Smart lockout, Azure AD also protects against attacks by analyzing signals including IP traffic and identifying anomalous behavior. Azure AD will block these malicious sign-ins by default and return [AADSTS50053 - IdsLocked error code](../develop/reference-error-codes.md), regardless of the password validity.
 
 ## Next steps
 

articles/active-directory/azuread-dev/TOC.yml

@@ -108,7 +108,7 @@
       - name: Configure optional claims
         href: ../develop/active-directory-optional-claims.md?toc=/azure/active-directory/azuread-dev/toc.json&bc=/azure/active-directory/azuread-dev/breadcrumb/toc.json
       - name: Configure token lifetimes
-        href: ../develop/active-directory-configurable-token-lifetimes.md?toc=/azure/active-directory/azuread-dev/toc.json&bc=/azure/active-directory/azuread-dev/breadcrumb/toc.json
+        href: ../develop/configurable-token-lifetimes.md?toc=/azure/active-directory/azuread-dev/toc.json&bc=/azure/active-directory/azuread-dev/breadcrumb/toc.json
     - name: ADAL error handling best practices
       href: active-directory-devhowto-adal-error-handling.md
   - name: Application configuration
@@ -156,7 +156,7 @@
   - name: Application manifest
     href: ../develop/reference-app-manifest.md?toc=/azure/active-directory/azuread-dev/toc.json&bc=/azure/active-directory/azuread-dev/breadcrumb/toc.json
   - name: Authentication and authorization error codes
-    href: ../develop/reference-aadsts-error-codes.md?toc=/azure/active-directory/azuread-dev/toc.json&bc=/azure/active-directory/azuread-dev/breadcrumb/toc.json
+    href: ../develop/reference-error-codes.md?toc=/azure/active-directory/azuread-dev/toc.json&bc=/azure/active-directory/azuread-dev/breadcrumb/toc.json
   - name: Breaking changes
     href: ../develop/reference-breaking-changes.md?toc=/azure/active-directory/azuread-dev/toc.json&bc=/azure/active-directory/azuread-dev/breadcrumb/toc.json
 - name: Resources

articles/active-directory/conditional-access/concept-continuous-access-evaluation.md

@@ -107,7 +107,7 @@ Because risk and policy are evaluated in real time, clients that negotiate conti
 
 Token lifetime is increased to long lived, up to 28 hours, in CAE sessions. Revocation is driven by critical events and policy evaluation, not just an arbitrary time period. This change increases the stability of applications without affecting security posture. 
 
-If you aren't using CAE-capable clients, your default access token lifetime will remain 1 hour. The default only changes if you configured your access token lifetime with the [Configurable Token Lifetime (CTL)](../develop/active-directory-configurable-token-lifetimes.md) preview feature.
+If you aren't using CAE-capable clients, your default access token lifetime will remain 1 hour. The default only changes if you configured your access token lifetime with the [Configurable Token Lifetime (CTL)](../develop/configurable-token-lifetimes.md) preview feature.
 
 ## Example flow diagrams
 

articles/active-directory/conditional-access/howto-conditional-access-session-lifetime.md

@@ -118,7 +118,7 @@ In persistent browsers, cookies stay stored in the user’s device even after a
 Conditional Access is an Azure AD Premium capability and requires a premium license. If you would like to learn more about Conditional Access, see [What is Conditional Access in Azure Active Directory?](overview.md#license-requirements)
 
 > [!WARNING]
-> If you are using the [configurable token lifetime](../develop/active-directory-configurable-token-lifetimes.md) feature currently in public preview, please note that we don’t support creating two different policies for the same user or app combination: one with this feature and another one with configurable token lifetime feature. Microsoft retired the configurable token lifetime feature for refresh and session token lifetimes on January 30, 2021 and replaced it with the Conditional Access authentication session management feature.  
+> If you are using the [configurable token lifetime](../develop/configurable-token-lifetimes.md) feature currently in public preview, please note that we don’t support creating two different policies for the same user or app combination: one with this feature and another one with configurable token lifetime feature. Microsoft retired the configurable token lifetime feature for refresh and session token lifetimes on January 30, 2021 and replaced it with the Conditional Access authentication session management feature.  
 >
 > Before enabling Sign-in Frequency, make sure other reauthentication settings are disabled in your tenant. If "Remember MFA on trusted devices" is enabled, be sure to disable it before using Sign-in frequency, as using these two settings together may lead to prompting users unexpectedly. To learn more about reauthentication prompts and session lifetime, see the article, [Optimize reauthentication prompts and understand session lifetime for Azure AD Multifactor Authentication](../authentication/concepts-azure-multi-factor-authentication-prompts-session-lifetime.md).