Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into t581147p

Author: TimShererWithAquent

.openpublishing.redirection.json

@@ -638,6 +638,21 @@
       "redirect_url": "/azure/azure-arc/kubernetes/conceptual-agent-overview",
       "redirect_document_id": false
     },
+    {
+      "source_path": "articles/cognitive-services/conversational-language-understanding/how-to/deploy-query-model.md",
+      "redirect_url": "/azure/cognitive-services/language-service/conversational-language-understanding/how-to/deploy-model",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "articles/cognitive-services/conversational-language-understanding/fail-over.md",
+      "redirect_url": "/azure/cognitive-services/language-service/conversational-language-understanding/how-to/fail-over",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "articles/cognitive-services/orchestration-workflow/deploy-query-model.md",
+      "redirect_url": "/azure/cognitive-services/language-service/orchestration-workflow/how-to/call-api",
+      "redirect_document_id": true
+    },
     {
       "source_path": "articles/cognitive-services/whats-new-docs.md",
       "redirect_url": "/azure/cognitive-services/what-are-cognitive-services",
@@ -17818,6 +17833,26 @@
       "redirect_url": "/azure/iot-dps/quick-setup-auto-provision-cli",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/iot-dps/tutorial-net-provision-device-to-hub.md",
+      "redirect_url": "/azure/iot-dps/",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/iot-dps/tutorial-provision-device-to-hub.md",
+      "redirect_url": "/azure/iot-dps/quick-create-simulated-device-symm-key",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/iot-dps/tutorial-set-up-cloud.md",
+      "redirect_url": "/azure/iot-dps/quick-create-simulated-device-symm-key",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/iot-dps/tutorial-set-up-device.md",
+      "redirect_url": "/azure/iot-dps/quick-create-simulated-device-symm-key",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/security/fundamentals/iot-overview.md",
       "redirect_url": "/azure/iot-fundamentals/iot-security-architecture",
@@ -21189,6 +21224,16 @@
       "redirect_url": "/azure/machine-learning/v1/reference-pipeline-yaml",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/machine-learning/how-to-create-register-datasets.md",
+      "redirect_url": "/azure/machine-learning/how-to-create-register-data-assets",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/machine-learning/how-to-access-data.md",
+      "redirect_url": "/azure/machine-learning/how-to-datastore",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/machine-learning/how-to-deploy-azure-container-instance.md",
       "redirect_url": "/azure/machine-learning/v1/how-to-deploy-azure-container-instance",
@@ -42759,6 +42804,11 @@
       "redirect_url": "/azure/aks/open-service-mesh-integrations",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/aks/spark-job.md",
+      "redirect_url": "/azure/aks/integrations#open-source-and-third-party-integrations",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/iot-dps/quick-create-device-symmetric-key-csharp.md",
       "redirect_url": "/azure/iot-dps/quick-create-simulated-device-symm-key",
@@ -43238,6 +43288,11 @@
       "source_path_from_root": "/articles/cognitive-services/language-service/text-summarization/quickstart.md",
       "redirect_url": "/azure/cognitive-services/language-service/summarization/quickstart",
       "redirect_document_id": true
+    },
+    {
+      "source_path_from_root": "/articles/aks/web-app-routing.md",
+      "redirect_url": "/azure/aks/intro-kubernetes",
+      "redirect_document_id": false
     }
   ]
 }

articles/active-directory-b2c/partner-xid.md

@@ -1,7 +1,7 @@
 ---
 title: "What's new in Azure Active Directory business-to-customer (B2C)"
 description: "New and updated documentation for the Azure Active Directory business-to-customer (B2C)."
-ms.date: 04/04/2022
+ms.date: 05/23/2022
 ms.service: active-directory
 ms.subservice: B2C
 ms.topic: reference
@@ -15,6 +15,30 @@ manager: CelesteDG
 
 Welcome to what's new in Azure Active Directory B2C documentation. This article lists new docs that have been added and those that have had significant updates in the last three months. To learn what's new with the B2C service, see [What's new in Azure Active Directory](../active-directory/fundamentals/whats-new.md).
 
+## April 2022
+
+### New articles
+
+- [Tutorial: Configure Azure Web Application Firewall with Azure Active Directory B2C](partner-azure-web-application-firewall.md)
+- [Configure Asignio with Azure Active Directory B2C for multi-factor authentication](partner-asignio.md)
+- [Set up sign-up and sign-in with Mobile ID using Azure Active Directory B2C](identity-provider-mobile-id.md)
+- [Find help and open a support ticket for Azure Active Directory B2C](find-help-open-support-ticket.md)
+
+### Updated articles
+
+- [Configure authentication in a sample single-page application by using Azure AD B2C](configure-authentication-sample-spa-app.md)
+- [Configure xID with Azure Active Directory B2C for passwordless authentication](partner-xid.md)
+- [Azure Active Directory B2C service limits and restrictions](service-limits.md)
+- [Localization string IDs](localization-string-ids.md)
+- [Manage your Azure Active Directory B2C tenant](tenant-management.md)
+- [Page layout versions](page-layout.md)
+- [Secure your API used an API connector in Azure AD B2C](secure-rest-api.md)
+- [Azure Active Directory B2C: What's new](whats-new-docs.md)
+- [Application types that can be used in Active Directory B2C](application-types.md)
+- [Publish your Azure Active Directory B2C app to the Azure Active Directory app gallery](publish-app-to-azure-ad-app-gallery.md)
+- [Quickstart: Set up sign in for a desktop app using Azure Active Directory B2C](quickstart-native-app-desktop.md)
+- [Register a single-page application (SPA) in Azure Active Directory B2C](tutorial-register-spa.md)
+
 ## March 2022
 
 ### New articles

articles/active-directory-b2c/whats-new-docs.md

@@ -288,17 +288,10 @@ Make sure that enough DCs are patched to respond in time to service your resourc
 > [!NOTE]
 > The `/keylist` switch in the `nltest` command is available in client Windows 10 v2004 and later.
 
-### What if I have a CloudTGT but it never gets exchange for a OnPremTGT when I am using Windows Hello for Business Cloud Trust?
-
-Make sure that the user you are signed in as, is a member of the groups of users that can use FIDO2 as an authentication method, or enable it for all users.
-
-> [!NOTE]
-> Even if you are not explicitly using a security key to sign-in to your device, the underlying technology is dependent on the FIDO2 infrastructure requirements.
-
 ### Do FIDO2 security keys work in a Windows login with RODC present in the hybrid environment?
 
 An FIDO2 Windows login looks for a writable DC to exchange the user TGT. As long as you have at least one writable DC per site, the login works fine. 
 
 ## Next steps
 
-[Learn more about passwordless authentication](concept-authentication-passwordless.md)
+[Learn more about passwordless authentication](concept-authentication-passwordless.md)

articles/active-directory/authentication/howto-authentication-passwordless-security-key-on-premises.md

@@ -85,7 +85,7 @@ For more information about these authentication protocols and services, see [Sig
 
 Before you can block legacy authentication in your directory, you need to first understand if your users have apps that use legacy authentication and how it affects your overall directory. Azure AD sign-in logs can be used to understand if you're using legacy authentication.
 
-1. Navigate to the **Azure portal** > **Azure Active Directory** > **Sign-ins**.
+1. Navigate to the **Azure portal** > **Azure Active Directory** > **Sign-in logs**.
 1. Add the Client App column if it isn't shown by clicking on **Columns** > **Client App**.
 1. **Add filters** > **Client App** > select all of the legacy authentication protocols. Select outside the filtering dialog box to apply your selections and close the dialog box.
 1. If you've activated the [new sign-in activity reports preview](../reports-monitoring/concept-all-sign-ins.md), repeat the above steps also on the **User sign-ins (non-interactive)** tab.

articles/active-directory/conditional-access/block-legacy-authentication.md

@@ -36,7 +36,7 @@ The Azure Active Directory (Azure AD) default configuration for user sign-in fre
 
 It might sound alarming to not ask for a user to sign back in, in reality any violation of IT policies will revoke the session. Some examples include (but aren't limited to) a password change, an incompliant device, or account disable. You can also explicitly [revoke users’ sessions using PowerShell](/powershell/module/azuread/revoke-azureaduserallrefreshtoken). The Azure AD default configuration comes down to “don’t ask users to provide their credentials if security posture of their sessions hasn't changed”.
 
-The sign-in frequency setting works with apps that have implemented OAUTH2 or OIDC protocols according to the standards. Most Microsoft native apps for Windows, Mac, and Mobile including the following web applications comply with the setting.
+The sign-in frequency setting works with apps that have implemented OAuth2 or OIDC protocols according to the standards. Most Microsoft native apps for Windows, Mac, and Mobile including the following web applications comply with the setting.
 
 - Word, Excel, PowerPoint Online
 - OneNote Online
@@ -48,7 +48,7 @@ The sign-in frequency setting works with apps that have implemented OAUTH2 or OI
 - Dynamics CRM Online
 - Azure portal
 
-The sign-in frequency setting works with SAML applications as well, as long as they don't drop their own cookies and are redirected back to Azure AD for authentication on regular basis.
+The sign-in frequency setting works with 3rd party SAML applications and apps that have implemented OAuth2 or OIDC protocols, as long as they don't drop their own cookies and are redirected back to Azure AD for authentication on regular basis.
 
 ### User sign-in frequency and multi-factor authentication
 

articles/active-directory/conditional-access/howto-conditional-access-session-lifetime.md

@@ -351,7 +351,7 @@ This section covers the configuration options under optional claims for changing
             {
                 "name": "groups",
                 "additionalProperties": [
-                    "netbios_name_and_sam_account_name",
+                    "netbios_domain_and_sam_account_name",
                     "emit_as_roles"
                 ]
             }
@@ -360,7 +360,7 @@ This section covers the configuration options under optional claims for changing
             {
                 "name": "groups",
                 "additionalProperties": [
-                    "netbios_name_and_sam_account_name",
+                    "netbios_domain_and_sam_account_name",
                     "emit_as_roles"
                 ]
             }

articles/active-directory/develop/active-directory-optional-claims.md

@@ -77,6 +77,11 @@ https://login.microsoftonline.com/<issuer>/oauth2/v2.0/token
 
 # NOTE: These are examples. Endpoint URI format may vary based on application type,
 #       sign-in audience, and Azure cloud instance (global or national cloud).
+
+#       The {issuer} value in the path of the request can be used to control who can sign into the application. 
+#       The allowed values are **common** for both Microsoft accounts and work or school accounts, 
+#       **organizations** for work or school accounts only, **consumers** for Microsoft accounts only, 
+#       and **tenant identifiers** such as the tenant ID or domain name.
 ```
 
 To find the endpoints for an application you've registered, in the [Azure portal](https://portal.azure.com) navigate to:

articles/active-directory/develop/active-directory-v2-protocols.md

@@ -108,7 +108,7 @@ The following samples show an application that accesses the Microsoft Graph API
 > |.NET Core| &#8226; [Call Microsoft Graph](https://github.com/Azure-Samples/active-directory-dotnetcore-daemon-v2/tree/master/1-Call-MSGraph) <br/> &#8226; [Call web API](https://github.com/Azure-Samples/active-directory-dotnetcore-daemon-v2/tree/master/2-Call-OwnApi)<br/> &#8226; [Call own web API](https://github.com/Azure-Samples/active-directory-dotnetcore-daemon-v2/tree/master/4-Call-OwnApi-Pop) <br/> &#8226; [Using managed identity and Azure key vault](https://github.com/Azure-Samples/active-directory-dotnetcore-daemon-v2/tree/master/3-Using-KeyVault)| MSAL.NET | Client credentials grant|
 > | ASP.NET|[Multi-tenant with Microsoft identity platform endpoint](https://github.com/Azure-Samples/ms-identity-aspnet-daemon-webapp) | MSAL.NET | Client credentials grant|
 > | Java | &#8226; [Call Microsoft Graph with Secret](https://github.com/Azure-Samples/ms-identity-msal-java-samples/tree/main/1.%20Server-Side%20Scenarios/msal-client-credential-secret) <br/> &#8226; [Call Microsoft Graph with Certificate](https://github.com/Azure-Samples/ms-identity-msal-java-samples/tree/main/1.%20Server-Side%20Scenarios/msal-client-credential-certificate)| MSAL Java | Client credentials grant|
-> | Node.js | [Sign in users and call web API](https://github.com/Azure-Samples/ms-identity-javascript-nodejs-console) | MSAL Node | Client credentials grant |
+> | Node.js | [Call Microsoft Graph with secret](https://github.com/Azure-Samples/ms-identity-javascript-nodejs-console) | MSAL Node | Client credentials grant |
 > | Python | &#8226; [Call Microsoft Graph with secret](https://github.com/Azure-Samples/ms-identity-python-daemon/tree/master/1-Call-MsGraph-WithSecret) <br/> &#8226; [Call Microsoft Graph with certificate](https://github.com/Azure-Samples/ms-identity-python-daemon/tree/master/2-Call-MsGraph-WithCertificate) | MSAL Python| Client credentials grant|
 
 ## Azure Functions as web APIs

articles/active-directory/develop/sample-v2-code.md

@@ -117,7 +117,7 @@ You can create a web API from scratch by using Microsoft.Identity.Web project te
 
 #### Starting from an existing ASP.NET Core 3.1 application
 
-ASP.NET Core 3.1 uses the Microsoft.AspNetCore.AzureAD.UI library. The middleware is initialized in the Startup.cs file.
+ASP.NET Core 3.1 uses the Microsoft.AspNetCore.Authentication.JwtBearer library. The middleware is initialized in the Startup.cs file.
 
 ```csharp
 using Microsoft.AspNetCore.Authentication.JwtBearer;