MicrosoftDocs
diff --git a/‎.openpublishing.publish.config.json
Lines changed: 6 additions & 0 deletions b/‎.openpublishing.publish.config.json
Lines changed: 6 additions & 0 deletions
diff --git a/‎.openpublishing.redirection.active-directory.json
Lines changed: 4 additions & 4 deletions b/‎.openpublishing.redirection.active-directory.json
Lines changed: 4 additions & 4 deletions
diff --git a/‎.openpublishing.redirection.azure-web-pubsub.json
Lines changed: 10 additions & 0 deletions b/‎.openpublishing.redirection.azure-web-pubsub.json
Lines changed: 10 additions & 0 deletions
diff --git a/‎.openpublishing.redirection.json
Lines changed: 440 additions & 0 deletions b/‎.openpublishing.redirection.json
Lines changed: 440 additions & 0 deletions
diff --git a/‎.openpublishing.redirection.security-benchmark.json
Lines changed: 16 additions & 0 deletions b/‎.openpublishing.redirection.security-benchmark.json
Lines changed: 16 additions & 0 deletions
diff --git a/‎.openpublishing.redirection.synapse-analytics.json
Lines changed: 5 additions & 0 deletions b/‎.openpublishing.redirection.synapse-analytics.json
Lines changed: 5 additions & 0 deletions
diff --git a/‎articles/active-directory-b2c/identity-provider-azure-ad-single-tenant.md
Lines changed: 4 additions & 4 deletions b/‎articles/active-directory-b2c/identity-provider-azure-ad-single-tenant.md
Lines changed: 4 additions & 4 deletions
diff --git a/‎articles/active-directory-b2c/partner-bloksec.md
Lines changed: 15 additions & 14 deletions b/‎articles/active-directory-b2c/partner-bloksec.md
Lines changed: 15 additions & 14 deletions
diff --git a/‎articles/active-directory-b2c/technical-overview.md
Lines changed: 2 additions & 2 deletions b/‎articles/active-directory-b2c/technical-overview.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/active-directory/app-provisioning/whats-new-docs.md
Lines changed: 8 additions & 1 deletion b/‎articles/active-directory/app-provisioning/whats-new-docs.md
Lines changed: 8 additions & 1 deletion
@@ -45,6 +45,12 @@
       "branch": "master",
       "branch_mapping": {}
     },
+    {
+      "path_to_root": "azure_arc_sample",
+      "url": "https://github.com/microsoft/azure_arc",
+      "branch": "main",
+      "branch_mapping": {}
+    },
     {
       "path_to_root": "resourcemanager-templates",
       "url": "https://github.com/Azure/azure-docs-json-samples",
 
@@ -82,7 +82,7 @@
         },
         {
             "source_path": "articles/active-directory/user-help/multi-factor-authentication-end-user-first-time.md",
-            "redirect_url": "https://support.microsoft.com/account-billing/how-to-use-the-microsoft-authenticator-app-9783c865-0308-42fb-a519-8cf666fe0acc",
+            "redirect_url": "https://support.microsoft.com/account-billing/download-and-install-the-microsoft-authenticator-app-351498fc-850a-45da-b7b6-27e523b8702a",
             "redirect_document_id": false
         },
         {
@@ -957,7 +957,7 @@
         },
         {
             "source_path_from_root": "/articles/active-directory/active-directory-saas-facebook-at-work-provisioning-tutorial.md",
-            "redirect_url": "/azure/active-directory/active-directory-saas-workplacebyfacebook-provisioning-tutorial",
+            "redirect_url": "/azure/active-directory/saas-apps/workplace-by-facebook-provisioning-tutorial",
             "redirect_document_id": false
         },
         {
@@ -9887,7 +9887,7 @@
         },
         {
             "source_path_from_root": "/articles/active-directory/active-directory-saas-workplacebyfacebook-provisioning-tutorial.md",
-            "redirect_url": "/azure/active-directory/saas-apps/workplacebyfacebook-provisioning-tutorial",
+            "redirect_url": "/azure/active-directory/saas-apps/workplace-by-facebook-provisioning-tutorial",
             "redirect_document_id": true
         },
         {
@@ -10546,4 +10546,4 @@
             "redirect_document_id": false
           }
     ]
-}
+}
@@ -4,6 +4,16 @@
             "source_path_from_root": "/articles/azure-web-pubsub/howto-troubleshoot-diagnostic-logs.md",
             "redirect_url": "/azure/azure-web-pubsub/howto-troubleshoot-resource-logs",
             "redirect_document_id": false
+        },
+        {
+          "source_path_from_root": "/articles/azure-web-pubsub/reference-server-sdk-csharp.md",
+          "redirect_url": "/dotnet/api/overview/azure/webpubsub/client",
+          "redirect_document_id": false
+        },
+        {
+          "source_path_from_root": "/articles/azure-web-pubsub/reference-server-sdk-java.md",
+          "redirect_url": "/java/api/overview/azure/webpubsub/client",
+          "redirect_document_id": false
         }
     ]
 }
@@ -516,6 +516,11 @@
         "redirect_url": "/security/benchmark/azure/baselines/virtual-network-security-baseline",
         "redirect_document_id": false
     },
+    {
+        "source_path_from_root": "/articles/virtual-network/nat-gateway/nat-security-baseline.md",
+        "redirect_url": "/security/benchmark/azure/baselines/virtual-network-nat-security-baseline",
+        "redirect_document_id": false
+    },
     {
         "source_path_from_root": "/articles/virtual-network/nat-security-baseline.md",
         "redirect_url": "/security/benchmark/azure/baselines/virtual-network-nat-security-baseline",
@@ -526,6 +531,17 @@
         "redirect_url": "/security/benchmark/azure/baselines/virtual-wan-security-baseline",
         "redirect_document_id": false
     },
+    {
+        "source_path_from_root": "/articles/virtual-desktop/security-baseline.md",
+        "redirect_url": "/security/benchmark/azure/baselines/virtual-desktop-security-baseline",
+        "redirect_document_id": false
+    },
+    {
+        "source_path_from_root": "/articles/cloud-services/security-baseline.md",
+        "redirect_url": "/security/benchmark/azure/baselines/cloud-services-security-baseline",
+        "redirect_document_id": false
+    },
+
     {
         "source_path_from_root": "/articles/vpn-gateway/security-baseline.md",
         "redirect_url": "/security/benchmark/azure/baselines/vpn-gateway-security-baseline",
 
@@ -64,6 +64,11 @@
             "source_path_from_root": "/articles/synapse-analytics/machine-learning/tutorial-spark-pool-filesystem-spec.md",
             "redirect_url": "/azure/synapse-analytics/spark/tutorial-spark-pool-filesystem-spec",
             "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/synapse-analytics/security/synapse-workspace-managed-identity.md",
+            "redirect_url": "/azure/data-factory/data-factory-service-identity",
+            "redirect_document_id": false
         }
     ]
 }
 
@@ -76,7 +76,7 @@ If you want to get the `family_name` and `given_name` claims from Azure AD, you
 1. Select **Add optional claim**.
 1. For the **Token type**, select **ID**.
 1. Select the optional claims to add, `family_name` and `given_name`.
-1. Click **Add**.
+1. Select **Add**. If **Turn on the Microsoft Graph email permission (required for claims to appear in token)** appears, enable it, and then select **Add** again.
 
 ## [Optional] Verify your app authenticity
 
@@ -97,8 +97,7 @@ If you want to get the `family_name` and `given_name` claims from Azure AD, you
     https://login.microsoftonline.com/{tenant}/v2.0/.well-known/openid-configuration
     ```
 
-    For example, `https://login.microsoftonline.com/contoso.onmicrosoft.com/v2.0/.well-known/openid-configuration`.
-    For example, `https://login.microsoftonline.com/contoso.com/v2.0/.well-known/openid-configuration`.
+ For example, `https://login.microsoftonline.com/contoso.onmicrosoft.com/v2.0/.well-known/openid-configuration`. If you use a custom domain, replace `contoso.com` with your custom domain in `https://login.microsoftonline.com/contoso.com/v2.0/.well-known/openid-configuration`.
 
 1. For **Client ID**, enter the application ID that you previously recorded.
 1. For **Client secret**, enter the client secret that you previously recorded.
@@ -121,7 +120,8 @@ At this point, the Azure AD identity provider has been set up, but it's not yet
 
 1. In your Azure AD B2C tenant, select **User flows**.
 1. Click the user flow that you want to add the Azure AD identity provider.
-1. Under the **Social identity providers**, select **Contoso Azure AD**.
+1. Under **Settings**, select **Identity providers**
+1. Under **Custom identity providers**, select **Contoso Azure AD**.
 1. Select **Save**.
 1. To test your policy, select **Run user flow**.
 1. For **Application**, select a web application that you [previously registered](tutorial-register-applications.md). The **Reply URL** should show `https://jwt.ms`. 
 
@@ -21,8 +21,6 @@ zone_pivot_groups: b2c-policy-type
 
 ::: zone pivot="b2c-custom-policy"
 
-
-
 ::: zone-end
 
 In this sample tutorial, learn how to integrate Azure Active Directory (AD) B2C authentication with [BlokSec](https://bloksec.com/). BlokSec simplifies the end-user login experience by providing customers passwordless authentication and tokenless multifactor authentication (MFA). BlokSec protects customers against identity-centric cyber-attacks such as password stuffing, phishing, and man-in-the-middle attacks.
@@ -55,6 +53,7 @@ The following architecture diagram shows the implementation.
 Request a demo tenant with BlokSec by filling out [the form](https://bloksec.com/request-a-demo/). In the message field indicates that you would like to onboard with Azure AD B2C. Download and install the free BlokSec yuID mobile app from the app store. Once your demo tenant has been prepared, you'll receive an email. On your mobile device where the BlokSec application is installed, select the link to register your admin account with your yuID app.
 
 ::: zone pivot="b2c-user-flow"
+
 ## Prerequisites
 
 To get started, you'll need:
@@ -69,6 +68,7 @@ To get started, you'll need:
 ::: zone-end
 
 ::: zone pivot="b2c-custom-policy"
+
 ## Prerequisites
 
 To get started, you'll need:
@@ -112,10 +112,10 @@ To get started, you'll need:
 1. Sign-in to the [Azure portal](https://portal.azure.com/#home) as the global administrator of your Azure AD B2C tenant.
 1. Make sure you're using the directory that contains your Azure AD B2C tenant. Select the **Directories + subscriptions** icon in the portal toolbar.
 1. On the **Portal settings | Directories + subscriptions** page, find your Azure AD B2C directory in the **Directory name** list, and then select **Switch**.
-1. Choose **All services** in the top-left corner of the Azure portal, search for and select **Azure AD B2C** 
-1. Navigate to **Dashboard > Azure Active Directory B2C > Identity providers**
-1. Select New **OpenID Connect Provider**
-1. Select **Add**
+1. Choose **All services** in the top-left corner of the Azure portal, then search for and select **Azure AD B2C**.
+1. Navigate to **Dashboard** > **Azure Active Directory B2C** > **Identity providers**.
+1. Select New **OpenID Connect Provider**.
+1. Select **Add**.
 
 ### Part 3 - Configure an Identity provider
 
@@ -126,14 +126,14 @@ To get started, you'll need:
 |Property  |Value  |
 |:---------|:---------|
 |Name     |Enter BlokSec yuID – Passwordless or a name of your choice|
-|Metadata URL|https://api.bloksec.io/oidc/.well-known/openid-configuration|         
+|Metadata URL| `https://api.bloksec.io/oidc/.well-known/openid-configuration` |
 |Client ID|The application ID from the BlokSec admin UI captured in **Part 1**|
 |Client Secret|The application Secret from the BlokSec admin UI captured in **Part 1**|
 |Scope|OpenID email profile|
 |Response type|Code|
 |Domain hint|yuID|
 
-1. Select **OK**
+1. Select **OK**.
 
 1. Select **Map this identity provider’s claims**.
 
@@ -177,13 +177,13 @@ You should now see BlokSec as a new OIDC Identity provider listed within your B2
 
 1. Select **Run user flow**
 
-1. In the form, enter the Replying URL, for example, https://jwt.ms
+1. In the form, enter the Replying URL, such as `https://jwt.ms`.
 
 1. The browser will be redirected to the BlokSec login page. Enter the account name registered during User registration. The user will receive a push notification to their mobile device where the BlokSec yuID application is installed; upon opening the notification, the user will be presented with an authentication challenge
 
-1. Once the authentication challenge is accepted, the browser will redirect the user to the replying URL.  
+1. Once the authentication challenge is accepted, the browser will redirect the user to the replying URL.
 
-## Next steps 
+## Next steps
 
 For additional information, review the following articles:
 
@@ -320,7 +320,8 @@ The following XML demonstrates the first two orchestration steps of a user journ
 
 The relying party policy, for example [SignUpSignIn.xml](https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack/blob/master/SocialAndLocalAccounts/SignUpOrSignin.xml), specifies the user journey which Azure AD B2C will execute. Find the **DefaultUserJourney** element within relying party. Update the **ReferenceId** to match the user journey ID, in which you added the identity provider.
 
-In the following example, for the `CustomSignUpOrSignIn` user journey, the ReferenceId is set to `CustomSignUpOrSignIn`.  
+In the following example, for the `CustomSignUpOrSignIn` user journey, the ReferenceId is set to `CustomSignUpOrSignIn`.
+
 ```xml
 <RelyingParty>
   <DefaultUserJourney ReferenceId="CustomSignUpSignIn" />
@@ -346,12 +347,12 @@ Select **Upload Custom Policy**, and then upload the two policy files that you c
 
 If the sign-in process is successful, your browser is redirected to `https://jwt.ms`, which displays the contents of the token returned by Azure AD B2C.
 
-## Next steps 
+## Next steps
 
 For additional information, review the following articles:
 
 - [Custom policies in Azure AD B2C](./custom-policy-overview.md)
 
 - [Get started with custom policies in Azure AD B2C](./tutorial-create-user-flows.md?pivots=b2c-custom-policy)
 
-::: zone-end
+::: zone-end
@@ -118,7 +118,7 @@ Read the [User flows and custom policies overview](user-flow-overview.md) articl
 
 ## User interface
 
-In Azure AD B2C, you can craft your users' identity experiences so that the pages are shown blend seamlessly with the look and feel of your brand. You get nearly full control of the HTML and CSS content presented to your users when they proceed through your application's identity journeys. With this flexibility, you can maintain brand and visual consistency between your application and Azure AD B2C.
+In Azure AD B2C, you can craft your users' identity experiences so that the pages that are shown blend seamlessly with the look and feel of your brand. You get nearly full control of the HTML and CSS content presented to your users when they proceed through your application's identity journeys. With this flexibility, you can maintain brand and visual consistency between your application and Azure AD B2C.
 
 
 
@@ -132,7 +132,7 @@ For information on UI customization, see:
 
 ## Custom domain
 
-You can customize your Azure AD B2C domain in the redirect URLs for Azure AD B2C. Custom domain allows you to create a seamless experience so that the pages are shown blend seamlessly with the domain name of your application.
+You can customize your Azure AD B2C domain in the redirect URLs for Azure AD B2C. Custom domain allows you to create a seamless experience so that the pages that are shown blend seamlessly with the domain name of your application.
 
 ![Screenshots of Azure AD B2C custom domain](media/technical-overview/custom-domain.png)
 
 
@@ -1,7 +1,7 @@
 ---
 title: "What's new in Azure Active Directory application provisioning"
 description: "New and updated documentation for the Azure Active Directory application provisioning."
-ms.date: 10/05/2021
+ms.date: 11/04/2021
 ms.service: active-directory
 ms.subservice: app-provisioning
 ms.topic: reference
@@ -15,6 +15,13 @@ manager: karenh444
 
 Welcome to what's new in Azure Active Directory application provisioning documentation. This article lists new docs that have been added and those that have had significant updates in the last three months. To learn what's new with the provisioning service, see [What's new in Azure Active Directory](../fundamentals/whats-new.md).
 
+## October 2021
+
+### New articles
+
+- [Configuring Azure AD to provision users into LDAP directories](on-premises-ldap-connector-configure.md)
+
+
 ## September 2021
 
 ### New articles
Original file line number	Diff line number	Diff line change
`@@ -82,7 +82,7 @@`
`82`	`82`	`},`
`83`	`83`	`{`
`84`	`84`	`"source_path": "articles/active-directory/user-help/multi-factor-authentication-end-user-first-time.md",`
`85`		`- "redirect_url": "https://support.microsoft.com/account-billing/how-to-use-the-microsoft-authenticator-app-9783c865-0308-42fb-a519-8cf666fe0acc",`
	`85`	`+ "redirect_url": "https://support.microsoft.com/account-billing/download-and-install-the-microsoft-authenticator-app-351498fc-850a-45da-b7b6-27e523b8702a",`
`86`	`86`	`"redirect_document_id": false`
`87`	`87`	`},`
`88`	`88`	`{`
`@@ -957,7 +957,7 @@`
`957`	`957`	`},`
`958`	`958`	`{`
`959`	`959`	`"source_path_from_root": "/articles/active-directory/active-directory-saas-facebook-at-work-provisioning-tutorial.md",`
`960`		`- "redirect_url": "/azure/active-directory/active-directory-saas-workplacebyfacebook-provisioning-tutorial",`
	`960`	`+ "redirect_url": "/azure/active-directory/saas-apps/workplace-by-facebook-provisioning-tutorial",`
`961`	`961`	`"redirect_document_id": false`
`962`	`962`	`},`
`963`	`963`	`{`
`@@ -9887,7 +9887,7 @@`
`9887`	`9887`	`},`
`9888`	`9888`	`{`
`9889`	`9889`	`"source_path_from_root": "/articles/active-directory/active-directory-saas-workplacebyfacebook-provisioning-tutorial.md",`
`9890`		`- "redirect_url": "/azure/active-directory/saas-apps/workplacebyfacebook-provisioning-tutorial",`
	`9890`	`+ "redirect_url": "/azure/active-directory/saas-apps/workplace-by-facebook-provisioning-tutorial",`
`9891`	`9891`	`"redirect_document_id": true`
`9892`	`9892`	`},`
`9893`	`9893`	`{`
`@@ -10546,4 +10546,4 @@`
`10546`	`10546`	`"redirect_document_id": false`
`10547`	`10547`	`}`
`10548`	`10548`	`]`
`10549`		`-}`
	`10549`	`+}`
Original file line number	Diff line number	Diff line change
`@@ -4,6 +4,16 @@`
`4`	`4`	`"source_path_from_root": "/articles/azure-web-pubsub/howto-troubleshoot-diagnostic-logs.md",`
`5`	`5`	`"redirect_url": "/azure/azure-web-pubsub/howto-troubleshoot-resource-logs",`
`6`	`6`	`"redirect_document_id": false`
	`7`	`+ },`
	`8`	`+ {`
	`9`	`+ "source_path_from_root": "/articles/azure-web-pubsub/reference-server-sdk-csharp.md",`
	`10`	`+ "redirect_url": "/dotnet/api/overview/azure/webpubsub/client",`
	`11`	`+ "redirect_document_id": false`
	`12`	`+ },`
	`13`	`+ {`
	`14`	`+ "source_path_from_root": "/articles/azure-web-pubsub/reference-server-sdk-java.md",`
	`15`	`+ "redirect_url": "/java/api/overview/azure/webpubsub/client",`
	`16`	`+ "redirect_document_id": false`
`7`	`17`	`}`
`8`	`18`	`]`
`9`	`19`	`}`
Original file line number	Diff line number	Diff line change
`@@ -64,6 +64,11 @@`
`64`	`64`	`"source_path_from_root": "/articles/synapse-analytics/machine-learning/tutorial-spark-pool-filesystem-spec.md",`
`65`	`65`	`"redirect_url": "/azure/synapse-analytics/spark/tutorial-spark-pool-filesystem-spec",`
`66`	`66`	`"redirect_document_id": false`
	`67`	`+ },`
	`68`	`+ {`
	`69`	`+ "source_path_from_root": "/articles/synapse-analytics/security/synapse-workspace-managed-identity.md",`
	`70`	`+ "redirect_url": "/azure/data-factory/data-factory-service-identity",`
	`71`	`+ "redirect_document_id": false`
`67`	`72`	`}`
`68`	`73`	`]`
`69`	`74`	`}`