Merging changes synced from https://github.com/MicrosoftDocs/azure-docs-pr (branch live)

Author: Learn Build Service GitHub App

.openpublishing.redirection.json

@@ -13460,7 +13460,7 @@
         },
         {
             "source_path_from_root": "/articles/security/fundamentals/iot-best-practices.md",
-            "redirect_url": "/azure/iot/iot-security-best-practices",
+            "redirect_url": "/azure/iot/iot-overview-security",
             "redirect_document_id": false
         },
         {

articles/active-directory/conditional-access/concept-conditional-access-cloud-apps.md

@@ -6,12 +6,12 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: conditional-access
 ms.topic: conceptual
-ms.date: 09/14/2022
+ms.date: 06/27/2023
 
 ms.author: joflore
 author: MicrosoftGuyJFlo
 manager: amycolannino
-ms.reviewer: calebb
+ms.reviewer: lhuangnorth
 
 ms.collection: M365-identity-device-management
 ---
@@ -141,6 +141,21 @@ For more information on how to set up a sample policy for Microsoft Azure Manage
 > [!TIP]
 > For Azure Government, you should target the Azure Government Cloud Management API application.
 
+### Microsoft Admin Portals (preview)
+
+When a Conditional Access policy targets the Microsoft Admin Portals cloud app, the policy is enforced for tokens issued to application IDs of the following Microsoft administrative portals:
+
+- Microsoft 365 Admin Center
+- Exchange admin center
+- Azure portal
+- Microsoft Entra admin center
+- Security and Microsoft Purview compliance portal
+
+Other Microsoft admin portals will be added over time.
+
+> [!NOTE]
+> The Microsoft Admin Portals app applies to interactive sign-ins to the listed admin portals only. Sign-ins to the underlying resources or services like Microsoft Graph or Azure Resource Manager APIs are not covered by this application. Those resources are protected by the [Microsoft Azure Management](#microsoft-azure-management) app. This enables customers to move along the MFA adoption journey for admins without impacting automation that relies on APIs and PowerShell. When you are ready, Microsoft recommends using a [policy requiring administrators perform MFA always](howto-conditional-access-policy-admin-mfa.md) for comprehensive protection.
+
 ### Other applications
 
 Administrators can add any Azure AD registered application to Conditional Access policies. These applications may include: 
@@ -158,7 +173,7 @@ Some applications don't appear in the picker at all. The only way to include the
 
 ### All cloud apps
 
-Applying a Conditional Access policy to **All cloud apps** will result in the policy being enforced for all tokens issued to web sites and services. This option includes applications that aren't individually targetable in Conditional Access policy, such as Azure Active Directory. 
+Applying a Conditional Access policy to **All cloud apps** results in the policy being enforced for all tokens issued to web sites and services. This option includes applications that aren't individually targetable in Conditional Access policy, such as Azure Active Directory. 
 
 In some cases, an **All cloud apps** policy could inadvertently block user access. These cases are excluded from policy enforcement and include:
 

articles/active-directory/develop/howto-remove-app.md

@@ -1,6 +1,6 @@
 ---
 title: "How to: Remove a registered app from the Microsoft identity platform"
-description: In this how-to, you learn how to remove an application registered with the Microsoft identity platform.
+description: Learn how to remove an application registered with the Microsoft identity platform.
 services: active-directory
 author: cilwerner
 manager: CelesteDG
@@ -9,10 +9,11 @@ ms.service: active-directory
 ms.subservice: develop
 ms.topic: how-to
 ms.workload: identity
-ms.date: 07/28/2022
+ms.date: 06/21/2023
 ms.author: cwerner
 ms.custom: aaddev
 ms.reviewer: marsma, aragra, lenalepa, sureshja
+
 #Customer intent: As an application developer, I want to know how to remove my application from the Microsoft identity registered.
 ---
 
@@ -22,12 +23,13 @@ Enterprise developers and software-as-a-service (SaaS) providers who have regist
 
 In the following sections, you learn how to:
 
-* Remove an application authored by you or your organization
-* Remove an application authored by another organization
+- Remove an application authored by you or your organization
+- Remove an application authored by another organization
 
 ## Prerequisites
 
-* An [application registered in your Azure AD tenant](quickstart-register-app.md)
+- One of the following roles: Global Administrator, Cloud Application Administrator, Application Administrator, or owner of the service principal.
+- An [application registered in your Azure AD tenant](quickstart-register-app.md)
 
 ## Remove an application authored by you or your organization
 
@@ -38,10 +40,10 @@ Applications that you or your organization have registered are represented by bo
 
 To delete an application, be listed as an owner of the application or have admin privileges.
 
-1. Sign in to the <a href="https://portal.azure.com/" target="_blank">Azure portal</a>.
+1. Sign in to the [Azure portal](https://portal.azure.com) and sign in using one of the roles listed in the prerequisites.
 1. If you have access to multiple tenants, use the **Directory + subscription** filter :::image type="icon" source="./media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to select the tenant in which the app is registered.
 1. Search and select the **Azure Active Directory**. 
-1. Under **Manage**, select **App registrations**  and select the application that you want to configure. Once you've selected the app, you'll see the application's **Overview** page.
+1. Under **Manage**, select **App registrations**  and select the application that you want to configure. Once you've selected the app, you see the application's **Overview** page.
 1. From the **Overview** page, select **Delete**.
 1. Read the deletion consequences.  Check the box if one appears at the bottom of the pane.
 1. Select **Delete** to confirm that you want to delete the app.

articles/active-directory/develop/howto-restore-app.md

@@ -9,7 +9,7 @@ ms.service: active-directory
 ms.subservice: develop
 ms.topic: how-to
 ms.workload: identity
-ms.date: 07/28/2022
+ms.date: 06/21/2023
 ms.author: cwerner
 ms.reviewer: arcrowe
 ms.custom: aaddev
@@ -24,7 +24,8 @@ You can view your deleted applications, restore a deleted application, or perman
 
 Neither you nor Microsoft customer support can restore a permanently deleted application or an application deleted more than 30 days ago.
 
-## Required permissions
+## Prerequisites
+
 You must have one of the following roles to permanently delete applications.
 
 - Global administrator
@@ -38,36 +39,38 @@ You must have one of the following roles to restore applications.
 - Global administrator
 - Application owner
 
-### View your deleted applications
+## View your deleted applications
+
 You can see all the applications in a soft deleted state.  Only applications deleted less than 30 days ago can be restored.
 
-#### To view your restorable applications
-1. Sign in to the [Azure portal](https://portal.azure.com/).
-2. Search and select **Azure Active Directory**, select **App registrations**, and then select the **Deleted applications (Preview)** tab.
+To view your restorable applications:
+
+1. Sign in to the [Azure portal](https://portal.azure.com) and sign in using one of the roles listed in the prerequisites.
+1. Search and select **Azure Active Directory**, select **App registrations**, and then select the **Deleted applications** tab.
 
 Review the list of applications. Only applications that have been deleted in the past 30 days are available to restore. If using the App registrations search preview, you can filter by the 'Deleted date' column to see only these applications.
 
 ## Restore a recently deleted application
 
-When an app registration is deleted from the organization, the app is in a suspended state, and its configurations are preserved. When you restore an app registration, its configurations are also restored. However, if there were any organization-specific settings in **Enterprise applications** for the application's home tenant, those won't be restored.  
+When an app registration is deleted from the organization, the app is in a suspended state, and its configurations are preserved. When you restore an app registration, its configurations are also restored. However, if there were any organization-specific settings such as permission consents and user and group assignments for a certain organization stored in **Enterprise applications** for the application's home tenant, they're restored alongside the app registration.
 
-This is because organization-specific settings are stored on a separate object, called the service principal.  Settings held on the service principal include permission consents and user and group assignments for a certain organization; these configurations won't be restored when the app is restored. To learn how to restore the service principal with its previous configurations, see [Restore a recently deleted enterprise application](../manage-apps/restore-application.md).
+To restore an application:
 
-
-### To restore an application
-1. On the **Deleted applications (Preview)** tab, search for and select one of the applications deleted less than 30 days ago.
-2. Select **Restore app registration**.
+1. Go to the **Deleted applications** tab. Search for and select one of the applications deleted less than 30 days ago.
+1. Select **Restore app registration**.
 
 ## Permanently delete an application
-You can manually permanently delete an application from your organization. A permanently deleted application can't be restored by you, another administrator, or by Microsoft customer support. However, this does not permanently delete the corresponding service principal. A service principal cannot be restored without having an active corresponding application, so the service principal can be manually deleted, which is also permanent. If no action is taken the service principal will be permanently deleted 30 days after deleting the application.
 
-### To permanently delete an application
+You can manually permanently delete an application from your organization. A permanently deleted application can't be restored by you, another administrator, or by Microsoft customer support. However, this doesn't permanently delete the corresponding service principal. The service principal can't be restored without having an active corresponding application, so the service principal can be manually deleted, which is also permanent. If no action is taken, the service principal will be permanently deleted 30 days after deleting the application.
+
+To permanently delete an application:
 
-1. On the **Deleted applications (Preview)** tab, search for and select one of the available applications.
-2. Select **Delete permanently**.
-3. Read the warning text and select **Yes**.
+1. Go to the **Deleted applications** tab. Search for and select one of the available applications.
+1. Select **Delete permanently**.
+1. Read the warning text and select **Yes**.
 
 ## Next steps
+
 After you've restored or permanently deleted your app, you can:
 
 - [Add an application](quickstart-register-app.md).

articles/active-directory/manage-apps/delete-application-portal.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: app-mgmt
 ms.topic: how-to
 ms.workload: identity
-ms.date: 07/28/2022
+ms.date: 06/21/2023
 ms.author: jomondi
 ms.reviewer: sureshja
 zone_pivot_groups: enterprise-apps-all
@@ -21,7 +21,7 @@ ms.custom: enterprise-apps
 
 In this article, you learn how to delete an enterprise application that was added to your Azure Active Directory (Azure AD) tenant. 
 
-When you delete and enterprise application, it will be held in a suspended state in the recycle bin for 30 days. During the 30 days, you can [Restore the application](restore-application.md). Deleted items are automatically hard deleted after the 30-day period. For more information on frequently asked questions about deletion and recovery of applications, see [Deleting and recovering applications FAQs](delete-recover-faq.yml).
+When you delete and enterprise application, it's held in a suspended state in the recycle bin for 30 days. During the 30 days, you can [Restore the application](restore-application.md). Deleted items are automatically hard deleted after the 30-day period. For more information on frequently asked questions about deletion and recovery of applications, see [Deleting and recovering applications FAQs](delete-recover-faq.yml).
 
 
 ## Prerequisites
@@ -39,7 +39,7 @@ To delete an enterprise application, you need:
 :::zone pivot="portal"
 
 1. Sign in to the [Azure portal](https://portal.azure.com) and sign in using one of the roles listed in the prerequisites.
-1. In the left menu, select **Enterprise applications**. The **All applications** pane opens and displays a list of the applications in your Azure AD tenant. Search for and select the application that you want to delete. For example, **Azure AD SAML Toolkit 1**.
+1. In the left menu, select **Enterprise applications**. The **All applications** pane opens and displays a list of the applications in your Azure AD tenant. Search for and select the application that you want to delete. In this article, we use the **Azure AD SAML Toolkit 1** as an example.
 1. In the **Manage** section of the left menu, select **Properties**.
 1. At the top of the **Properties** pane, select **Delete**, and then select **Yes** to confirm you want to delete the application from your Azure AD tenant.
 
@@ -130,8 +130,8 @@ Delete an enterprise application using [Graph Explorer](https://developer.micros
 
    ---
 
-1. Record the ID of the enterprise app you want to delete.
-1. Delete the enterprise application.
+2. Record the ID of the enterprise app you want to delete.
+3. Delete the enterprise application.
 
    # [HTTP](#tab/http)
    ```http