Merge pull request #190566 from MicrosoftDocs/main

Merge Main to Live, 4 AM

Author: PMEds28

.openpublishing.redirection.json

@@ -38684,6 +38684,11 @@
       "redirect_url": "/azure/cognitive-services/Speech-Service/language-identification",
       "redirect_document_id": true
     },
+    {
+      "source_path_from_root": "/articles/cognitive-services/Speech-Service/phone-sets.md",
+      "redirect_url": "/azure/cognitive-services/Speech-Service/customize-pronunciation",
+      "redirect_document_id": true
+    },
     {
       "source_path_from_root": "/articles/cognitive-services/entitylinking/GettingStarted.md",
       "redirect_url": "/azure/cognitive-services/text-analytics",

articles/active-directory-b2c/add-password-reset-policy.md

@@ -342,3 +342,5 @@ Your application needs to handle certain errors coming from Azure B2C service. L
 ## Next steps
 
 Set up a [force password reset](force-password-reset.md).
+
+[Sign-up and Sign-in with embedded password reset](https://github.com/azure-ad-b2c/samples/tree/master/policies/embedded-password-reset).

articles/active-directory-b2c/azure-ad-external-identities-videos.md

@@ -4,7 +4,8 @@ titleSuffix: Azure AD B2C
 description: Microsoft Azure Active Directory B2C Video Series 
 services: active-directory-b2c
 author: gargi-sinha
-manager: martinco
+manager: CelesteDG
+ms.reviewer: kengaderdus
 ms.service: active-directory
 ms.workload: identity
 ms.topic: how-to

articles/active-directory-b2c/azure-sentinel.md

@@ -4,7 +4,8 @@ titleSuffix: Azure AD B2C
 description: In this tutorial, you use Microsoft Sentinel to perform security analytics for Azure Active Directory B2C data.
 services: active-directory-b2c
 author: gargi-sinha
-manager: martinco
+manager: CelesteDG
+ms.reviewer: kengaderdus
 
 ms.service: active-directory
 ms.workload: identity

articles/active-directory-b2c/configure-a-sample-node-web-app.md

@@ -8,7 +8,7 @@ manager: CelesteDG
 ms.service: active-directory
 ms.workload: identity
 ms.topic: how-to
-ms.date: 02/09/2022
+ms.date: 04/03/2022
 ms.author: kengaderdus
 ms.subservice: B2C
 ---
@@ -143,7 +143,7 @@ You can now test the sample app. You need to start the Node server and access it
 ### Test sign in
 
 1. After the page with the **Sign in** button finishes loading, select **Sign in**. You're prompted to sign in.
-1. Enter your sign-in credentials, such as email address and password. If you don't have an account, select **Sign up now** to create an account. If you have an account but have forgotten your password, select **Forgot your password?** to recover your password. After you successfully sign in or sign up, you should see the following page that shows sign-in status.
+1. Enter your sign-in credentials, such as email address and password. If you don't have an account, select **Sign up now** to create an account. After you successfully sign in or sign up, you should see the following page that shows sign-in status.
 
    :::image type="content" source="./media/configure-a-sample-node-web-app/tutorial-dashboard-page.png" alt-text="Screenshot shows web app sign-in status.":::
 

articles/active-directory-b2c/configure-authentication-in-sample-node-web-app-with-api.md

@@ -9,7 +9,7 @@ manager: CelesteDG
 ms.service: active-directory
 ms.workload: identity
 ms.topic: how-to
-ms.date: 02/09/2022
+ms.date: 04/03/2022
 ms.author: kengaderdus
 ms.subservice: B2C
 ---
@@ -250,7 +250,7 @@ You're now ready to test the web application's scoped access to the web API. Run
 
 1. To call the protected API endpoint, select the **Sign in to call PROTECTED API** button. You're prompted to sign in. 
 
-1. Enter your sign-in credentials, such as email address and password. If you don't have an account, select **Sign up now** to create an account. If you have an account but have forgotten your password, select **Forgot your password?** to recover your password. After you successfully sign in or sign up, you should see the following page with **Call the PROTECTED API** button.
+1. Enter your sign-in credentials, such as email address and password. If you don't have an account, select **Sign up now** to create an account. After you successfully sign in or sign up, you should see the following page with **Call the PROTECTED API** button.
 
 
     :::image type="content" source="./media/tutorial-call-api-using-access-token/signed-in-to-call-api.png" alt-text="Web page for signed to call protected A P I.":::

articles/active-directory-b2c/identity-verification-proofing.md

@@ -4,7 +4,8 @@ titleSuffix: Azure AD B2C
 description: Learn about our partners who integrate with Azure AD B2C to provide identity proofing and verification solutions 
 services: active-directory-b2c
 author: gargi-sinha
-manager: martinco
+manager: CelesteDG
+ms.reviewer: kengaderdus
 
 ms.service: active-directory
 ms.workload: identity

articles/active-directory-b2c/media/partner-akamai/rule-action-deny.png

@@ -86,7 +86,7 @@ The technical profile also returns claims that aren't returned by the identity p
 | ValidTokenIssuerPrefixes | No | A key that can be used to sign in to each of the tenants when using a multi-tenant identity provider such as Azure Active Directory. |
 | UsePolicyInRedirectUri | No | Indicates whether to use a policy when constructing the redirect URI. When you configure your application in the identity provider, you need to specify the redirect URI. The redirect URI points to Azure AD B2C, `https://{your-tenant-name}.b2clogin.com/{your-tenant-name}.onmicrosoft.com/oauth2/authresp`.  If you specify `true`, you need to add a redirect URI for each policy you use. For example: `https://{your-tenant-name}.b2clogin.com/{your-tenant-name}.onmicrosoft.com/{policy-name}/oauth2/authresp`. |
 | MarkAsFailureOnStatusCode5xx | No | Indicates whether a request to an external service should be marked as a failure if the Http status code is in the 5xx range. The default is `false`. |
-| DiscoverMetadataByTokenIssuer | No | Indicates whether the OIDC metadata should be discovered by using the issuer in the JWT token. |
+| DiscoverMetadataByTokenIssuer | No | Indicates whether the OIDC metadata should be discovered by using the issuer in the JWT token.If you need to build the metadata endpoint URL based on Issuer, set this to `true`.|
 | IncludeClaimResolvingInClaimsHandling  | No | For input and output claims, specifies whether [claims resolution](claim-resolver-overview.md) is included in the technical profile. Possible values: `true`, or `false` (default). If you want to use a claims resolver in the technical profile, set this to `true`. |
 |token_endpoint_auth_method| No | Specifies how Azure AD B2C sends the authentication header to the token endpoint. Possible values: `client_secret_post` (default), and `client_secret_basic` (public preview), `private_key_jwt` (public preview). For more information, see [OpenID Connect client authentication section](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication). |
 |token_signing_algorithm| No | Specifies the signing algorithm to use when `token_endpoint_auth_method` is set to `private_key_jwt`. Possible values: `RS256` (default) or `RS512`.|

articles/active-directory-b2c/openid-connect-technical-profile.md

@@ -1,22 +1,23 @@
 ---
-title: Tutorial to configure Azure Active Directory B2C with Akamai Web Application Firewall
+title: Configure Azure Active Directory B2C with Akamai Web Application Firewall
 titleSuffix: Azure AD B2C
-description: Tutorial to configure Akamai Web application firewall with Azure AD B2C
+description: Configure Akamai Web application firewall with Azure AD B2C
 services: active-directory-b2c
 author: gargi-sinha
-manager: martinco
+manager: CelesteDG
+ms.reviewer: kengaderdus
 
 ms.service: active-directory
 ms.workload: identity
 ms.topic: how-to
-ms.date: 07/15/2021
+ms.date: 04/03/2022
 ms.author: gasinh
 ms.subservice: B2C
 ---
 
-# Tutorial: Configure Akamai with Azure Active Directory B2C
+# Configure Akamai with Azure Active Directory B2C
 
-In this sample tutorial, learn how to enable [Akamai Web Application Firewall (WAF)](https://www.akamai.com/us/en/resources/web-application-firewall.jsp) solution for Azure Active Directory (AD) B2C tenant using custom domains. Akamai WAF helps organization protect their web applications from malicious attacks that aim to exploit vulnerabilities such as SQL injection and Cross site scripting.
+In this sample article, learn how to enable [Akamai Web Application Firewall (WAF)](https://www.akamai.com/us/en/resources/web-application-firewall.jsp) solution for Azure Active Directory B2C (Azure AD B2C) tenant using custom domains. Akamai WAF helps organization protect their web applications from malicious attacks that aim to exploit vulnerabilities such as SQL injection and Cross site scripting.
 
 >[!NOTE]
 >This feature is in public preview.
@@ -29,7 +30,7 @@ Benefits of using Akamai WAF solution:
 
 - Allows fine grained manipulation of traffic to protect and secure your identity infrastructure.
 
-This sample tutorial applies to both [Web Application Protector (WAP)](https://www.akamai.com/us/en/products/security/web-application-protector-enterprise-waf-firewall-ddos-protection.jsp) and [Kona Site Defender (KSD)](https://www.akamai.com/us/en/products/security/kona-site-defender.jsp) WAF solutions that Akamai offers.
+This article applies to both [Web Application Protector (WAP)](https://www.akamai.com/us/en/products/security/web-application-protector-enterprise-waf-firewall-ddos-protection.jsp) and [Kona Site Defender (KSD)](https://www.akamai.com/us/en/products/security/kona-site-defender.jsp) WAF solutions that Akamai offers.
 
 ## Prerequisites
 
@@ -55,7 +56,7 @@ Akamai WAF integration includes the following components:
 
 1. To use custom domains in Azure AD B2C, it's required to use custom domain feature provided by Azure Front Door. Learn how to [enable Azure AD B2C custom domains](./custom-domain.md?pivots=b2c-user-flow).  
 
-2. After custom domain for Azure AD B2C is successfully configured using Azure Front Door, [test the custom domain](./custom-domain.md?pivots=b2c-custom-policy#test-your-custom-domain) before proceeding further.  
+1. After custom domain for Azure AD B2C is successfully configured using Azure Front Door, [test the custom domain](./custom-domain.md?pivots=b2c-custom-policy#test-your-custom-domain) before proceeding further.  
 
 ## Onboard with Akamai
 
@@ -65,14 +66,14 @@ Akamai WAF integration includes the following components:
 
 1. [Create a new property](https://control.akamai.com/wh/CUSTOMER/AKAMAI/en-US/WEBHELP/property-manager/property-manager-help/GUID-14BB87F2-282F-4C4A-8043-B422344884E6.html).
 
-2. Configure the property settings as:
+1. Configure the property settings as:
 
     | Property | Value |
     |:---------------|:---------------|
     |Property version | Select Standard or Enhanced TLS (preferred) |
-    |Property hostnames | Add a property hostname. This is the name of your custom domain, for example: login.domain.com. <BR> Create or modify a certificate with the appropriate settings for the custom domain name. For more information, see [this](https://learn.akamai.com/en-us/webhelp/property-manager/https-delivery-with-property-manager/GUID-9EE0EB6A-E62B-4F5F-9340-60CBD093A429.html). |
+    |Property hostnames | Add a property hostname. This is the name of your custom domain, for example, `login.domain.com`. <BR> Create or modify a certificate with the appropriate settings for the custom domain name. Learn more about [creating a certificate](https://learn.akamai.com/en-us/webhelp/property-manager/https-delivery-with-property-manager/GUID-9EE0EB6A-E62B-4F5F-9340-60CBD093A429.html). |
 
-3. Set the origin server property configuration settings as:
+1. Set the origin server property configuration settings as:
 
     |Property| Value |
     |:-----------|:-----------|
@@ -83,27 +84,27 @@ Akamai WAF integration includes the following components:
 
 ### Configure DNS
 
-Create a CNAME record in your DNS such as login.domain.com that points to the Edge hostname in the Property hostname field.
+Create a CNAME record in your DNS such as `login.domain.com` that points to the Edge hostname in the Property hostname field.
 
 ### Configure Akamai WAF
 
 1. [Configure Akamai WAF](https://learn.akamai.com/en-us/webhelp/kona-site-defender/kona-site-defender-quick-start/GUID-6294B96C-AE8B-4D99-8F43-11B886E6C39A.html#GUID-6294B96C-AE8B-4D99-8F43-11B886E6C39A).
 
-2. Ensure that **Rule Actions** for all items listed under the **Attack Group** are set to **Deny**.
+1. Ensure that **Rule Actions** for all items listed under the **Attack Group** are set to **Deny**.
 
-![Image shows rule action set to deny](./media/partner-akamai/rule-action-deny.png)
+    ![Image shows rule action set to deny](./media/partner-akamai/rule-action-deny.png)
 
 Learn more about [how the control works and configuration options](https://control.akamai.com/dl/security/GUID-81C0214B-602A-4663-839D-68BCBFF41292.html).
 
 <!-- docutune:ignore "Security Center" -->
 
 ### Test the settings
 
-Check the following to ensure all traffic to Azure AD B2C is now going through the custom domain:
+Check the following to ensure all traffic to Azure AD B2C is going through the custom domain:
 
 - Make sure all incoming requests to Azure AD B2C custom domain are routed via Akamai WAF and using valid TLS connection.
 - Ensure all cookies are set correctly by Azure AD B2C for the custom domain.
-- The Akamai WAF dashboard available under Defender for Cloud console display charts for all traffic passing through the WAF along with any attack traffic.
+- The Akamai WAF dashboard available under Defender for Cloud console display charts for all traffic that pass through the WAF along with any attack traffic.
 
 ## Next steps