Merge branch 'master' of https://github.com/MicrosoftDocs/azure-docs-pr into tamram-0213

Author: tamram

.openpublishing.redirection.json

@@ -17800,6 +17800,11 @@
       "redirect_url": "/azure/sql-data-warehouse/sql-data-warehouse-load-with-data-factory",
       "redirect_document_id": false
     },
+    {
+      "source_path": "articles/synapse-analytics/sql-data-warehouse/sql-data-warehouse-get-started-visualize-with-power-bi.md",
+      "redirect_url": "/power-bi/service-azure-sql-data-warehouse-with-direct-connect",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/sql-data-warehouse/sql-data-warehouse-load-from-azure-blob-storage-with-data-factory.md",
       "redirect_url": "/azure/sql-data-warehouse/sql-data-warehouse-load-with-data-factory",
@@ -17937,7 +17942,7 @@
     },
     {
       "source_path": "articles/sql-data-warehouse/sql-data-warehouse-get-started-visualize-with-power-bi.md",
-      "redirect_url": "/azure/synapse-analytics/sql-data-warehouse/sql-data-warehouse-get-started-visualize-with-power-bi",
+      "redirect_url": "/power-bi/service-azure-sql-data-warehouse-with-direct-connect",
       "redirect_document_id": true
     },
     {

articles/active-directory/authentication/howto-authentication-sms-signin.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 04/13/2020
+ms.date: 04/24/2020
 
 ms.author: iainfou
 author: iainfoulds
@@ -36,9 +36,9 @@ To complete this article, you need the following resources and privileges:
 * An Azure Active Directory tenant associated with your subscription.
     * If needed, [create an Azure Active Directory tenant][create-azure-ad-tenant] or [associate an Azure subscription with your account][associate-azure-ad-tenant].
 * You need *global administrator* privileges in your Azure AD tenant to enable SMS-based authentication.
-* Each user that's enabled in the text message authentication method policy must be licensed, even if they don't use it. Each enabled user must have one of the following Azure AD or Microsoft 365 licenses:
+* Each user that's enabled in the text message authentication method policy must be licensed, even if they don't use it. Each enabled user must have one of the following Azure AD, Office 365, or Microsoft 365 licenses:
     * [Azure AD Premium P1 or P2][azuread-licensing]
-    * [Microsoft 365 (M365) F1 or F3][m365-firstline-workers-licensing]
+    * [Microsoft 365 (M365) F1 or F3][m365-firstline-workers-licensing] or [Office 365 F1][o365-f1] or [F3][o365-f3]
     * [Enterprise Mobility + Security (EMS) E3 or E5][ems-licensing] or [Microsoft 365 (M365) E3 or E5][m365-licensing]
 
 ## Limitations
@@ -162,3 +162,5 @@ For additional ways to sign in to Azure AD without a password, such as the Micro
 [azuread-licensing]: https://azure.microsoft.com/pricing/details/active-directory/
 [ems-licensing]: https://www.microsoft.com/microsoft-365/enterprise-mobility-security/compare-plans-and-pricing
 [m365-licensing]: https://www.microsoft.com/microsoft-365/compare-microsoft-365-enterprise-plans
+[o365-f1]: https://www.microsoft.com/microsoft-365/business/office-365-f1?market=af
+[o365-f3]: https://www.microsoft.com/microsoft-365/business/office-365-f3?activetab=pivot%3aoverviewtab

articles/active-directory/develop/active-directory-claims-mapping.md

@@ -479,7 +479,7 @@ In this example, you create a policy that adds the EmployeeID and TenantCountry
    1. To create the policy, run the following command:  
 	 
       ``` powershell
-      New-AzureADPolicy -Definition @('{"ClaimsMappingPolicy":{"Version":1,"IncludeBasicClaimSet":"true", "ClaimsSchema": [{"Source":"user","ID":"employeeid","SamlClaimType":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name","JwtClaimType":"name"},{"Source":"company","ID":"tenantcountry","SamlClaimType":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country","JwtClaimType":"country"}]}}') -DisplayName "ExtraClaimsExample" -Type "ClaimsMappingPolicy"
+      New-AzureADPolicy -Definition @('{"ClaimsMappingPolicy":{"Version":1,"IncludeBasicClaimSet":"true", "ClaimsSchema": [{"Source":"user","ID":"employeeid","SamlClaimType":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/employeeid","JwtClaimType":"name"},{"Source":"company","ID":"tenantcountry","SamlClaimType":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country","JwtClaimType":"country"}]}}') -DisplayName "ExtraClaimsExample" -Type "ClaimsMappingPolicy"
       ```
 	
    2. To see your new policy, and to get the policy ObjectId, run the following command:

articles/active-directory/develop/reference-breaking-changes.md

@@ -9,7 +9,7 @@ ms.service: active-directory
 ms.subservice: develop
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 3/13/2020
+ms.date: 5/4/2020
 ms.author: ryanwi
 ms.reviewer: hirsin
 ms.custom: aaddev
@@ -33,13 +33,31 @@ The authentication system alters and adds features on an ongoing basis to improv
 
 None scheduled at this time.  Please see below for the changes that are in or are coming to production.
 
+## May 2020
+
+### Azure Government endpoints are changing
+
+**Effective date**: May 5th (Finishing June 2020) 
+
+**Endpoints impacted**: All
+
+**Protocol impacted**: All flows
+
+On 1 June 2018, the official Azure Active Directory (AAD) Authority for Azure Government changed from `https://login-us.microsoftonline.com` to `https://login.microsoftonline.us`. This change also applied to Microsoft 365 GCC High and DoD, which Azure Government AAD also services. If you own an application within a US Government tenant, you must update your application to sign users in on the `.us` endpoint.  
+
+Starting May 5th, Azure AD will begin enforcing the endpoint change, blocking government users from signing into apps hosted in US Government tenants using the public endpoint (`microsoftonline.com`).  Impacted apps will begin seeing an error `AADSTS900439` - `USGClientNotSupportedOnPublicEndpoint`. This error indicates that the app is attempting to sign in a US Government user on the public cloud endpoint. If your app is in a public cloud tenant and intended to support US Government users, you will need to [update your app to support them explicitly](https://docs.microsoft.com/azure/active-directory/develop/authentication-national-cloud). This may require creating a new app registration in the US Government cloud. 
+
+Enforcement of this change will be done using a gradual rollout based on how frequently users from the US Government cloud sign in to the application - apps signing in US Government users infrequently will see enforcement first, and apps frequently used by US Government users will be last to have enforcement applied. We expect enforcement to be complete across all apps in June 2020. 
+
+For more details, please see the [Azure Government blog post on this migration](https://devblogs.microsoft.com/azuregov/azure-government-aad-authority-endpoint-update/). 
+
 ## March 2020
 
 ### User passwords will be restricted to 256 characters.
 
 **Effective date**: March 13, 2020
 
-**Endpoints impacted**: Both v1.0 and v2.0
+**Endpoints impacted**: All
 
 **Protocol impacted**: All user flows.
 

articles/active-directory/saas-apps/profitco-saml-app-tutorial.md

@@ -1,6 +1,6 @@
 ---
-title: 'Tutorial: Azure Active Directory single sign-on (SSO) integration with Profit.co SAML App | Microsoft Docs'
-description: Learn how to configure single sign-on between Azure Active Directory and Profit.co SAML App.
+title: 'Tutorial: Azure Active Directory single sign-on (SSO) integration with Profit.co | Microsoft Docs'
+description: Learn how to configure single sign-on between Azure Active Directory and Profit.co.
 services: active-directory
 documentationCenter: na
 author: jeevansd
@@ -13,18 +13,18 @@ ms.subservice: saas-app-tutorial
 ms.workload: identity
 ms.tgt_pltfrm: na
 ms.topic: tutorial
-ms.date: 03/27/2020
+ms.date: 04/30/2020
 ms.author: jeedes
 
 ms.collection: M365-identity-device-management
 ---
 
-# Tutorial: Azure Active Directory single sign-on (SSO) integration with Profit.co SAML App
+# Tutorial: Azure Active Directory single sign-on (SSO) integration with Profit.co
 
-In this tutorial, you'll learn how to integrate Profit.co SAML App with Azure Active Directory (Azure AD). When you integrate Profit.co SAML App with Azure AD, you can:
+In this tutorial, you'll learn how to integrate Profit.co with Azure Active Directory (Azure AD). When you integrate Profit.co with Azure AD, you can:
 
-* Control in Azure AD who has access to Profit.co SAML App.
-* Enable your users to be automatically signed in to Profit.co SAML App with their Azure AD accounts.
+* Control in Azure AD who has access to Profit.co.
+* Enable your users to be automatically signed in to Profit.co with their Azure AD accounts.
 * Manage your accounts in one central location, the Azure portal.
 
 To learn more about software as a service (SaaS) app integration with Azure AD, see [What is application access and single sign-on with Azure Active Directory](https://docs.microsoft.com/azure/active-directory/manage-apps/what-is-single-sign-on).
@@ -34,45 +34,45 @@ To learn more about software as a service (SaaS) app integration with Azure AD,
 To get started, you need the following items:
 
 * An Azure AD subscription. If you don't have a subscription, you can get a [free account](https://azure.microsoft.com/free/).
-* Profit.co SAML App single sign-on (SSO) enabled subscription.
+* Profit.co single sign-on (SSO) enabled subscription.
 
 ## Scenario description
 
 In this tutorial, you configure and test Azure AD SSO in a test environment.
 
-* Profit.co SAML App supports IDP initiated SSO.
+* Profit.co supports IDP initiated SSO.
 
-* After you configure Profit.co SAML App, you can enforce session control. This protects exfiltration and infiltration of your organization's sensitive data in real time. Session control extends from conditional access. [Learn how to enforce session control with Microsoft Cloud App Security](https://docs.microsoft.com/cloud-app-security/proxy-deployment-any-app).
+* After you configure Profit.co, you can enforce session control. This protects exfiltration and infiltration of your organization's sensitive data in real time. Session control extends from conditional access. [Learn how to enforce session control with Microsoft Cloud App Security](https://docs.microsoft.com/cloud-app-security/proxy-deployment-any-app).
 
-## Add Profit.co SAML App from the gallery
+## Add Profit.co from the gallery
 
-To configure the integration of Profit.co SAML App into Azure AD, you need to add Profit.co SAML App from the gallery to your list of managed SaaS apps.
+To configure the integration of Profit.co into Azure AD, you need to add Profit.co from the gallery to your list of managed SaaS apps.
 
 1. Sign in to the [Azure portal](https://portal.azure.com) by using either a work or school account, or a personal Microsoft account.
 1. On the left navigation pane, select the **Azure Active Directory** service.
 1. Go to **Enterprise Applications**, and then select **All Applications**.
 1. To add a new application, select **New application**.
-1. In the **Add from the gallery** section, type **Profit.co SAML App** in the search box.
-1. Select **Profit.co SAML App** from the results panel, and then add the app. Wait a few seconds while the app is added to your tenant.
+1. In the **Add from the gallery** section, type **Profit.co** in the search box.
+1. Select **Profit.co** from the results panel, and then add the app. Wait a few seconds while the app is added to your tenant.
 
-## Configure and test Azure AD single sign-on for Profit.co SAML App
+## Configure and test Azure AD single sign-on for Profit.co
 
-Configure and test Azure AD SSO with Profit.co SAML App by using a test user called **B.Simon**. For SSO to work, establish a linked relationship between an Azure AD user and the related user in Profit.co SAML App.
+Configure and test Azure AD SSO with Profit.co by using a test user called **B.Simon**. For SSO to work, establish a linked relationship between an Azure AD user and the related user in Profit.co.
 
-Here are the general steps to configure and test Azure AD SSO with Profit.co SAML App:
+Here are the general steps to configure and test Azure AD SSO with Profit.co:
 
 1. **[Configure Azure AD SSO](#configure-azure-ad-sso)** to enable your users to use this feature.
     1. **[Create an Azure AD test user](#create-an-azure-ad-test-user)** to test Azure AD single sign-on with B.Simon.
     1. **[Assign the Azure AD test user](#assign-the-azure-ad-test-user)** to enable B.Simon to use Azure AD single sign-on.
-1. **[Configure Profit.co SAML App SSO](#configure-profitco-saml-app-sso)** to configure the single sign-on settings on the application side.
-    1. **[Create Profit.co SAML App test user](#create-a-profitco-saml-app-test-user)** to have a counterpart of B.Simon in Profit.co SAML App. This counterpart is linked to the Azure AD representation of the user.
+1. **[Configure Profit.co SSO](#configure-profitco-sso)** to configure the single sign-on settings on the application side.
+    1. **[Create Profit.co test user](#create-a-profitco-test-user)** to have a counterpart of B.Simon in Profit.co. This counterpart is linked to the Azure AD representation of the user.
 1. **[Test SSO](#test-sso)** to verify whether the configuration works.
 
 ## Configure Azure AD SSO
 
 Follow these steps to enable Azure AD SSO in the Azure portal.
 
-1. In the [Azure portal](https://portal.azure.com/), on the **Profit.co SAML App** application integration page, find the **Manage** section. Select **single sign-on**.
+1. In the [Azure portal](https://portal.azure.com/), on the **Profit.co** application integration page, find the **Manage** section. Select **single sign-on**.
 1. On the **Select a single sign-on method** page, select **SAML**.
 1. On the **Set up single sign-on with SAML** page, select the pencil icon for **Basic SAML Configuration** to edit the settings.
 
@@ -98,10 +98,10 @@ In this section, you create a test user in the Azure portal called B.Simon.
 
 ### Assign the Azure AD test user
 
-In this section, you enable B.Simon to use Azure single sign-on by granting access to Profit.co SAML App.
+In this section, you enable B.Simon to use Azure single sign-on by granting access to Profit.co.
 
 1. In the Azure portal, select **Enterprise Applications** > **All applications**.
-1. In the applications list, select **Profit.co SAML App**.
+1. In the applications list, select **Profit.co**.
 1. In the app's overview page, find the **Manage** section, and select **Users and groups**.
 
    ![Screenshot of the Manage section, with Users and groups highlighted](common/users-groups-blade.png)
@@ -114,19 +114,19 @@ In this section, you enable B.Simon to use Azure single sign-on by granting acce
 1. If you're expecting any role value in the SAML assertion, in the **Select Role** dialog box, select the appropriate role for the user from the list. Then choose the **Select** button at the bottom of the screen.
 1. In the **Add Assignment** dialog box, select **Assign**.
 
-## Configure Profit.co SAML App SSO
+## Configure Profit.co SSO
 
-To configure single sign-on on the Profit.co SAML App side, you need to send the App Federation Metadata URL to the [Profit.co SAML App support team](mailto:[email protected]). They configure this setting to have the SAML SSO connection set properly on both sides.
+To configure single sign-on on the Profit.co side, you need to send the App Federation Metadata URL to the [Profit.co support team](mailto:[email protected]). They configure this setting to have the SAML SSO connection set properly on both sides.
 
-### Create a Profit.co SAML App test user
+### Create a Profit.co test user
 
-In this section, you create a user called B.Simon in Profit.co SAML App. Work with the [Profit.co SAML App support team](mailto:[email protected]) to add the users in the Profit.co SAML App platform. You can't use single sign-on until you create and activate users.
+In this section, you create a user called B.Simon in Profit.co. Work with the [Profit.co support team](mailto:[email protected]) to add the users in the Profit.co platform. You can't use single sign-on until you create and activate users.
 
 ## Test SSO
 
 In this section, you test your Azure AD single sign-on configuration by using Access Panel.
 
-When you select the Profit.co SAML App tile in Access Panel, you should be automatically signed in to the Profit.co SAML App for which you set up SSO. For more information, see [Introduction to Access Panel](https://docs.microsoft.com/azure/active-directory/active-directory-saas-access-panel-introduction).
+When you select the Profit.co tile in Access Panel, you should be automatically signed in to the Profit.co for which you set up SSO. For more information, see [Introduction to Access Panel](https://docs.microsoft.com/azure/active-directory/active-directory-saas-access-panel-introduction).
 
 ## Additional resources
 
@@ -136,8 +136,8 @@ When you select the Profit.co SAML App tile in Access Panel, you should be autom
 
 - [What is conditional access in Azure Active Directory?](https://docs.microsoft.com/azure/active-directory/conditional-access/overview)
 
-- [Try Profit.co SAML App with Azure AD](https://aad.portal.azure.com/)
+- [Try Profit.co with Azure AD](https://aad.portal.azure.com/)
 
 - [What is session control in Microsoft Cloud App Security?](https://docs.microsoft.com/cloud-app-security/proxy-intro-aad)
 
-- [How to protect Profit.co SAML App with advanced visibility and controls](https://docs.microsoft.com/cloud-app-security/proxy-intro-aad)
+- [How to protect Profit.co with advanced visibility and controls](https://docs.microsoft.com/cloud-app-security/proxy-intro-aad)