MicrosoftDocs
diff --git a/‎.openpublishing.redirection.json
Lines changed: 110 additions & 5 deletions b/‎.openpublishing.redirection.json
Lines changed: 110 additions & 5 deletions
diff --git a/‎articles/active-directory-b2c/deploy-custom-policies-devops.md
Lines changed: 6 additions & 41 deletions b/‎articles/active-directory-b2c/deploy-custom-policies-devops.md
Lines changed: 6 additions & 41 deletions
diff --git a/‎articles/active-directory-b2c/string-transformations.md
Lines changed: 39 additions & 2 deletions b/‎articles/active-directory-b2c/string-transformations.md
Lines changed: 39 additions & 2 deletions
diff --git a/‎articles/active-directory-b2c/technical-profiles-overview.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-b2c/technical-profiles-overview.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory-b2c/view-audit-logs.md
Lines changed: 6 additions & 5 deletions b/‎articles/active-directory-b2c/view-audit-logs.md
Lines changed: 6 additions & 5 deletions
diff --git a/‎articles/active-directory/authentication/TOC.yml
Lines changed: 8 additions & 4 deletions b/‎articles/active-directory/authentication/TOC.yml
Lines changed: 8 additions & 4 deletions
@@ -1210,6 +1210,101 @@
       "redirect_url": "/azure/cognitive-services/speech-service/how-to-migrate-from-custom-speech-service",
       "redirect_document_id": false
     },
+    {
+      "source_path": "articles/cognitive-services/Speech/concepts.md",
+      "redirect_url": "/azure/cognitive-services/speech-service/how-to-migrate-from-bing-speech",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/cognitive-services/Speech/Home.md",
+      "redirect_url": "/azure/cognitive-services/speech-service/how-to-migrate-from-bing-speech",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/cognitive-services/Speech/samples.md",
+      "redirect_url": "/azure/cognitive-services/speech-service/how-to-migrate-from-bing-speech",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/cognitive-services/Speech/support.md",
+      "redirect_url": "/azure/cognitive-services/speech-service/how-to-migrate-from-bing-speech",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/cognitive-services/Speech/troubleshooting.md",
+      "redirect_url": "/azure/cognitive-services/speech-service/how-to-migrate-from-bing-speech",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/cognitive-services/Speech/API-Reference-REST/BingVoiceOutput.md",
+      "redirect_url": "/azure/cognitive-services/speech-service/how-to-migrate-from-bing-speech",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/cognitive-services/Speech/API-Reference-REST/websocketprotocol.md",
+      "redirect_url": "/azure/cognitive-services/speech-service/how-to-migrate-from-bing-speech",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/cognitive-services/Speech/API-Reference-REST/supportedlanguages.md",
+      "redirect_url": "/azure/cognitive-services/speech-service/how-to-migrate-from-bing-speech",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/cognitive-services/Speech/GetStarted/GetStarted.md",
+      "redirect_url": "/azure/cognitive-services/speech-service/how-to-migrate-from-bing-speech",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/cognitive-services/Speech/GetStarted/GetStartedClientLibraries.md",
+      "redirect_url": "/azure/cognitive-services/speech-service/how-to-migrate-from-bing-speech",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/cognitive-services/Speech/GetStarted/GetStartedCSharpDesktop.md",
+      "redirect_url": "/azure/cognitive-services/speech-service/how-to-migrate-from-bing-speech",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/cognitive-services/Speech/GetStarted/GetStartedCSharpServiceLibrary.md",
+      "redirect_url": "/azure/cognitive-services/speech-service/how-to-migrate-from-bing-speech",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/cognitive-services/Speech/GetStarted/GetStartedJavaAndroid.md",
+      "redirect_url": "/azure/cognitive-services/speech-service/how-to-migrate-from-bing-speech",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/cognitive-services/Speech/GetStarted/GetStartedJSWebsockets.md",
+      "redirect_url": "/azure/cognitive-services/speech-service/how-to-migrate-from-bing-speech",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/cognitive-services/Speech/GetStarted/Get-Started-ObjectiveC-iOS.md",
+      "redirect_url": "/azure/cognitive-services/speech-service/how-to-migrate-from-bing-speech",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/cognitive-services/Speech/GetStarted/GetStartedREST.md",
+      "redirect_url": "/azure/cognitive-services/speech-service/how-to-migrate-from-bing-speech",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/cognitive-services/Speech/How-to/how-to-authentication.md",
+      "redirect_url": "/azure/cognitive-services/speech-service/how-to-migrate-from-bing-speech",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/cognitive-services/Speech/How-to/how-to-choose-recognition-mode.md",
+      "redirect_url": "/azure/cognitive-services/speech-service/how-to-migrate-from-bing-speech",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/cognitive-services/Speech/How-to/how-to-chunked-transfer.md",
+      "redirect_url": "/azure/cognitive-services/speech-service/how-to-migrate-from-bing-speech",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/cognitive-services/Emotion/emotion-api-how-to-topics/HowtoAnalyzeVideo_Emotion.md",
       "redirect_url": "/azure/cognitive-services/face/overview",
@@ -18389,6 +18484,21 @@
       "source_path": "articles/backup/backup-azure-vms-prepare.md",
       "redirect_url": "/azure/backup/backup-azure-arm-vms-prepare",
       "redirect_document_id": false
+    },
+	{
+      "source_path": "articles/backup/backup-azure-configure-reports.md",
+      "redirect_url": "/azure/backup/configure-reports.md",
+      "redirect_document_id": false
+    },
+	{
+      "source_path": "articles/backup/backup-azure-log-analytics-data-model.md",
+      "redirect_url": "/azure/backup/backup-azure-diagnostics-mode-data-model.md",
+      "redirect_document_id": false
+    },
+	{
+      "source_path": "articles/backup/backup-azure-log-analytics-new-data-model.md",
+      "redirect_url": "/azure/backup/backup-azure-reports-data-model.md",
+      "redirect_document_id": false
     },
     {
       "source_path": "articles/app-service/api/index.md",
@@ -37105,11 +37215,6 @@
       "redirect_url": "/azure/active-directory/user-help/myprofile-portal-overview",
       "redirect_document_id": false
     },
-    {
-      "source_path": "articles/active-directory/authentication/howto-authentication-passwordless-security-key-on-premises.md",
-      "redirect_url": "/azure/active-directory/authentication/howto-authentication-passwordless-security-key-windows",
-      "redirect_document_id": false
-    },
     {
       "source_path": "articles/active-directory/authentication/quickstart-sspr.md",
       "redirect_url": "/azure/active-directory/authentication/tutorial-enable-sspr",
 
@@ -31,6 +31,7 @@ There are three primary steps required for enabling Azure Pipelines to manage cu
 
 * [Azure AD B2C tenant](tutorial-create-tenant.md), and credentials for a user in the directory with the [B2C IEF Policy Administrator](../active-directory/users-groups-roles/directory-assign-admin-roles.md#b2c-ief-policy-administrator) role
 * [Custom policies](custom-policy-get-started.md) uploaded to your tenant
+* [Management app](microsoft-graph-get-started.md) registered in your tenant with the Microsoft Graph API permission *Policy.ReadWrite.TrustFramework*
 * [Azure Pipeline](https://azure.microsoft.com/services/devops/pipelines/), and access to an [Azure DevOps Services project][devops-create-project]
 
 ## Client credentials grant flow
@@ -39,47 +40,11 @@ The scenario described here makes use of service-to-service calls between Azure
 
 ## Register an application for management tasks
 
-Start by creating an application registration that your PowerShell scripts executed by Azure Pipelines will use to communicate with Azure AD B2C. If you already have an application registration that you use for automation tasks, you can skip to the [Grant permissions](#grant-permissions) section.
+As mentioned in [Prerequisites](#prerequisites), you need an application registration that your PowerShell scripts--executed by Azure Pipelines--can use for accessing the resources in your tenant.
 
-### Register application
+If you already have an application registration that you use for automation tasks, ensure it's been granted the **Microsoft Graph** > **Policy** > **Policy.ReadWrite.TrustFramework** permission within the **API Permissions** of the app registration.
 
-[!INCLUDE [active-directory-b2c-appreg-mgmt](../../includes/active-directory-b2c-appreg-mgmt.md)]
-
-### Grant permissions
-
-Next, grant the application permission to use the Microsoft Graph API to read and write custom policies in your Azure AD B2C tenant.
-
-#### [Applications](#tab/applications/)
-
-1. On the **Registered app** overview page, select **Settings**.
-1. Under **API Access**, select **Required permissions**.
-1. Select **Add**, then **Select an API**.
-1. Select **Microsoft Graph**, then **Select**.
-1. Under **Application Permissions**, select **Read and write your organization's trust framework policies**.
-1. Select **Select**, then **Done**.
-1. Select **Grant permissions**, and then select **Yes**. It might take a few minutes to for the permissions to fully propagate.
-
-#### [App registrations (Preview)](#tab/app-reg-preview/)
-
-1. Select **App registrations (Preview)**, and then select the web application that should have access to the Microsoft Graph API. For example, *managementapp1*.
-1. Under **Manage**, select **API permissions**.
-1. Under **Configured permissions**, select **Add a permission**.
-1. Select the **Microsoft APIs** tab, then select **Microsoft Graph**.
-1. Select **Application permissions**.
-1. Expand **Policy** and select **Policy.ReadWrite.TrustFramework**.
-1. Select **Add permissions**. As directed, wait a few minutes before proceeding to the next step.
-1. Select **Grant admin consent for (your tenant name)**.
-1. Select your currently signed-in administrator account, or sign in with an account in your Azure AD B2C tenant that's been assigned at least the *Cloud application administrator* role.
-1. Select **Accept**.
-1. Select **Refresh**, and then verify that "Granted for ..." appears under **Status**. It might take a few minutes for the permissions to propagate.
-
-* * *
-
-### Create client secret
-
-To authenticate with Azure AD B2C, your PowerShell script needs to specify a client secret that you create for the application.
-
-[!INCLUDE [active-directory-b2c-client-secret](../../includes/active-directory-b2c-client-secret.md)]
+For instructions on registering a management application, see [Manage Azure AD B2C with Microsoft Graph](microsoft-graph-get-started.md).
 
 ## Configure an Azure Repo
 
@@ -196,7 +161,7 @@ Next, add a task to deploy a policy file.
 
         ```PowerShell
         # After
-        -ClientID $(clientId) -ClientSecret $(clientSecret) -TenantId $(tenantId) -PolicyId B2C_1A_TrustFrameworkBase -PathToFile $(System.DefaultWorkingDirectory)/contosob2cpolicies/B2CAssets/TrustFrameworkBase.xml
+        -ClientID $(clientId) -ClientSecret $(clientSecret) -TenantId $(tenantId) -PolicyId B2C_1A_TrustFrameworkBase -PathToFile $(System.DefaultWorkingDirectory)/policyRepo/B2CAssets/TrustFrameworkBase.xml
         ```
 
 1. Select **Save** to save the Agent job.
@@ -248,4 +213,4 @@ Learn more about:
 <!-- LINKS - External -->
 [devops]: https://docs.microsoft.com/azure/devops/?view=azure-devops
 [devops-create-project]:  https://docs.microsoft.com/azure/devops/organizations/projects/create-project?view=azure-devops
-[devops-pipelines]: https://docs.microsoft.com/azure/devops/pipelines
+[devops-pipelines]: https://docs.microsoft.com/azure/devops/pipelines
@@ -9,7 +9,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: reference
-ms.date: 02/05/2020
+ms.date: 02/20/2020
 ms.author: marsma
 ms.subservice: B2C
 ---
@@ -30,7 +30,8 @@ Compare two claims, and throw an exception if they are not equal according to th
 | InputClaim | inputClaim2 | string | Second claim's type, which is to be compared. |
 | InputParameter | stringComparison | string | string comparison, one of the values: Ordinal, OrdinalIgnoreCase. |
 
-The **AssertStringClaimsAreEqual** claims transformation is always executed from a [validation technical profile](validation-technical-profile.md) that is called by a [self-asserted technical profile](self-asserted-technical-profile.md). The **UserMessageIfClaimsTransformationStringsAreNotEqual** self-asserted technical profile metadata controls the error message that is presented to the user.
+The **AssertStringClaimsAreEqual** claims transformation is always executed from a [validation technical profile](validation-technical-profile.md) that is called by a [self-asserted technical profile](self-asserted-technical-profile.md), or a [DisplayConrtol](display-controls.md). The `UserMessageIfClaimsTransformationStringsAreNotEqual` metadata of a self-asserted technical profile controls the error message that is presented to the user.
+
 
 ![AssertStringClaimsAreEqual execution](./media/string-transformations/assert-execution.png)
 
@@ -513,6 +514,42 @@ The following example looks up the domain name in one of the inputParameters col
 - Output claims:
     - **outputClaim**:	c7026f88-4299-4cdb-965d-3f166464b8a9
 
+When `errorOnFailedLookup` input parameter is set to `true`, the **LookupValue** claims transformation is always executed from a [validation technical profile](validation-technical-profile.md) that is called by a [self-asserted technical profile](self-asserted-technical-profile.md), or a [DisplayConrtol](display-controls.md). The `LookupNotFound` metadata of a self-asserted technical profile controls the error message that is presented to the user.
+
+![AssertStringClaimsAreEqual execution](./media/string-transformations/assert-execution.png)
+
+The following example looks up the domain name in one of the inputParameters collections. The claims transformation looks up the domain name in the identifier and returns its value (an application ID), or raises an error message.
+
+```XML
+ <ClaimsTransformation Id="DomainToClientId" TransformationMethod="LookupValue">
+  <InputClaims>
+    <InputClaim ClaimTypeReferenceId="domainName" TransformationClaimType="inputParameterId" />
+  </InputClaims>
+  <InputParameters>
+    <InputParameter Id="contoso.com" DataType="string" Value="13c15f79-8fb1-4e29-a6c9-be0d36ff19f1" />
+    <InputParameter Id="microsoft.com" DataType="string" Value="0213308f-17cb-4398-b97e-01da7bd4804e" />
+    <InputParameter Id="test.com" DataType="string" Value="c7026f88-4299-4cdb-965d-3f166464b8a9" />
+    <InputParameter Id="errorOnFailedLookup" DataType="boolean" Value="true" />
+  </InputParameters>
+  <OutputClaims>
+    <OutputClaim ClaimTypeReferenceId="domainAppId" TransformationClaimType="outputClaim" />
+  </OutputClaims>
+</ClaimsTransformation>
+```
+
+### Example
+
+- Input claims:
+    - **inputParameterId**: live.com
+- Input parameters:
+    - **contoso.com**: 13c15f79-8fb1-4e29-a6c9-be0d36ff19f1
+    - **microsoft.com**: 0213308f-17cb-4398-b97e-01da7bd4804e
+    - **test.com**: c7026f88-4299-4cdb-965d-3f166464b8a9
+    - **errorOnFailedLookup**: true
+- Error:
+    - No match found for the input claim value in the list of input parameter ids and errorOnFailedLookup is true.
+
+
 ## NullClaim
 
 Clean the value of a given claim.
 
@@ -35,7 +35,7 @@ A technical profile enables these types of scenarios:
 - [SAML2](saml-technical-profile.md) - Federation with any SAML protocol identity provider.
 - [Self-Asserted](self-asserted-technical-profile.md) - Interact with the user. For example, collect the user's credential to sign in, render the sign-up page, or password reset.
 - [Session management](custom-policy-reference-sso.md) - Handle different types of sessions.
-- **Application Insights**
+- [Application Insights](../azure-monitor/app/usage-overview.md)
 - [One time password](one-time-password-technical-profile.md) - Provides support for managing the generation and verification of a one-time password. 
 
 ## Technical profile flow
 
@@ -9,7 +9,7 @@ manager: celestedg
 ms.service: active-directory
 ms.topic: conceptual
 ms.workload: identity
-ms.date: 02/12/2020
+ms.date: 02/20/2020
 ms.author: marsma
 ms.subservice: B2C
 ms.custom: fasttrack-edit
@@ -109,13 +109,14 @@ The following PowerShell script shows an example of how to query the Azure AD re
 You can try this script in the [Azure Cloud Shell](overview.md). Be sure to update it with your application ID, client secret, and the name of your Azure AD B2C tenant.
 
 ```powershell
-# This script requires the registration of a Web Application in Azure Active Directory:
-# https://docs.microsoft.com/azure/active-directory/reports-monitoring/concept-reporting-api
+# This script requires an application registration that's granted Microsoft Graph API permission
+# https://docs.microsoft.com/azure/active-directory-b2c/microsoft-graph-get-started
 
 # Constants
-$ClientID       = "your-client-application-id-here"       # Insert your application's client ID, a GUID (registered by Global Admin)
+$ClientID       = "your-client-application-id-here"       # Insert your application's client ID, a GUID
 $ClientSecret   = "your-client-application-secret-here"   # Insert your application's client secret
-$tenantdomain   = "your-b2c-tenant.onmicrosoft.com"       # Insert your Azure AD B2C tenant; for example, contoso.onmicrosoft.com
+$tenantdomain   = "your-b2c-tenant.onmicrosoft.com"       # Insert your Azure AD B2C tenant domain name
+
 $loginURL       = "https://login.microsoftonline.com"
 $resource       = "https://graph.microsoft.com"           # Microsoft Graph API resource URI
 $7daysago       = "{0:s}" -f (get-date).AddDays(-7) + "Z" # Use 'AddMinutes(-5)' to decrement minutes, for example
 
@@ -130,10 +130,14 @@
     items: 
       - name: Deploying passwordless
         href: howto-authentication-passwordless-deployment.md
-      - name: Passwordless security keys
-        href: howto-authentication-passwordless-security-key.md
-      - name: Passwordless Windows 10
-        href: howto-authentication-passwordless-security-key-windows.md
+      - name: Passwordless FIDO2 security keys
+        items:
+          - name: Enable FIDO2 security keys for your tenant
+            href: howto-authentication-passwordless-security-key.md
+          - name: Sign in to Windows 10 devices
+            href: howto-authentication-passwordless-security-key-windows.md
+          - name: SSO to on-premises resources
+            href: howto-authentication-passwordless-security-key-on-premises.md
       - name: Passwordless phone sign-in
         href: howto-authentication-passwordless-phone.md
       - name: Windows Hello for Business