Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into downlink-aqua

Author: ShawnJackson

.openpublishing.redirection.json

@@ -27844,6 +27844,11 @@
             "redirect_url": "/azure/virtual-machines/workloads/sap/deployment-checklist",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/virtual-machines/workloads/sap/sap-get-started-classic.md",
+            "redirect_url": "/azure/virtual-machines/workloads/sap/get-started",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/migrate/how-to-scale-assessment.md",
             "redirect_url": "scale-hyper-v-assessment",

articles/active-directory-b2c/azure-ad-b2c-global-identity-funnel-based-design.md

@@ -1,5 +1,5 @@
 ---
-title: Azure Active Directory B2C global identity framework funnel-based design considerations 
+title: Build a global identity solution with funnel-based approach
 titleSuffix: Azure AD B2C
 description: Learn the funnel-based design consideration for Azure AD B2C to provide customer identity management for global customers.
 services: active-directory-b2c

articles/active-directory-b2c/azure-ad-b2c-global-identity-region-based-design.md

@@ -1,5 +1,5 @@
 ---
-title: Azure Active Directory B2C global identity framework region-based design considerations 
+title: Build a global identity solution with region-based approach
 titleSuffix: Azure AD B2C
 description: Learn the region-based design consideration for Azure AD B2C to provide customer identity management for global customers.
 services: active-directory-b2c

articles/active-directory-b2c/partner-akamai-secure-hybrid-access.md

@@ -385,8 +385,8 @@ Once the Application is deployed in a private environment and a connector is cap
 
   | Header Name  | Attribute |
   |--------------|-----------|
-  | ps-sso-first | http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name      |
-  | ps-sso-last  | http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname |
+  | ps-sso-first | `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name` |
+  | ps-sso-last  | `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname` |
   | ps-sso-EmailAddress      | emailaddress |
   | ps-sso-uid   | objectId |
 

articles/active-directory-b2c/partner-arkose-labs.md

@@ -6,10 +6,11 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 12/06/2022
+ms.date: 01/07/2023
 
 ms.author: justinha
 author: justinha
+ms.reviewer: jpettere
 manager: amycolannino
 
 ms.collection: M365-identity-device-management
@@ -98,9 +99,12 @@ Tenants are set to either Pre-migration or Migration in Progress by default, dep
 
 :::image type="content" border="true" source="./media/concept-authentication-methods-manage/reason.png" alt-text="Screenshot of reasons for rollback.":::
 
-## Known issues
-
-* Currently, all users must be enabled for at least one MFA method that isn't passwordless and the user can register in interrupt mode. Possible methods include Microsoft Authenticator, SMS, voice calls, and software OATH/mobile app code. The method(s) can be enabled in any policy. If a user is not eligible for at least one of those methods, the user will see an error during registration and when visiting My Security Info. We're working to improve this experience to enable fully passwordless configurations. 
+>[!NOTE]
+>After all authentication methods are fully migrated, the following elements of the legacy SSPR policy remain active:
+> - The **Number of methods required to reset** control: admins can continue to change how many authentication methods must be verified before a user can perform SSPR.
+> - The SSPR administrator policy: admins can continue to register and use any methods listed under the legacy SSPR administrator policy or methods they're enabled to use in the Authentication methods policy.
+> 
+> In the future, both of these features will be integrated with the Authentication methods policy.
 
 ## Next steps
 

articles/active-directory/authentication/concept-authentication-methods-manage.md

@@ -19,7 +19,7 @@ ms.custom: has-adal-ref
 
 # Certificate user IDs 
 
-Azure AD has a multivalued attribute named **certificateUserIds** on the user object that can be used in Username bindings. The attribute allows up to four values, and each value can be of 120-character length. It can store any value, and doesn't require email ID format. It can store non-routable User Principal Names (UPNs) like _bob@woodgrove_ or _bob@local_.
+Users in Azure AD can have a multivalued attribute named **certificateUserIds**. The attribute allows up to four values, and each value can be of 120-character length. It can store any value, and doesn't require email ID format. It can store non-routable User Principal Names (UPNs) like _bob@woodgrove_ or _bob@local_.
 
 ## Supported patterns for certificate user IDs
 

articles/active-directory/authentication/concept-certificate-based-authentication-certificateuserids.md

@@ -6,10 +6,11 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 12/12/2022
+ms.date: 01/07/2023
 
 ms.author: justinha
 author: justinha
+ms.reviewer: jpettere
 manager: amycolannino
 
 ms.collection: M365-identity-device-management

articles/active-directory/authentication/how-to-authentication-methods-manage.md

@@ -4,11 +4,11 @@ title: Azure Active Directory for developers
 summary: |
   Azure Active Directory (Azure AD) is a cloud identity service that allows developers to build apps that sign in users with a Microsoft work or school account. Azure AD supports building single-tenant line-of-business (LOB) apps as well as multi-tenant apps.
 
-  IMPORTANT: This content is for the older Azure AD v1.0 endpoint, use the Microsoft identity platform for new projects.
+  IMPORTANT: This content is for the older Azure AD v1.0 endpoint, use the Microsoft identity platform (https://aka.ms/identityplatform) for new projects.
 
 metadata:
    ms.topic: landing-page
-   ms.date: 01/27/2020
+   ms.date: 01/06/2023
    author: CelesteDG
    ms.author: celested
    ms.service: active-directory

articles/active-directory/azuread-dev/index.yml

@@ -814,8 +814,10 @@
           href: reply-url.md
         - name: Validation differences by supported account types
           href: supported-accounts-validation.md
-        - name: Configured permissions limits troubleshooting
-          href: troubleshoot-required-resource-access-limits.md
+    - name: Claims mapping policy type
+      href: reference-claims-mapping-policy-type.md
+    - name: Configured permissions limits troubleshooting
+      href: troubleshoot-required-resource-access-limits.md
     - name: Microsoft auth libraries by app type
       displayName: MSAL, auth client library, SDK, token validation
       href: reference-v2-libraries.md