MicrosoftDocs
diff --git a/‎articles/active-directory/cloud-infrastructure-entitlement-management/TOC.yml
Lines changed: 2 additions & 0 deletions b/‎articles/active-directory/cloud-infrastructure-entitlement-management/TOC.yml
Lines changed: 2 additions & 0 deletions
diff --git a/‎articles/active-directory/cloud-infrastructure-entitlement-management/how-to-create-folders.md
Lines changed: 32 additions & 0 deletions b/‎articles/active-directory/cloud-infrastructure-entitlement-management/how-to-create-folders.md
Lines changed: 32 additions & 0 deletions
diff --git a/‎articles/active-directory/external-identities/customers/how-to-customize-languages-customers.md
Lines changed: 6 additions & 6 deletions b/‎articles/active-directory/external-identities/customers/how-to-customize-languages-customers.md
Lines changed: 6 additions & 6 deletions
diff --git a/‎articles/active-directory/fundamentals/how-to-customize-branding.md
Lines changed: 8 additions & 10 deletions b/‎articles/active-directory/fundamentals/how-to-customize-branding.md
Lines changed: 8 additions & 10 deletions
diff --git a/‎articles/active-directory/fundamentals/how-to-manage-stay-signed-in-prompt.md
Lines changed: 4 additions & 5 deletions b/‎articles/active-directory/fundamentals/how-to-manage-stay-signed-in-prompt.md
Lines changed: 4 additions & 5 deletions
diff --git a/‎articles/active-directory/managed-identities-azure-resources/index.yml
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/managed-identities-azure-resources/index.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/ai-services/language-service/custom-named-entity-recognition/service-limits.md
Lines changed: 3 additions & 2 deletions b/‎articles/ai-services/language-service/custom-named-entity-recognition/service-limits.md
Lines changed: 3 additions & 2 deletions
diff --git a/‎articles/ai-services/language-service/custom-text-classification/service-limits.md
Lines changed: 3 additions & 2 deletions b/‎articles/ai-services/language-service/custom-text-classification/service-limits.md
Lines changed: 3 additions & 2 deletions
diff --git a/‎articles/aks/azure-cni-powered-by-cilium.md
Lines changed: 0 additions & 2 deletions b/‎articles/aks/azure-cni-powered-by-cilium.md
Lines changed: 0 additions & 2 deletions
diff --git a/‎articles/aks/media/supported-kubernetes-versions/kubernetes-versions-gantt.png
-28.1 KB b/‎articles/aks/media/supported-kubernetes-versions/kubernetes-versions-gantt.png
-28.1 KB
@@ -27,6 +27,8 @@
         href: onboard-enable-controller-after-onboarding.md
       - name: Add an account/ subscription/ project after onboarding is complete
         href: onboard-add-account-after-onboarding.md
+      - name: Create folders to organize your Authorization Systems
+        href: how-to-create-folders.md
     - name: View information about your Authorization Systems
       expanded: false
       items:
 
@@ -0,0 +1,32 @@
+---
+title: Create folders to organize your Authorization Systems
+description: How to create folders to organize Authorization Systems - accounts, subscriptions, and projects - in Microsoft Entra Permissions Management.
+services: active-directory
+author: jenniferf-skc
+manager: amycolannino
+ms.service: active-directory 
+ms.subservice: ciem
+ms.workload: identity
+ms.topic: how-to
+ms.date: 08/09/2023
+ms.author: jfields
+---
+
+# Create folders to organize your authorization systems
+
+After onboarding your cloud environment to Permissions Management, you might have multiple authorization systems (AWS accounts, Azure subscriptions, or GCP projets) that you need to manage. You can create folders to organize and group together your list of accounts, subscriptions, or projects to manage your workflow more efficiently. 
+
+## Create a folder
+
+1. On the Permissions Management home page, select the **Data Collectors** tab and make sure that the **Status** for your cloud environment is **Onboarded**.
+1. Select the **Authorization Systems** subtab, then **Folders**.
+1. Click **Create Folder**.
+1. In the **Folder Name** field, enter a name for the folder you want to create.
+1. From the list of names, select all Authorization Systems (accounts, subscriptions, or projects) you want to add to this folder.
+1. Click **Save**. Your folder is created. 
+1. Repeat these steps to create as many folders as you need. 
+
+## Next steps
+
+- [View key statistics and data about your authorization systems](ui-dashboard.md)
+- [View data about the activity in your authorization system](product-dashboard.md)
@@ -9,20 +9,20 @@ ms.service: active-directory
 ms.workload: identity
 ms.subservice: ciam
 ms.topic: how-to
-ms.date: 07/12/2023
+ms.date: 08/09/2023
 ms.custom: it-pro
 
 #Customer intent: As a dev, devops, or it admin, I want to learn about how to add customized browser languages to my app's authentication experience.
 ---
 # Customize the language of the authentication experience
 
-You can create a personalized sign-in experience for users who sign in using a specific browser language by customizing the branding elements. If you don't make any changes to the elements, the default elements will be displayed.
+You can create a personalized sign-in experience for users who sign in using a specific browser language by customizing the branding elements for that browser language. This customization overrides any configurations made to the default branding. If you don't make any changes to the elements, the default elements are displayed.
 
 ## Prerequisites
 
 - If you haven't already created your own Azure AD customer tenant, create one now.
 - [Register an application](how-to-register-ciam-app.md).  
-- [Create a user flow](how-to-user-flow-sign-up-sign-in-customers.md)
+- [Create a user flow](how-to-user-flow-sign-up-sign-in-customers.md).
 - Review the file size requirements for each image you want to add. You may need to use a photo editor to create the right-sized images. The preferred image type for all images is PNG, but JPG is accepted.
 
 ## Add browser language under Company branding
@@ -99,7 +99,7 @@ Language customization in the customer tenant allows your user flow to accommoda
 
    :::image type="content" source="media/how-to-customize-languages-customers/language-customization-flow.png" alt-text="Screenshot the shows how to add languages under a user flow." lightbox="media/how-to-customize-languages-customers/language-customization-flow.png":::
 
-The downloaded file will be in JSON format and will include both built-in and custom attributes, as well as other page-level and error strings:
+The downloaded file is in JSON format and includes both built-in and custom attributes, as well as other page-level and error strings:
 
 ```http
 {
@@ -156,12 +156,12 @@ You can modify any or all of these attributes in the downloaded file. For exampl
 }  
 ```
 
-10. After making the necessary changes, you can upload the new overrides file. The changes are saved to your user flow automatically and you'll find the override under the **Configured** tab.
+10. After making the necessary changes, you can upload the new overrides file. The changes are saved to your user flow automatically. The override appears under the **Configured** tab.
 11. To double-check your changes, select the language under the **Configured** tab and expand the **Sign up and sign in (Preview)** option. You can view your customized language file by selecting Download overrides. To remove your customized override file, select **Remove overrides**.
 
    :::image type="content" source="media/how-to-customize-languages-customers/remove-download-override-file.png" alt-text="Screenshot the shows how to remove or download the modified JSON file." lightbox="media/how-to-customize-languages-customers/remove-download-override-file.png":::
 
-12. Go to the sign-in page of your customer tenant. Make sure you have the right locale and market in your URLs, for example: ui_locales=de-DE and  mkt=de-DE. You'll see the updated attributes on the sign-up page:
+12. Go to the sign-in page of your customer tenant. Make sure you have the right locale and market in your URLs, for example: ui_locales=de-DE and  mkt=de-DE. The updated attributes on the sign-up page appear as follows:
 
    :::image type="content" source="media/how-to-customize-languages-customers/customized-attributes.png" alt-text="Screenshot of the modified sign-up page attributes.":::
 
 
@@ -9,16 +9,14 @@ ms.service: active-directory
 ms.workload: identity
 ms.subservice: fundamentals
 ms.topic: how-to
-ms.date: 07/13/2023
+ms.date: 08/09/2023
 ms.author: sarahlipsey
 ms.reviewer: almars
-ms.custom: "it-pro, seodec18, fasttrack-edit"
-ms.collection: M365-identity-device-management
 ---
 
 # Configure your company branding
 
-When users authenticate into your corporate intranet or web-based applications, Azure Active Directory (Azure AD) provides the identity and access management (IAM) service. You can add company branding that applies to all these sign-in experiences to create a consistent experience for your users.
+When users authenticate into your corporate intranet or web-based applications, Azure Active Directory (Azure AD) provides the identity and access management (IAM) service. You can add company branding that applies to all these experiences to create a consistent sign-in experience for your users.
 
 The default sign-in experience is the global look and feel that applies across all sign-ins to your tenant. Before you customize any settings, the default Microsoft branding appears in your sign-in pages. You can customize this default experience with a custom background image and/or color, favicon, layout, header, and footer. You can also upload a custom CSS.
 
@@ -42,7 +40,7 @@ The **Global Administrator** role is required to customize company branding.
 
 ## Before you begin
 
-**All branding elements are optional. Default settings will remain, if left unchanged.** For example, if you specify a banner logo but no background image, the sign-in page shows your logo with a default background image from the destination site such as Microsoft 365. Additionally, sign-in page branding doesn't carry over to personal Microsoft accounts. If your users or guests authenticate using a personal Microsoft account, the sign-in page won't reflect the branding of your organization.
+**All branding elements are optional. Default settings will remain, if left unchanged.** For example, if you specify a banner logo but no background image, the sign-in page shows your logo with a default background image from the destination site such as Microsoft 365. Additionally, sign-in page branding doesn't carry over to personal Microsoft accounts. If your users or guests authenticate using a personal Microsoft account, the sign-in page doesn't reflect the branding of your organization.
 
 **Images have different image and file size requirements.** Take note of the image requirements for each option. You may need to use a photo editor to create the right size images. The preferred image type for all images is PNG, but JPG is accepted. 
 
@@ -58,22 +56,22 @@ The branding elements are called out in the following example. Text descriptions
 1. **Page background color**: The entire space behind the sign-in box.
 1. **Banner logo**: The logo that appears in the upper-left corner of the sign-in box.
 1. **Username hint and text**: The text that appears before a user enters their information.
-1. **Sign-in page text**: Additional text you can add below the username field.
+1. **Sign-in page text**: Text you can add below the username field.
 1. **Self-service password reset**: A link you can add below the sign-in page text for password resets.
 1. **Template**: The layout of the page and sign-in boxes.
 1. **Footer**: Text in the lower-right corner of the page where you can add Terms of use or privacy information.
 
 ### User experience
 
-When customizing the sign-in pages that users see when accessing your organization's tenant-specific applications, there are some user experience scenarios you may need to consider.
+There are some scenarios you to consider when you customize the sign-in pages for your organization's tenant-specific applications.
 
 For Microsoft, Software as a Service (SaaS), and multi-tenant applications such as <https://myapps.microsoft.com>, or <https://outlook.com>, the customized sign-in page appears only after the user types their **Email** or **Phone number** and selects the **Next** button. 
 
 Some Microsoft applications support [Home Realm Discovery](../manage-apps/home-realm-discovery-policy.md) for authentication. In these scenarios, when a customer signs in to an Azure AD common sign-in page, Azure AD can use the customer's user name to determine where they should sign in. 
 
 For customers who access applications from a custom URL, the `whr` query string parameter, or a domain variable, can be used to apply company branding at the initial sign-in screen, not just after adding the email or phone number. For example, `whr=contoso.com` would appear in the custom URL for the app. With the Home Realm Discover and domain parameter included, the company branding appears immediately in the first sign-in step. Other domain hints can be included.
 
-In the following examples replace the contoso.com with your own tenant name, or verified domain name:
+In the following examples, replace the contoso.com with your own tenant name, or verified domain name:
 
 - For Microsoft Outlook `https://outlook.com/contoso.com` 
 - For SharePoint online `https://contoso.sharepoint.com`
@@ -104,7 +102,7 @@ The sign-in experience process is grouped into sections. At the end of each sect
 
     ![Screenshot of sample favicons in a web browser.](media/how-to-customize-branding/favicon-example.png)
 
-- **Background image**: Select a PNG or JPG to display as the main image on your sign-in page. This image scales and crops according to the window size, but may be partially blocked by the sign-in prompt.
+- **Background image**: Select a PNG or JPG to display as the main image on your sign-in page. This image scales and crops according to the window size, but the sign-in prompt may partially block it.
 
 - **Page background color**: If the background image isn't able to load because of a slower connection, your selected background color appears instead.
 
@@ -183,7 +181,7 @@ Once your default sign-in experience is created, select the **Edit** button to m
 
 ## Customize the sign-in experience by browser language
 
-To create an inclusive experience for all of your users, you can customize the sign-in experience based on browser language.
+You can create a personalized sign-in experience for users who sign in using a specific browser language by customizing the branding elements for that browser language. This customization overrides any configurations made to the default branding. If you don't make any changes to the elements, the default elements are displayed.
 
 1. Sign in to the [Azure portal](https://portal.azure.com) using a Global Administrator account for the directory.
 
 
@@ -9,11 +9,10 @@ ms.service: active-directory
 ms.workload: identity
 ms.subservice: fundamentals
 ms.topic: how-to
-ms.date: 07/12/2023
+ms.date: 08/09/2023
 ms.author: sarahlipsey
 ms.reviewer: almars
-ms.custom: "it-pro"
-ms.collection: M365-identity-device-management
+
 ---
 # Manage the 'Stay signed in?' prompt
 
@@ -23,9 +22,9 @@ This article covers how the KMSI process works, how to enable it for customers,
 
 ## How does it work? 
 
-If a user answers **Yes** to the **'Stay signed in?'** prompt, a persistent authentication cookie is issued. The cookie must be stored in session for KMSI to work. KMSI won't work with locally stored cookies. If KMSI isn't enabled, a non-persistent cookie is issued and lasts for 24 hours or until the browser is closed. 
+If a user answers **Yes** to the **'Stay signed in?'** prompt, a persistent authentication cookie is issued. The cookie must be stored in session for KMSI to work. KMSI doesn't work with locally stored cookies. If KMSI isn't enabled, a non-persistent cookie is issued and lasts for 24 hours or until the browser is closed. 
 
-The following diagram shows the user sign-in flow for a managed tenant and federated tenant using the KMSI in prompt. This flow contains smart logic so that the **Stay signed in?** option won't be displayed if the machine learning system detects a high-risk sign-in or a sign-in from a shared device. For federated tenants, the prompt will show after the user successfully authenticates with the federated identity service.
+The following diagram shows the user sign-in flow for a managed tenant and federated tenant using the KMSI in prompt. This flow contains smart logic so that the **Stay signed in?** option isn't displayed if the machine learning system detects a high-risk sign-in or a sign-in from a shared device. For federated tenants, the prompt will show after the user successfully authenticates with the federated identity service.
 
 Some features of SharePoint Online and Office 2010 depend on users being able to choose to remain signed in. If you uncheck the **Show option to remain signed in** option, your users may see other unexpected prompts during the sign-in process.
 
 
@@ -8,7 +8,7 @@ metadata:
   description: Learn how to use managed identities for Azure resources in Azure AD.
   services: active-directory
   ms.service: active-directory
-  ms.subservice: devices
+  ms.subservice: msi
   ms.topic: landing-page
   author: barclayn
   ms.author: barclayn
 
@@ -8,7 +8,7 @@ manager: nitinme
 ms.service: cognitive-services
 ms.subservice: language-service
 ms.topic: conceptual
-ms.date: 05/06/2022
+ms.date: 08/09/2023
 ms.author: aahi
 ms.custom: language-service-custom-ner, references_regions, ignite-fall-2021, event-tier1-build-2022
 ---
@@ -112,7 +112,8 @@ The following limits are observed for the custom named entity recognition.
 |Count of entity types | 1 | 200 |
 |Entity length in characters | 1 | 500 |
 |Count of trained models per project| 0 | 10 |
-|Count of deployments per project| 0 | 10 |
+|Count of deployments per project (paid tier) | 0 | 10 |
+|Count of deployments per project (free tier) | 0 | 1 |
 
 ## Naming limits
 
 
@@ -5,7 +5,7 @@ description: Learn about the data and rate limits when using custom text classif
 services: cognitive-services
 author: aahill
 manager: nitinme
-ms.date: 01/25/2022
+ms.date: 08/09/2023
 ms.service: cognitive-services
 ms.subservice: language-service
 ms.topic: conceptual
@@ -114,7 +114,8 @@ The following limits are observed for the custom text classification.
 |Document length in characters | 1 | 128,000 characters; approximately 28,000 words or 56 pages. |
 |Count of classes | 1 | 200 |
 |Count of trained models per project| 0 | 10 |
-|Count of deployments per project| 0 | 10 |
+|Count of deployments per project (paid tier) | 0 | 10 |
+|Count of deployments per project (free tier) | 0 | 1 |
 
 ## Naming limits
 
 
@@ -43,8 +43,6 @@ Cilium enforces [network policies to allow or deny traffic between pods](./opera
 
 Azure CNI powered by Cilium currently has the following limitations:
 
-* Available only for new clusters.
-
 * Available only for Linux and not for Windows.
 
 * Cilium L7 policy enforcement is disabled.