fix

Author: Ja-Dunn

.openpublishing.redirection.json

@@ -26419,6 +26419,21 @@
       "redirect_url": "/azure/marketplace/enable-appsource-marketplace-using-azure-ad",
       "redirect_document_id": true
     },
+    {
+      "source_path": "articles/azure/marketplace/become-publisher.md",
+      "redirect_url": "/azure/marketplace/partner-center-portal/create-account",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "articles/azure/marketplace/guidelines.md",
+      "redirect_url": "/azure/marketplace/partner-center-portal/manage-account",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "articles/azure/marketplace/register-dev-center.md",
+      "redirect_url": "/azure/marketplace/partner-center-portal/manage-account",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/marketplace/gtm-benefits.md",
       "redirect_url": "/azure/marketplace/gtm-your-marketplace-benefits",

articles/active-directory-b2c/relyingparty.md

@@ -204,7 +204,7 @@ The **OutputClaim** element contains the following attributes:
 ### SubjectNamingInfo
 
 With the **SubjectNameingInfo** element, you control the value of the token subject:
-- **JTW token** - the `sub` claim. This is a principal about which the token asserts information, such as the user of an application. This value is immutable and cannot be reassigned or reused. It can be used to perform safe authorization checks, such as when the token is used to access a resource. By default, the subject claim is populated with the object ID of the user in the directory. For more information, see [Token, session and single sign-on configuration](active-directory-b2c-token-session-sso.md).
+- **JWT token** - the `sub` claim. This is a principal about which the token asserts information, such as the user of an application. This value is immutable and cannot be reassigned or reused. It can be used to perform safe authorization checks, such as when the token is used to access a resource. By default, the subject claim is populated with the object ID of the user in the directory. For more information, see [Token, session and single sign-on configuration](active-directory-b2c-token-session-sso.md).
 - **SAML token** - the `<Subject><NameID>` element which identifies the subject element.
 
 The **SubjectNamingInfo** element contains the following attribute:

articles/active-directory/authentication/tutorial-sspr-windows.md

@@ -27,7 +27,7 @@ In this tutorial, you enable users to reset their passwords from the Windows 10
 
 ## Prerequisites
 
-* You must running at least Windows 10, version April 2018 Update, and the devices must be either:
+* You must running at least Windows 10, version April 2018 Update (v1803), and the devices must be either:
    * [Azure AD-joined](../device-management-azure-portal.md)
    or
    * [Hybrid Azure AD-joined](../device-management-hybrid-azuread-joined-devices-setup.md), with network connectivity to a domain controller.
@@ -121,7 +121,7 @@ When testing this functionality using Remote Desktop or an Enhanced VM Session,
 
 * Password reset is not currently supported from a Remote Desktop.
 
-If Ctrl+Alt+Del is required by policy in versions of Windows 10 before 1809, **Reset password** will not work.
+If Ctrl+Alt+Del is required by policy in versions of Windows 10 before v1809, **Reset password** will not work.
 
 If lock screen notifications are turned off, **Reset password** will not work.
 

articles/active-directory/develop/scenario-protected-web-api-app-registration.md

@@ -31,7 +31,7 @@ See [Quickstart: Register an application with the Microsoft identity platform](q
 The Microsoft identity platform endpoint can issue two types of tokens: v1.0 tokens and v2.0 tokens. You can learn more about these tokens in [Access tokens](access-tokens.md). The accepted token version depends on the **Supported account types** you chose when you created your application:
 
 - If the value of **Supported account types** is **Accounts in any organizational directory and personal Microsoft accounts (e.g. Skype, Xbox, Outlook.com)**, the accepted token version will be v2.0.
-- Otherwise, the accepted token version will be v2.0.
+- Otherwise, the accepted token version will be v1.0.
 
 Once you've created the application, you can change the accepted token version by following these steps:
 

articles/active-directory/develop/scenario-web-app-sign-user-app-configuration.md

@@ -107,6 +107,10 @@ In the same way, the sign out URI would be set to `https://localhost:44321/signo
 
 In ASP.NET Core Web Apps (and Web APIs), the code doing the application initialization is located in the `Startup.cs` file, and, to add authentication with the Microsoft Identity platform (formerly Azure AD) v2.0, you'll need to add the following code. The comments in the code should be self-explanatory.
 
+  > [!NOTE]
+  > If you start your project with default ASP.NET core web project within Visual studio or using `dotnet new mvc` the method `AddAzureAD` is available by default because the related packages are automatically loaded. 
+  > However if you build a project from scratch and are trying to use the below code we suggest you to add the NuGet Package **"Microsoft.AspNetCore.Authentication.AzureAD.UI"** to your project to make the `AddAzureAD` method available.
+  
 ```CSharp
  services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
          .AddAzureAD(options => configuration.Bind("AzureAd", options));

articles/active-directory/fundamentals/toc.yml

@@ -29,6 +29,8 @@
     href: active-directory-deployment-checklist-p2.md
   - name: Identity data storage for the EU
     href: active-directory-data-storage-eu.md
+  - name: What's new in Microsoft 365 Government
+    href: whats-new-microsoft-365-government.md
 - name: 'How-to guides'
   expanded: true
   items:
@@ -83,4 +85,4 @@
   - name: Azure Active Directory deployment plans
     href: active-directory-deployment-plans.md
   - name: Archive for What's new? in Azure AD
-    href: whats-new-archive.md    
+    href: whats-new-archive.md    

articles/active-directory/fundamentals/whats-new-microsoft-365-government.md

@@ -0,0 +1,71 @@
+---
+title: What’s new for Azure Active Directory in Microsoft 365 Government - Azure Active Directory | Microsoft Docs
+description: Learn about some changes to Azure Active Directory (Azure AD) in the Microsoft 365 Government cloud instance, which might impact you.
+services: active-directory
+author: eross-msft
+manager: daveba
+ms.author: lizross
+ms.reviewer: sumitp
+
+ms.service: active-directory
+ms.subservice: fundamentals
+ms.workload: identity
+ms.topic: conceptual
+ms.date: 05/07/2019
+ms.custom: it-pro
+ms.collection: M365-identity-device-management
+---
+
+# What's new for Azure Active Directory in Microsoft 365 Government
+
+We've made some changes to Azure Active Directory (Azure AD) in the Microsoft 365 Government cloud instance, which is applicable to customers using the following services:
+
+- Microsoft Azure Government
+
+- Microsoft 365 Government – GCC High
+
+- Microsoft 365 Government – DoD
+
+This article doesn't apply to Microsoft 365 Government – GCC customers.
+
+## Changes to the initial domain name
+
+During your organization's initial sign-up for a Microsoft 365 Government online service, you were asked to choose your organization's domain name, `<your-domain-name>.onmicrosoft.com`. If you already have a domain name with the .com suffix, nothing will change.
+
+However, if you're signing up for a new Microsoft 365 Government service, you'll be asked to choose a domain name using the `.us` suffix. So, it will be `<your-domain-name>.onmicrosoft.us`.
+
+>[!Note]
+>This change doesn't apply to any customers who are managed by cloud service providers (CSPs).
+
+## Changes to portal access
+
+We've updated the portal endpoints for Microsoft Azure Government, Microsoft 365 Government – GCC High, and Microsoft 365 Government – DoD, as shown in the [Endpoint mapping table](#endpoint-mapping).
+
+Previously customers could sign in using the worldwide Azure (portal.azure.com) and Office 365 (portal.office.com) portals. With this update, customers must now sign in using the specific Microsoft Azure Government, Microsoft 365 Government - GCC High, and Microsoft 365 Government - DoD portals.
+
+## Endpoint mapping
+
+The following table shows the endpoints for all customers:
+
+| Name | Endpoint details |
+|------|------------------|
+| Portals |Microsoft Azure Government: https://portal.azure.us<p>Microsoft 365 Government – GCC High: https://portal.office365.us<p>Microsoft 365 Government – DoD: https://portal.apps.mil |
+| Azure Active Directory Authority Endpoint | https://login.microsoftonline.us |
+| Azure Active Directory Graph API | https://graph.windows.net |
+| Microsoft Graph API for Microsoft 365 Government - GCC High | https://graph.microsoft.us |
+| Microsoft Graph API for Microsoft 365 Government - DoD | https://dod-graph.microsoft.us |
+| Azure Government services endpoints | For details, see [Azure Government developer guide](https://docs.microsoft.com/azure/azure-government/documentation-government-developer-guide) |
+| Microsoft 365 Government - GCC High endpoints | For details, see [Office 365 U.S. Government GCC High endpoints](https://docs.microsoft.com/office365/enterprise/office-365-u-s-government-gcc-high-endpoints) |
+| Microsoft 365 Government - DoD | For details, see [Office 365 U.S. Government DoD endpoints](https://docs.microsoft.com/office365/enterprise/office-365-u-s-government-dod-endpoints) |
+
+## Next steps
+
+For more information, see these articles:
+
+- [What is Azure Government?](https://docs.microsoft.com/azure/azure-government/documentation-government-welcome)
+
+- [Azure Government AAD Authority Endpoint Update](https://devblogs.microsoft.com/azuregov/azure-government-aad-authority-endpoint-update/)
+
+- [Microsoft Graph endpoints in US Government cloud](https://developer.microsoft.com/graph/blogs/new-microsoft-graph-endpoints-in-us-government-cloud/)
+
+- [Office 365 US Government GCC High and DoD](https://docs.microsoft.com/office365/servicedescriptions/office-365-platform-service-description/office-365-us-government/gcc-high-and-dod)

articles/active-directory/hybrid/reference-connect-health-version-history.md

@@ -28,6 +28,13 @@ The Azure Active Directory team regularly updates Azure AD Connect Health with n
 Azure AD Connect Health for Sync is integrated with Azure AD Connect installation. Read more about [Azure AD Connect release history](https://docs.microsoft.com/azure/active-directory/connect/active-directory-aadconnect-version-history)
 For feature feedback, vote at [Connect Health User Voice channel](https://feedback.azure.com/forums/169401-azure-active-directory/filters/new?category_id=165591)
 
+
+## May 2019
+**Agent Update:** 
+* Azure AD Connect Health agent for AD FS (version 3.1.51.0) 
+   1. Bug fix to distinguish between multiple sign ins that share the same client-request-id.
+   2. Bug fix to parse bad username/password errors on language localized servers.   
+
 ## April 2019
 **Agent Update:** 
 * Azure AD Connect Health agent for AD FS (version 3.1.46.0) 

articles/active-directory/manage-apps/application-proxy-deployment-plan.md

@@ -14,7 +14,7 @@ ms.tgt_pltfrm: na
 ms.devlang: na
 ms.topic: conceptual
 ms.date: 04-04-2019
-ms.author: barbaraselden
+ms.author: baselden
 ms.reviewer: 
 
 ---

articles/active-directory/privileged-identity-management/pim-resource-roles-configure-alerts.md

@@ -49,4 +49,4 @@ Customize settings on the different alerts to work with your environment and sec
 
 ## Next steps
 
-- [Configure security alerts for Azure resource roles in PIM](pim-resource-roles-configure-alerts.md)
+- [Configure Azure resource role settings in PIM](pim-resource-roles-configure-role-settings.md)