MicrosoftDocs
diff --git a/‎articles/active-directory-b2c/access-tokens.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-b2c/access-tokens.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory-b2c/azure-monitor.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-b2c/azure-monitor.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory-b2c/custom-policies-series-sign-up-or-sign-in.md
Lines changed: 2 additions & 2 deletions b/‎articles/active-directory-b2c/custom-policies-series-sign-up-or-sign-in.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/active-directory-b2c/enable-authentication-in-node-web-app-with-api.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-b2c/enable-authentication-in-node-web-app-with-api.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory-b2c/enable-authentication-react-spa-app-options.md
Lines changed: 1 addition & 2 deletions b/‎articles/active-directory-b2c/enable-authentication-react-spa-app-options.md
Lines changed: 1 addition & 2 deletions
diff --git a/‎articles/active-directory-b2c/error-codes.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-b2c/error-codes.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory-b2c/index-spa.yml
Lines changed: 0 additions & 1 deletion b/‎articles/active-directory-b2c/index-spa.yml
Lines changed: 0 additions & 1 deletion
diff --git a/‎articles/active-directory-b2c/partner-gallery.md
Lines changed: 7 additions & 7 deletions b/‎articles/active-directory-b2c/partner-gallery.md
Lines changed: 7 additions & 7 deletions
diff --git a/‎articles/active-directory-b2c/partner-jumio.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-b2c/partner-jumio.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory-b2c/partner-xid.md
Lines changed: 3 additions & 1 deletion b/‎articles/active-directory-b2c/partner-xid.md
Lines changed: 3 additions & 1 deletion
@@ -23,7 +23,7 @@ An *access token* contains claims that you can use in Azure Active Directory B2C
 This article shows you how to request an access token for a web application and web API. For more information about tokens in Azure AD B2C, see the [overview of tokens in Azure Active Directory B2C](tokens-overview.md).
 
 > [!NOTE]
-> **Web API chains (On-Behalf-Of) is not supported by Azure AD B2C** - Many architectures include a web API that needs to call another downstream web API, both secured by Azure AD B2C. This scenario is common in clients that have a web API back end, which in turn calls a another service. This chained web API scenario can be supported by using the OAuth 2.0 JWT Bearer Credential grant, otherwise known as the On-Behalf-Of flow. However, the On-Behalf-Of flow is not currently implemented in Azure AD B2C. Although On-Behalf-Of works for applications registered in Microsoft Entra ID, it does not work for applications registered in Azure AD B2C, regardless of the tenant (Microsoft Entra ID or Azure AD B2C) that is issuing the tokens.
+> **Web API chains (On-Behalf-Of) is not supported by Azure AD B2C** - Many architectures include a web API that needs to call another downstream web API, both secured by Azure AD B2C. This scenario is common in clients that have a web API back end, which in turn calls another service. This chained web API scenario can be supported by using the OAuth 2.0 JWT Bearer Credential grant, otherwise known as the On-Behalf-Of flow. However, the On-Behalf-Of flow is not currently implemented in Azure AD B2C. Although On-Behalf-Of works for applications registered in Microsoft Entra ID, it does not work for applications registered in Azure AD B2C, regardless of the tenant (Microsoft Entra ID or Azure AD B2C) that is issuing the tokens.
 
 ## Prerequisites
 
 
@@ -316,7 +316,7 @@ Use the following instructions to create a new Azure Alert, which will send an [
    - Alert logic: Set **Number of results** **Greater than** **0**.
    - Evaluation based on: Select **120** for Period (in minutes) and **5** for Frequency (in minutes)
 
-   ![Create a alert rule condition](./media/azure-monitor/alert-create-rule-condition.png)
+   ![Create an alert rule condition](./media/azure-monitor/alert-create-rule-condition.png)
 
 After the alert is created, go to **Log Analytics workspace** and select **Alerts**. This page displays all the alerts that have been triggered in the duration set by **Time range** option.
 
 
@@ -31,7 +31,7 @@ In this article, you learn how  to write an Azure Active Directory B2C (Azure AD
 
 Azure AD B2C uses OpenID Connect authentication protocol to verify user credentials. In Azure AD B2C, you send the user credentials alongside other information to a secure endpoint, which then determines if the credentials are valid or not. In a nutshell, when you use Azure AD B2C's implementation of OpenID Connect, you can outsource sign-up, sign in, and other identity management experiences in your web applications to Microsoft Entra ID. 
 
-Azure AD B2C custom policy provides a OpenID Connect technical profile, which you use to make a call to a secure Microsoft endpoint. Learn more about [OpenID Connect technical profile](openid-connect-technical-profile.md).
+Azure AD B2C custom policy provides an OpenID Connect technical profile, which you use to make a call to a secure Microsoft endpoint. Learn more about [OpenID Connect technical profile](openid-connect-technical-profile.md).
 
 ## Prerequisites
 
@@ -331,4 +331,4 @@ You can sign in by entering the **Email Address** and **Password** of an existin
 
 - Learn how to [Remove the sign-up link](add-sign-in-policy.md), so users can just sign in.  
 
-- Learn more about [OpenID Connect technical profile](openid-connect-technical-profile.md).
+- Learn more about [OpenID Connect technical profile](openid-connect-technical-profile.md).
@@ -21,7 +21,7 @@ ms.subservice: B2C
 
 # Enable authentication in your own Node.js web API by using Azure Active Directory B2C
 
-In this article, you learn how to create your web app that calls your web API. The web API needs to be protected by Azure Active Directory B2C (Azure AD B2C). To authorize access to a the web API, you serve requests that include a valid access token that's issued by Azure AD B2C. 
+In this article, you learn how to create your web app that calls your web API. The web API needs to be protected by Azure Active Directory B2C (Azure AD B2C). To authorize access to the web API, you serve requests that include a valid access token that's issued by Azure AD B2C. 
 
 ## Prerequisites
 
 
@@ -19,7 +19,7 @@ ms.custom: "b2c-support"
 
 # Configure authentication options in a React application by using Azure Active Directory B2C
 
-This article describes ways you can customize and enhance the Azure Active Directory B2C (Azure AD B2C) authentication experience for your React single-page application (SPA). Before you start, familiarize yourself with the article [Configure authentication in an React SPA](configure-authentication-sample-react-spa-app.md) or [Enable authentication in your own React SPA](enable-authentication-react-spa-app.md).
+This article describes ways you can customize and enhance the Azure Active Directory B2C (Azure AD B2C) authentication experience for your React single-page application (SPA). Before you start, familiarize yourself with the article [Configure authentication in a React SPA](configure-authentication-sample-react-spa-app.md) or [Enable authentication in your own React SPA](enable-authentication-react-spa-app.md).
 
 
 ## Sign-in and sign-out behavior
@@ -260,4 +260,3 @@ export const msalConfig = {
 ## Next steps
 
 - Learn more: [MSAL.js configuration options](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-react/docs).
-
@@ -156,5 +156,5 @@ The following errors can be returned by the Azure Active Directory B2C service.
 | `AADB2C99013` | The supplied grant_type [{0}] and token_type [{1}] combination is not supported. |
 | `AADB2C99015` | Profile '{0}' in policy '{1}' in tenant '{2}' is missing all InputClaims required for resource owner password credential flow. | [Create a resource owner policy](add-ropc-policy.md#create-a-resource-owner-policy) |
 |`AADB2C99002`| User doesn't exist. Please sign up before you can sign in. |
-| `AADB2C99027` | Policy '{0}' does not contain a AuthorizationTechnicalProfile with a corresponding ClientAssertionType. | [Client credentials flow](client-credentials-grant-flow.md) |
+| `AADB2C99027` | Policy '{0}' does not contain an AuthorizationTechnicalProfile with a corresponding ClientAssertionType. | [Client credentials flow](client-credentials-grant-flow.md) |
 |`AADB2C90229`|Azure AD B2C throttled traffic if too many requests are sent from the same source in a short period of time| [Best practices for Azure Active Directory B2C](best-practices.md#testing) |
@@ -52,4 +52,3 @@ landingContent:
         links:
           - text: Single-page application (SPA) samples
             url: integrate-with-app-code-samples.md#single-page-apps
-           
@@ -34,26 +34,26 @@ Microsoft partners with the following ISVs for identity verification and proofin
 | ISV partner | Description and integration walkthroughs |
 |:-------------------------|:--------------|
 | ![Screenshot of a deduce logo.](./media/partner-gallery/deduce-logo.png) | [Deduce](./partner-deduce.md) is an identity verification and proofing provider focused on stopping account takeover and registration fraud. It helps combat identity fraud and creates a trusted user experience. |
-| ![Screenshot of a eid-me logo](./media/partner-gallery/eid-me-logo.png) | [eID-Me](./partner-eid-me.md) is an identity verification and decentralized digital identity solution for Canadian citizens. It enables organizations to meet Identity Assurance Level (IAL) 2 and Know Your Customer (KYC) requirements. |
+| ![Screenshot of an eid-me logo](./media/partner-gallery/eid-me-logo.png) | [eID-Me](./partner-eid-me.md) is an identity verification and decentralized digital identity solution for Canadian citizens. It enables organizations to meet Identity Assurance Level (IAL) 2 and Know Your Customer (KYC) requirements. |
 | ![Screenshot of an Experian logo.](./media/partner-gallery/experian-logo.png) | [Experian](./partner-experian.md) is an identity verification and proofing provider that performs risk assessments based on user attributes to prevent fraud. |
 | ![Screenshot of an IDology logo.](./media/partner-gallery/idology-logo.png) | [IDology](./partner-idology.md) is an identity verification and proofing provider with ID verification solutions, fraud prevention solutions, compliance solutions, and others.|
 | ![Screenshot of a Jumio logo.](./media/partner-gallery/jumio-logo.png) | [Jumio](./partner-jumio.md) is an ID verification service, which enables real-time automated ID verification, safeguarding customer data. |
 | ![Screenshot of a LexisNexis logo.](./media/partner-gallery/lexisnexis-logo.png) | [LexisNexis](./partner-lexisnexis.md) is a profiling and identity validation provider that verifies user identification and provides comprehensive risk assessment based on user’s device. |
-| ![Screenshot of a Onfido logo](./media/partner-gallery/onfido-logo.png) | [Onfido](./partner-onfido.md) is a document ID and facial biometrics verification solution that allows companies to meet *Know Your Customer* and identity requirements in real time.  |
+| ![Screenshot of an Onfido logo](./media/partner-gallery/onfido-logo.png) | [Onfido](./partner-onfido.md) is a document ID and facial biometrics verification solution that allows companies to meet *Know Your Customer* and identity requirements in real time.  |
 
 ## MFA and Passwordless authentication
 
 Microsoft partners with the following ISVs for MFA and Passwordless authentication.
 
 | ISV partner | Description and integration walkthroughs |
 |:-------------------------|:--------------|
-| ![Screenshot of a asignio logo](./media/partner-gallery/asignio-logo.png) | [Asignio](./partner-asignio.md) is a passwordless, soft biometric, and MFA solution. Asignio uses a combination of the patented Asignio Signature and live facial verification for user authentication. The changeable biometric signature eliminates passwords, fraud, phishing, and credential reuse through omni-channel authentication. |
+| ![Screenshot of an asignio logo](./media/partner-gallery/asignio-logo.png) | [Asignio](./partner-asignio.md) is a passwordless, soft biometric, and MFA solution. Asignio uses a combination of the patented Asignio Signature and live facial verification for user authentication. The changeable biometric signature eliminates passwords, fraud, phishing, and credential reuse through omni-channel authentication. |
 | ![Screenshot of a bloksec logo](./media/partner-gallery/bloksec-logo.png) | [BlokSec](./partner-bloksec.md) is a passwordless authentication and tokenless MFA solution, which provides real-time consent-based services and protects customers against identity-centric cyber-attacks such as password stuffing, phishing, and man-in-the-middle attacks. |
 | ![Screenshot of a grit biometric authentication logo.](./media/partner-gallery/grit-logo.png) | [Grit biometric authentication](./partner-grit-authentication.md) provides users the option to sign in using finger print, face ID or [Windows Hello](https://support.microsoft.com/windows/learn-about-windows-hello-and-set-it-up-dae28983-8242-bb2a-d3d1-87c9d265a5f0) for enhanced security. 
 | ![Screenshot of a haventec logo](./media/partner-gallery/haventec-logo.png) | [Haventec](./partner-haventec.md) is a passwordless authentication provider, which provides decentralized identity platform that eliminates passwords, shared secrets, and friction. |
 | ![Screenshot of a hypr logo](./media/partner-gallery/hypr-logo.png) | [Hypr](./partner-hypr.md) is a passwordless authentication provider, which replaces passwords with public key encryptions eliminating fraud, phishing, and credential reuse. |
-| ![Screenshot of a idemia logo](./media/partner-gallery/idemia-logo.png) | [IDEMIA](./partner-idemia.md) is a passwordless authentication provider, which provides real-time consent-based services with biometric authentication like faceID and fingerprinting eliminating fraud and credential reuse. |
-| ![Screenshot of a itsme logo](./media/partner-gallery/itsme-logo.png) | [itsme](./partner-itsme.md) is an Electronic Identification, Authentication and Trust Services (eiDAS) compliant digital ID solution to allow users to sign in securely without card readers, passwords, two-factor authentication, and multiple PIN codes. |
+| ![Screenshot of an idemia logo](./media/partner-gallery/idemia-logo.png) | [IDEMIA](./partner-idemia.md) is a passwordless authentication provider, which provides real-time consent-based services with biometric authentication like faceID and fingerprinting eliminating fraud and credential reuse. |
+| ![Screenshot of an itsme logo](./media/partner-gallery/itsme-logo.png) | [itsme](./partner-itsme.md) is an Electronic Identification, Authentication and Trust Services (eiDAS) compliant digital ID solution to allow users to sign in securely without card readers, passwords, two-factor authentication, and multiple PIN codes. |
 |![Screenshot of a Keyless logo.](./media/partner-gallery/keyless-logo.png) | [Keyless](./partner-keyless.md) is a passwordless authentication provider that provides authentication in the form of a facial biometric scan and eliminates fraud, phishing, and credential reuse.
 | ![Screenshot of a nevis logo](./media/partner-gallery/nevis-logo.png) | [Nevis](./partner-nevis.md) enables passwordless authentication and provides a mobile-first, fully branded end-user experience with Nevis Access app for strong customer authentication and to comply with PSD2 transaction requirements. |
 | ![Screenshot of a nok nok logo](./media/partner-gallery/nok-nok-logo.png) | [Nok Nok](./partner-nok-nok.md) provides passwordless authentication and enables FIDO certified multifactor authentication such as FIDO UAF, FIDO U2F, WebAuthn, and FIDO2 for mobile and web applications. Using Nok Nok customers can improve their security posture while balancing user experience.
@@ -62,7 +62,7 @@ Microsoft partners with the following ISVs for MFA and Passwordless authenticati
 | ![Screenshot of a twilio logo.](./media/partner-gallery/twilio-logo.png) | [Twilio Verify app](./partner-twilio.md) provides multiple solutions to enable MFA through SMS one-time password (OTP), time-based one-time password (TOTP), and push notifications, and to comply with SCA requirements for PSD2. |
 | ![Screenshot of a typingDNA logo](./media/partner-gallery/typingdna-logo.png) | [TypingDNA](./partner-typingdna.md) enables strong customer authentication by analyzing a user’s typing pattern. It helps companies enable a silent MFA and comply with SCA requirements for PSD2. |
 | ![Screenshot of a whoiam logo](./media/partner-gallery/whoiam-logo.png) | [WhoIAM](./partner-whoiam.md) is a Branded Identity Management System (BRIMS) application that enables organizations to verify their user base by voice, SMS, and email. |
-| ![Screenshot of a xid logo](./media/partner-gallery/xid-logo.png) | [xID](./partner-xID.md) is a digital ID solution that provides users with passwordless, secure, multifactor authentication. xID-authenticated users obtain their identities verified by a My Number Card, the digital ID card issued by the Japanese government. Organizations can get users verified personal information through the xID API. |
+| ![Screenshot of an xid logo](./media/partner-gallery/xid-logo.png) | [xID](./partner-xID.md) is a digital ID solution that provides users with passwordless, secure, multifactor authentication. xID-authenticated users obtain their identities verified by a My Number Card, the digital ID card issued by the Japanese government. Organizations can get users verified personal information through the xID API. |
 
 ## Role-based access control 
 
@@ -95,7 +95,7 @@ Microsoft partners with the following ISVs for fraud detection and prevention.
 
 | ISV partner | Description and integration walkthroughs |
 |:-------------------------|:--------------|
-| ![Screenshot of a Arkose lab logo](./media/partner-gallery/arkose-logo.png) | [Arkose Labs](./partner-arkose-labs.md) is a fraud prevention solution provider that helps organizations protect against bot attacks, account takeover attacks, and fraudulent account openings. |
+| ![Screenshot of an Arkose lab logo](./media/partner-gallery/arkose-logo.png) | [Arkose Labs](./partner-arkose-labs.md) is a fraud prevention solution provider that helps organizations protect against bot attacks, account takeover attacks, and fraudulent account openings. |
 | ![Screenshot of a BioCatch logo](./media/partner-gallery/biocatch-logo.png) | [BioCatch](./partner-biocatch.md) is a fraud prevention solution provider that analyzes a user's physical and cognitive digital behaviors to generate insights that distinguish between legitimate customers and cyber-criminals. |
 | ![Screenshot of a Microsoft Dynamics 365 logo](./media/partner-gallery/microsoft-dynamics365-logo.png) | [Microsoft Dynamics 365 Fraud Protection](./partner-dynamics-365-fraud-protection.md) is a solution that helps organizations protect against fraudulent account openings through device fingerprinting. |
 
 
@@ -38,7 +38,7 @@ The Jumio integration includes the following components:
 
 The following architecture diagram shows the implementation.
 
-   ![Diagram of the architecture of a Azure AD B2C integration with Jumio](./media/partner-jumio/jumio-architecture-diagram.png)
+   ![Diagram of the architecture of an Azure AD B2C integration with Jumio](./media/partner-jumio/jumio-architecture-diagram.png)
 
 1. The user signs in, or signs up, and creates an account. Azure AD B2C collects user attributes.
 2. Azure AD B2C calls the middle-layer API and passes the user attributes.
 
@@ -78,7 +78,9 @@ For testing, you register `https://jwt.ms`, a Microsoft web application with dec
 
 Complete [Tutorial: Register a web application in Azure AD B2C](tutorial-register-applications.md?tabs=app-reg-ga) 
 
-## Create a xID policy key
+<a name='create-a-xid-policy-key'></a>
+
+## Create an xID policy key
 
 Store the Client Secret from xID in your Azure AD B2C tenant. For the following instructions, use the directory with the Azure AD B2C tenant.