Merge pull request #234053 from MicrosoftDocs/main

Publish to live, Tuesday 4 AM PST, 4/11

Author: ttorble

articles/active-directory-b2c/custom-policies-series-hello-world.md

@@ -143,8 +143,10 @@ If you haven't already done so, create the following encryption keys. To automat
 
     ```xml
       <UserJourney Id="HelloWorldJourney">
-        <OrchestrationStep Order="1" Type="SendClaims" CpimIssuerTechnicalProfileReferenceId="JwtIssuer" />
-      </UserJourney>
+  <OrchestrationSteps>
+    <OrchestrationStep Order="1" Type="SendClaims" CpimIssuerTechnicalProfileReferenceId="JwtIssuer" />
+  </OrchestrationSteps>
+</UserJourney>
     ```
 
     We've added a [UserJourney](userjourneys.md). The user journey specifies the business logic the end user goes through as Azure AD B2C processes a request. This user journey has only one step that issues a JTW token with the claims that you'll define in the next step.

articles/active-directory/authentication/concept-authentication-passwordless.md

@@ -164,7 +164,7 @@ The following considerations apply:
 
 - Administrators can enable passwordless authentication methods for their tenant.
 
-- Administrators can target all users or select users/groups within their tenant for each method.
+- Administrators can target all users or select users/Security groups within their tenant for each method.
 
 - Users can register and manage these passwordless authentication methods in their account portal.
 

articles/active-directory/authentication/concept-mfa-authprovider.md

@@ -6,7 +6,7 @@ services: multi-factor-authentication
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 01/29/2023
+ms.date: 04/10/2023
 
 ms.author: justinha
 author: justinha
@@ -30,7 +30,7 @@ Note the SDK has been deprecated and will only continue to work until November 1
 
 ## What is an MFA provider?
 
-There are two types of Auth providers, and the distinction is around how your Azure subscription is charged. The per-authentication option calculates the number of authentications performed against your tenant in a month. This option is best if some users authenticate only occasionally. The per-user option calculates the number of users who are eligible to perform MFA, which is all users in Azure AD, and all enabled users in MFA Server. This option is best if some users have licenses but you need to extend MFA to more users beyond your licensing limits.
+There are two types of Auth providers, and the distinction is around how your Azure subscription is charged. The per-authentication option calculates the number of authentications performed against your tenant in a month. This option is best if some accounts authenticate only occasionally. The per-user option calculates the number of accounts that are eligible to perform MFA, which is all accounts in Azure AD, and all enabled accounts in MFA Server. This option is best if some users have licenses but you need to extend MFA to more users beyond your licensing limits.
 
 ## Manage your MFA provider
 

articles/active-directory/authentication/how-to-mfa-number-match.md

@@ -4,7 +4,7 @@ description: Learn how to use number matching in MFA notifications
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 04/05/2023
+ms.date: 04/10/2023
 ms.author: justinha
 author: justinha
 ms.collection: M365-identity-device-management
@@ -310,9 +310,7 @@ Number match will be enabled for all users of Microsoft Authenticator push notif
 
 Relevant services will begin deploying these changes after May 8, 2023 and users will start to see number match in approval requests. As services deploy, some may see number match while others don't. To ensure consistent behavior for all your users, we highly recommend you use the Azure portal or Graph API to roll out number match for all Microsoft Authenticator users. 
 
-### Will the changes after May 8th, 2023, override number matching settings that are configured for a group in the Authentication methods policy?
-
-No, the changes after May 8th won't affect the **Enable and Target** tab for Microsoft Authenticator in the Authentication methods policy. Administrators can continue to target specific users and groups or **All Users** for Microsoft Authenticator **Push** or **Any** authentication mode. 
+### What happens to number matching settings that are currently configured for a group in the Authentication methods policy after number matching is enabled for Authenticator push notifications after May 8th, 2023?
 
 When Microsoft begins protecting all organizations by enabling number matching after May 8th, 2023, administrators will see the **Require number matching for push notifications** setting on the **Configure** tab of the Microsoft Authenticator policy is set to **Enabled** for **All users** and can't be disabled. In addition, the **Exclude** option for this setting will be removed.
 

articles/active-directory/authentication/howto-mfa-mfasettings.md

@@ -6,7 +6,7 @@ services: multi-factor-authentication
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 02/13/2023
+ms.date: 04/10/2023
 
 ms.author: justinha
 author: justinha
@@ -159,7 +159,7 @@ Users can have a combination of up to five OATH hardware tokens or authenticator
 
 If users receive phone calls for MFA prompts, you can configure their experience, such as caller ID or the voice greeting they hear.
 
-In the United States, if you haven't configured MFA caller ID, voice calls from Microsoft come from the following number. Uses with spam filters should exclude this number.
+In the United States, if you haven't configured MFA caller ID, voice calls from Microsoft come from the following number. Users with spam filters should exclude this number.
 
 * *+1 (855) 330-8653*
 

articles/active-directory/authentication/media/concept-authentication-methods-manage/authentication-methods-policy.png

@@ -153,7 +153,7 @@ reactspalocal/
 
 ### Adding the sign in experience
 
-1. Open *SignInButton.jsx* and add the following code, which creates a button that signs in the user using either a popup or redirect.
+1. Open *SignInButton.jsx* and add the following code, which creates a button that signs in the user using either a pop-up or redirect.
 
    ```javascript 
    import React from "react";
@@ -255,4 +255,4 @@ reactspalocal/
 <!-- ::: zone-end -->
 
 > [!div class="nextstepaction"]
-> [Tutorial: Call an API from a React single-page app](single-page-app-tutorial-04-call-api.md)
+> [Tutorial: Call an API from a React single-page app](single-page-app-tutorial-04-call-api.md)

articles/active-directory/authentication/media/how-to-authentication-methods-manage/authentication-methods-policy.png

@@ -9,7 +9,7 @@ ms.service: active-directory
 ms.subservice: saas-app-tutorial
 ms.workload: identity
 ms.topic: how-to
-ms.date: 02/09/2023
+ms.date: 04/11/2023
 ms.author: jeedes
 
 ---
@@ -22,7 +22,7 @@ In this article, you learn how to integrate Beable with Azure Active Directory (
 * Enable your users to be automatically signed-in to Beable with their Azure AD accounts.
 * Manage your accounts in one central location - the Azure portal.
 
-You'll configure and test Azure AD single sign-on for Beable in a test environment. Beable supports **IDP** initiated single sign-on.
+You configure and test Azure AD single sign-on for Beable in a test environment. Beable supports **IDP** initiated single sign-on.
 
 ## Prerequisites
 
@@ -63,7 +63,7 @@ Complete the following steps to enable Azure AD single sign-on in the Azure port
 	`https://<SUBDOMAIN>.beable.com` 
 
 	b. In the **Reply URL** textbox, type a URL using the following pattern:
-	`https://prod-literacy-backend-alb-12049610218161332941.beable.com/login/ssoVerification/?providerId=1466658d-11ae-11ed-b1a0-b9e58c7ef6cc&identifier=<DOMAIN>`
+	`https://prod-literacy-backend-alb-<ID>.beable.com/login/ssoVerification/?providerId=<ProviderID>&identifier=<DOMAIN>`
 
 	> [!Note]
     > These values are not real. Update these values with the actual Identifier and Reply URL. Contact [Beable support team](https://beable.com/contact/) to get these values. You can also refer to the patterns shown in the Basic SAML Configuration section in the Azure portal.

articles/active-directory/develop/single-page-app-tutorial-03-sign-in-users.md

@@ -9,20 +9,20 @@ ms.service: active-directory
 ms.subservice: saas-app-tutorial
 ms.workload: identity
 ms.topic: how-to
-ms.date: 12/14/2022
+ms.date: 04/11/2023
 ms.author: jeedes
 
 ---
 
 # Azure Active Directory SSO integration with QRadar SOAR
 
-In this article, you'll learn how to integrate QRadar SOAR with Azure Active Directory (Azure AD). QRadar SOAR enhances the analyst experience through accelerated incident response with simple automation, process standardization, and integration with your existing security tools. When you integrate QRadar SOAR with Azure AD, you can:
+In this article, you learn how to integrate QRadar SOAR with Azure Active Directory (Azure AD). QRadar SOAR enhances the analyst experience through accelerated incident response with simple automation, process standardization, and integration with your existing security tools. When you integrate QRadar SOAR with Azure AD, you can:
 
 * Control in Azure AD who has access to QRadar SOAR.
 * Enable your users to be automatically signed-in to QRadar SOAR with their Azure AD accounts.
 * Manage your accounts in one central location - the Azure portal.
 
-You'll configure and test Azure AD single sign-on for QRadar SOAR in a test environment. QRadar SOAR supports both **SP** and **IDP** initiated single sign-on.
+You configure and test Azure AD single sign-on for QRadar SOAR in a test environment. QRadar SOAR supports both **SP** and **IDP** initiated single sign-on.
 
 ## Prerequisites
 
@@ -63,24 +63,24 @@ Complete the following steps to enable Azure AD single sign-on in the Azure port
 
     | **Identifier** |
     |-------|
-    | `https://<UPS>.domain.extension/<ID>` |
-    | `https://<SOAR>.domain.extension` |
+    | `https://<CustomerName>.domain.extension/<ID>` |
+    | `https://<CustomerName>.domain.extension` |
 
     b. In the **Reply URL** textbox, type a URL using one of the following patterns:
 
     | **Reply URL** |
     |-------|
-    | `https://<UPS>.domain.extension/<ID>` |
-    | `https://<SOAR>.domain.extension` |
+    | `https://<CustomerName>.domain.extension/<ID>` |
+    | `https://<CustomerName>.domain.extension` |
 
 1. If you want to configure **SP** initiated SSO, then perform the following step:  
 
     In the **Sign on URL** textbox, type a URL using one of the following patterns:
 
     | **Sign on URL** |
     |-------|
-    | `https://<UPS>.domain.extension/<ID>` |
-    | `https://<SOAR>.domain.extension` |
+    | `https://<CustomerName>.domain.extension/<ID>` |
+    | `https://<CustomerName>.domain.extension` |
 
     > [!Note]
     > These values are not the real. Update these values with the actual Identifier, Reply URL and Sign on URL. Contact [QRadar SOAR Client support team](mailto:[email protected]) to get these values. You can also refer to the patterns shown in the **Basic SAML Configuration** section in the Azure portal.