Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into wi-147392-agentless-discovery-aug20-2023

Author: David Curwin

.openpublishing.redirection.azure-productivity.json

@@ -184,6 +184,26 @@
       "source_path": "articles/lab-services/how-to-access-vm-for-students-within-teams.md",
       "redirect_url": "/azure/lab-services/tutorial-access-lab-virtual-machine-teams-canvas",
       "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/lab-services/lab-creator-support-information.md",
+      "redirect_url": "/azure/lab-services/how-to-manage-labs",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/lab-services/lab-user-support-information.md",
+      "redirect_url": "/azure/lab-services/how-to-access-lab-virtual-machine",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/lab-services/how-to-create-lab-plan-template.md",
+      "redirect_url": "/azure/lab-services/how-to-create-lab-plan-bicep",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/lab-services/how-to-create-lab-template.md",
+      "redirect_url": "/azure/lab-services/how-to-create-lab-bicep",
+      "redirect_document_id": false
     }
   ]
-}
+}

.openpublishing.redirection.json

@@ -1,5 +1,15 @@
 {
     "redirections": [
+        {
+            "source_path": "articles/migrate/tutorial-assess-webapps-physical.md",
+            "redirect_URL": "tutorial-assess-webapps",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/migrate/tutorial-assess-webapps-hyper-v.md",
+            "redirect_URL": "tutorial-assess-webapps",
+            "redirect_document_id": false
+        },
         {
             "source_path": "articles/route-server/tutorial-protect-route-server.md",
             "redirect_URL": "/azure/route-server/tutorial-protect-route-server-ddos",
@@ -2373,6 +2383,11 @@
             "redirect_url": "/azure/web-application-firewall/afds/waf-front-door-geo-filtering",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/web-application-firewall/scripts/waf-custom-rules-powershell.md",
+            "redirect_url": "/azure/web-application-firewall/ag/configure-waf-custom-rules",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/frontdoor/standard-premium/edge-locations.md",
             "redirect_url": "/azure/frontdoor/edge-locations-by-region",
@@ -24232,10 +24247,20 @@
             "redirect_url": "/azure/active-directory/external-identities/customers/tutorial-single-page-app-vanillajs-sign-in-sign-out",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/virtual-machines/image-builder-reliability.md",
+            "redirect_url": "/azure/reliability/reliability-image-builder.md",
+            "redirect_document_id": false 
+        },
         {
             "source_path_from_root": "/articles/bastion/bastion-connect-vm-rdp-linux.md",
             "redirect_url": "/azure/bastion/bastion-connect-vm-ssh-linux",
             "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/reliability/reliability-postgre-flexible.md",
+            "redirect_url": "/azure/reliability/reliability-postgresql-flexible-server",
+            "redirect_document_id": false
         }
     ]
 }

articles/active-directory-b2c/openid-connect-technical-profile.md

@@ -9,7 +9,7 @@ manager: CelesteDG
 ms.service: active-directory
 ms.workload: identity
 ms.topic: reference
-ms.date: 03/04/2021
+ms.date: 08/22/2023
 ms.author: kengaderdus
 ms.subservice: B2C
 ---
@@ -88,7 +88,7 @@ The technical profile also returns claims that aren't returned by the identity p
 | MarkAsFailureOnStatusCode5xx | No | Indicates whether a request to an external service should be marked as a failure if the Http status code is in the 5xx range. The default is `false`. |
 | DiscoverMetadataByTokenIssuer | No | Indicates whether the OIDC metadata should be discovered by using the issuer in the JWT token.If you need to build the metadata endpoint URL based on Issuer, set this to `true`.|
 | IncludeClaimResolvingInClaimsHandling  | No | For input and output claims, specifies whether [claims resolution](claim-resolver-overview.md) is included in the technical profile. Possible values: `true`, or `false` (default). If you want to use a claims resolver in the technical profile, set this to `true`. |
-|token_endpoint_auth_method| No | Specifies how Azure AD B2C sends the authentication header to the token endpoint. Possible values: `client_secret_post` (default), and `client_secret_basic` (public preview), `private_key_jwt` (public preview). For more information, see [OpenID Connect client authentication section](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication). |
+|token_endpoint_auth_method| No | Specifies how Azure AD B2C sends the authentication header to the token endpoint. Possible values: `client_secret_post` (default), and `client_secret_basic` (public preview), `private_key_jwt`. For more information, see [OpenID Connect client authentication section](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication). |
 |token_signing_algorithm| No | Specifies the signing algorithm to use when `token_endpoint_auth_method` is set to `private_key_jwt`. Possible values: `RS256` (default) or `RS512`.|
 | SingleLogoutEnabled | No | Indicates whether during sign-in the technical profile attempts to sign out from federated identity providers. For more information, see [Azure AD B2C session sign-out](./session-behavior.md#sign-out).  Possible values: `true` (default), or `false`. |
 |ReadBodyClaimsOnIdpRedirect| No| Set to `true` to read claims from response body on identity provider redirect. This metadata is used with [Apple ID](identity-provider-apple-id.md), where claims return in the response payload.|
@@ -134,3 +134,4 @@ Examples:
 - [Add Microsoft Account (MSA) as an identity provider using custom policies](identity-provider-microsoft-account.md)
 - [Sign in by using Azure AD accounts](identity-provider-azure-ad-single-tenant.md)
 - [Allow users to sign in to a multi-tenant Azure AD identity provider using custom policies](identity-provider-azure-ad-multi-tenant.md)
+

articles/active-directory-b2c/page-layout.md

@@ -9,7 +9,7 @@ manager: CelesteDG
 ms.service: active-directory
 ms.workload: identity
 ms.topic: reference
-ms.date: 07/18/2022
+ms.date: 08/23/2023
 ms.author: kengaderdus
 ms.subservice: B2C
 ---
@@ -59,13 +59,46 @@ Azure AD B2C page layout uses the following versions of the [jQuery library](htt
 
 ## Self-asserted page (selfasserted)
 
+**2.1.26**
+
+- Replaced `Keypress` to `Key Down` event and avoid `Asterisk` for non-required in classic mode.
+
+**2.1.25**
+
+- Fixed content security policy (CSP) violation and remove additional request header X-Aspnetmvc-Version.
+
+- Introduced Captcha mechanism for Self-asserted and Unified SSP Flows (_Beta-version-Internal use only_).
+
+**2.1.24**
+
+- Fixed accessibility bugs.
+
+- Fixed MFA related issue and IE11 compatibility issues.
+
+**2.1.23**
+
+- Fixed accessibility bugs.
+
+- Reduced `min-width` value for UI viewport for default template.
+
+**2.1.22**
+
+- Fixed accessibility bugs.
+
+- Added logic to adopt QR Code Image generated from backend library.
+
+**2.1.21**
+
+- Additional sanitization of script tags to avoid XSS attacks.
+
 **2.1.20**
-- Fixed an XSS issue on input from textbox
+- Fixed Enter event trigger on MFA.
+- CSS changes rendering page text/control in vertical manner for small screens
 
 **2.1.19**
-- Fixed accessibility bugs
-- Handle Undefined Error message for existing user sign up
-- Move Password Mismatch Error to Inline instead of Page Level
+- Fixed accessibility bugs.
+- Handled Undefined Error message for existing user sign up.
+- Moved Password mismatch error to Inline instead of page level.
 - Accessibility changes related to High Contrast button display and anchor focus improvements
 
 **2.1.18**
@@ -81,6 +114,7 @@ Azure AD B2C page layout uses the following versions of the [jQuery library](htt
 - Enforce Validation Error Update on control change and enable continue on email verified
 - Added additional field to error code to validation failure response
 
+
 **2.1.16**
 - Fixed "Claims for verification control have not been verified" bug while verifying code.
 - Hide error message on validation succeeds and send code to verify
@@ -94,7 +128,7 @@ Azure AD B2C page layout uses the following versions of the [jQuery library](htt
 **2.1.10**
 
 - Correcting to the tab index
-- Fixing WCAG 2.1 accessibility and screen reader issues   
+- Fixed WCAG 2.1 accessibility and screen reader issues   
 
 **2.1.9**
 
@@ -187,10 +221,34 @@ Azure AD B2C page layout uses the following versions of the [jQuery library](htt
 > [!TIP]
 > If you localize your page to support multiple locales, or languages in a user flow. The [localization IDs](localization-string-ids.md) article provides the list of localization IDs that you can use for the page version you select.
 
+**2.1.14**
+
+- Replaced `Keypress` to `Key Down` event.
+
+**2.1.13**
+
+- Fixed content security policy (CSP) violation and remove additional request header X-Aspnetmvc-Version
+
+- Introduced Captcha mechanism for Self-asserted and Unified SSP Flows (_Beta-version-Internal use only_)
+
+**2.1.12**
+
+- Removed `ReplaceAll` function for IE11 compatibility.
+
+**2.1.11**
+
+- Fixed accessibility bugs.
+
+**2.1.10**
+
+- Added additional sanitization of script tags to avoid XSS attacks.
+
 **2.1.9**
-- Fix accessibility bugs
+
+- Fixed accessibility bugs.
+
 - Accessibility changes related to High Contrast button display and anchor focus improvements
-	
+
 **2.1.8**
 - Add descriptive error message and fixed forgotPassword link!
 
@@ -255,6 +313,46 @@ Azure AD B2C page layout uses the following versions of the [jQuery library](htt
 
 ## MFA page (multifactor)
 
+**1.2.12**
+
+- Replaced `KeyPress` to `KeyDown` event.
+
+**1.2.11**
+
+- Removed `ReplaceAll` function for IE11 compatibility.
+
+**1.2.10**
+
+- Fixed accessibility bugs.
+
+**1.2.9**
+
+- Fixed `Enter` event trigger on MFA.
+
+- CSS changes render page text/control in vertical manner for small screens
+
+- Fixed Multifactor tab navigation bug.
+
+**1.2.8**
+
+- Passed the response status for MFA verification with error for backend to further triage.
+
+**1.2.7**
+
+- Fixed accessibility issue on label for retries code.
+
+- Fixed issue caused by incompatibility of default parameter on IE 11.
+
+- Set up `H1` heading and enable by default.
+
+- Updated HandlebarJS version to 4.7.7.
+
+**1.2.6**
+
+- Corrected the `autocomplete` value on verification code field from false to off.
+
+- Fixed a few XSS encoding issues.
+
 **1.2.5**
 - Fixed a language encoding issue that is causing the request to fail.
 
@@ -303,7 +401,24 @@ Azure AD B2C page layout uses the following versions of the [jQuery library](htt
 
 ## Exception Page (globalexception)
 
+**1.2.5**
+
+- Removed `ReplaceAl`l function for IE11 compatibility.
+
+**1.2.4**
+
+- Fixed accessibility bugs.
+
+**1.2.3**
+
+- Updated HandlebarJS version to 4.7.7.
+
+**1.2.2**
+
+- Set up `H1` heading and enable by default.
+
 **1.2.1**
+
 - Updated jQuery version to 3.5.1.
 - Updated HandlebarJS version to 4.7.6.
 
@@ -328,7 +443,20 @@ Azure AD B2C page layout uses the following versions of the [jQuery library](htt
 
 ## Other pages (ProviderSelection, ClaimsConsent, UnifiedSSD)
 
+**1.2.4**
+
+- Remove `ReplaceAll` function for IE11 compatibility.
+
+**1.2.3**
+
+- Fixed accessibility bugs.
+
+**1.2.2**
+
+- Updated HandlebarJS version to 4.7.7
+
 **1.2.1**
+
 - Updated jQuery version to 3.5.1.
 - Updated HandlebarJS version to 4.7.6.
 
@@ -348,3 +476,5 @@ Azure AD B2C page layout uses the following versions of the [jQuery library](htt
 ## Next steps
 
 For details on how to customize the user interface of your applications in custom policies, see [Customize the user interface of your application using a custom policy](customize-ui-with-html.md).
+
+

articles/active-directory-b2c/secure-rest-api.md

@@ -230,8 +230,6 @@ The following XML snippet is an example of a RESTful technical profile configure
 
 ## OAuth2 bearer authentication 
 
-[!INCLUDE [b2c-public-preview-feature](../../includes/active-directory-b2c-public-preview.md)]
-
 Bearer token authentication is defined in [OAuth2.0 Authorization Framework: Bearer Token Usage (RFC 6750)](https://www.rfc-editor.org/rfc/rfc6750.txt). In bearer token authentication, Azure AD B2C sends an HTTP request with a token in the authorization header.
 
 ```http
@@ -243,7 +241,6 @@ A bearer token is an opaque string. It can be a JWT access token or any string t
 - **Bearer token**. To be able to send the bearer token in the Restful technical profile, your policy needs to first acquire the bearer token and then use it in the RESTful technical profile.  
 - **Static bearer token**. Use this approach when your REST API issues a long-term access token. To use a static bearer token, create a policy key and make a reference from the RESTful technical profile to your policy key. 
 
-
 ## Using OAuth2 Bearer  
 
 The following steps demonstrate how to use client credentials to obtain a bearer token and pass it into the Authorization header of the REST API calls.  
@@ -488,15 +485,18 @@ Add the validation technical profile reference to the sign up technical profile,
 
 
 
+
+
 For example:
-    ```XML
-    <ValidationTechnicalProfiles>
-       ....
-       <ValidationTechnicalProfile ReferenceId="REST-AcquireAccessToken" />
-       ....
-    </ValidationTechnicalProfiles>
-    ```
-    
+```ruby
+```XML
+<ValidationTechnicalProfiles>
+   ....
+   <ValidationTechnicalProfile ReferenceId="REST-AcquireAccessToken" />
+   ....
+</ValidationTechnicalProfiles>
+```
+```
 
 ::: zone-end
 
@@ -531,7 +531,6 @@ To configure a REST API technical profile with API key authentication, create th
 1. For **Key usage**, select **Encryption**.
 1. Select **Create**.
 
-
 ### Configure your REST API technical profile to use API key authentication
 
 After creating the necessary key, configure your REST API technical profile metadata to reference the credentials.
@@ -584,3 +583,4 @@ The following XML snippet is an example of a RESTful technical profile configure
 ::: zone pivot="b2c-custom-policy"
 - Learn more about the [Restful technical profile](restful-technical-profile.md) element in the custom policy reference.
 ::: zone-end
+

articles/active-directory-domain-services/policy-reference.md

@@ -1,7 +1,7 @@
 ---
 title: Built-in policy definitions for Azure Active Directory Domain Services
 description: Lists Azure Policy built-in policy definitions for Azure Active Directory Domain Services. These built-in policy definitions provide common approaches to managing your Azure resources.
-ms.date: 08/08/2023
+ms.date: 08/25/2023
 ms.service: active-directory
 ms.subservice: domain-services
 author: justinha

articles/active-directory/app-provisioning/inbound-provisioning-api-grant-access.md

@@ -86,6 +86,6 @@ This section describes how you can assign the necessary permissions to a managed
 ## Next steps
 - [Quick start using cURL](inbound-provisioning-api-curl-tutorial.md)
 - [Quick start using Postman](inbound-provisioning-api-postman.md)
-- [Quick start using Postman](inbound-provisioning-api-graph-explorer.md)
+- [Quick start using Graph Explorer](inbound-provisioning-api-graph-explorer.md)
 - [Frequently asked questions about API-driven inbound provisioning](inbound-provisioning-api-faqs.md)