Merge pull request #91694 from rwike77/v1authbasics

V1 auth basics

Author: ktoliver

articles/active-directory/develop/TOC.yml

@@ -553,7 +553,7 @@
     - name: Authentication
       items:
       - name: Authentication basics
-        href: authentication-scenarios.md
+        href: v1-authentication-scenarios.md
       - name: OAuth 2.0 and OpenID Connect protocols
         items:
         - name: OpenID Connect

articles/active-directory/develop/active-directory-authentication-libraries.md

@@ -81,5 +81,5 @@ In this scenario, a developer has a web application running on a server that nee
 ## See Also
 
 - [The Azure Active Directory developer's guide](v1-overview.md)
-- [Authentication scenarios for Azure Active directory](authentication-scenarios.md)
+- [Authentication scenarios for Azure Active directory](v1-authentication-scenarios.md)
 - [Azure Active Directory code samples](sample-v1-code.md)

articles/active-directory/develop/active-directory-devhowto-adal-error-handling.md

@@ -51,7 +51,7 @@ Fundamentally, there are two cases of AcquireTokenSilent errors:
 | Case | Description |
 |------|-------------|
 | **Case 1**: Error is resolvable with an interactive sign-in | For errors caused by a lack of valid tokens, an interactive request is necessary. Specifically, cache lookup and an invalid/expired refresh token require an AcquireToken call to resolve.<br><br>In these cases, the end user needs to be prompted to sign in. The application can choose to do an interactive request immediately, after end-user interaction (such as hitting a sign-in button), or later. The choice depends on the desired behavior of the application.<br><br>See the code in the following section for this specific case and the errors that diagnose it.|
-| **Case 2**: Error is not resolvable with an interactive sign-in | For network and transient/temporary errors, or other failures, performing an interactive AcquireToken request does not resolve the issue. Unnecessary interactive sign-in prompts can also frustrate end users. ADAL automatically attempts a single retry for most errors on AcquireTokenSilent failures.<br><br>The client application can also attempt a retry at some later point, but when and how to do it is dependent on the application behavior and desired end-user experience. For example, the application can do an AcquireTokenSilent retry after a few minutes, or in response to some end-user action. An immediate retry will result in the application being throttled, and should not be attempted.<br><br>A subsequent retry failing with the same error does not mean the client should do an interactive request using AcquireToken, as it does not resolve the error.<br><br>See the code in the following section for this specific case and the errors that diagnose it. |
+| **Case 2**: Error is not resolvable with an interactive sign-in | For network and transient/temporary errors, or other failures, performing an interactive AcquireToken request does not resolve the issue. Unnecessary interactive sign-in prompts can also frustrate end users. ADAL automatically attempts a single retry for most errors on AcquireTokenSilent failures.<br><br>The client application can also attempt a retry at some later point, but when and how is dependent on the application behavior and desired end-user experience. For example, the application can do an AcquireTokenSilent retry after a few minutes, or in response to some end-user action. An immediate retry will result in the application being throttled, and should not be attempted.<br><br>A subsequent retry failing with the same error does not mean the client should do an interactive request using AcquireToken, as it does not resolve the error.<br><br>See the code in the following section for this specific case and the errors that diagnose it. |
 
 ### .NET
 
@@ -196,7 +196,7 @@ Error handling in native applications can be defined by two cases:
 
 |  |  |
 |------|-------------|
-| **Case 1**:<br>Non-Retryable Error (most cases) | 1. Do not attempt immediate retry. Present the end-user UI based on the specific error that invokes a retry ("Try to Sign in again", "Download Azure AD broker application", etc). |
+| **Case 1**:<br>Non-Retryable Error (most cases) | 1. Do not attempt immediate retry. Present the end-user UI based on the specific error that invokes a retry (for example, "Try to Sign in again" or "Download Azure AD broker application"). |
 | **Case 2**:<br>Retryable Error | 1. Perform a single retry as the end user may have entered a state that results in a success.<br><br>2. If retry fails, present the end-user UI based on the specific error that invokes a retry ("Try to Sign in again", "Download Azure AD broker app", etc.). |
 
 > [!IMPORTANT]
@@ -208,9 +208,9 @@ Error handling in native applications can be defined by two cases:
 The following guidance provides examples for error handling in conjunction with all non-silent AcquireToken(…) ADAL methods, *except*: 
 
 - AcquireTokenAsync(…, IClientAssertionCertification, …)
-- AcquireTokenAsync(…,ClientCredential, …)
-- AcquireTokenAsync(…,ClientAssertion, …)
-- AcquireTokenAsync(…,UserAssertion,…)   
+- AcquireTokenAsync(…, ClientCredential, …)
+- AcquireTokenAsync(…, ClientAssertion, …)
+- AcquireTokenAsync(…, UserAssertion,…)   
 
 Your code would be implemented as follows:
 
@@ -478,8 +478,8 @@ We've built a [complete sample](https://github.com/Azure-Samples/active-director
 
 ## Error and logging reference
 
-### Logging Personal Identifiable Information (PII) & Organizational Identifiable Information (OII)
-By default, ADAL logging does not capture or log any PII or OII. The library allows app developers to turn this on through a setter in the Logger class. By turning on PII or OII, the app takes responsibility for safely handling highly-sensitive data and complying with any regulatory requirements.
+### Logging Personal Identifiable Information & Organizational Identifiable Information 
+By default, ADAL logging does not capture or log any personal identifiable information or organizational identifiable information. The library allows app developers to turn this on through a setter in the Logger class. By logging personal identifiable information or organizational identifiable information, the app takes responsibility for safely handling highly sensitive data and complying with any regulatory requirements.
 
 ### .NET
 
@@ -587,7 +587,7 @@ Use the comments section that follows, to provide feedback and help us refine an
 <!--Reference style links -->
 
 [AAD-Auth-Libraries]: ./active-directory-authentication-libraries.md
-[AAD-Auth-Scenarios]:authentication-scenarios.md
+[AAD-Auth-Scenarios]:v1-authentication-scenarios.md
 [AAD-Dev-Guide]:azure-ad-developers-guide.md
 [AAD-Integrating-Apps]:quickstart-v1-integrate-apps-with-azure-ad.md
 [AZURE-portal]: https://portal.azure.com

articles/active-directory/develop/active-directory-graph-api-quickstart.md

@@ -83,7 +83,7 @@ For the purposes of this Quickstart guide, you can use the Fiddler Web Debugger
 
 In the example below, you use Fiddler Web Debugger to create a new security group ‘MyTestGroup’ in your Azure AD directory.
 
-**Obtain an access token**: To access Azure AD Graph, clients are required to successfully authenticate to Azure AD first. For more information, see [Authentication scenarios for Azure AD](authentication-scenarios.md).
+**Obtain an access token**: To access Azure AD Graph, clients are required to successfully authenticate to Azure AD first. For more information, see [Authentication scenarios for Azure AD](v1-authentication-scenarios.md).
 
 **Compose and run a query**: Complete the following steps:
 

articles/active-directory/develop/active-directory-how-to-integrate.md

@@ -33,7 +33,7 @@ There are several ways for your application to integrate with Azure AD. Take adv
 
 ### Support Azure AD as a way to sign in to your application
 
-**Reduce sign in friction and reduce support costs.** By using Azure AD to sign in to your application, your users won't have one more name and password to remember. As a developer, you'll have one less password to store and protect. Not having to handle forgotten password resets may be a significant savings alone. Azure AD powers sign in for some of the world's most popular cloud applications, including Office 365 and Microsoft Azure. With hundreds of millions users from millions of organizations, chances are your user is already signed in to Azure AD. Learn more about [adding support for Azure AD sign in](authentication-scenarios.md).
+**Reduce sign in friction and reduce support costs.** By using Azure AD to sign in to your application, your users won't have one more name and password to remember. As a developer, you'll have one less password to store and protect. Not having to handle forgotten password resets may be a significant savings alone. Azure AD powers sign in for some of the world's most popular cloud applications, including Office 365 and Microsoft Azure. With hundreds of millions users from millions of organizations, chances are your user is already signed in to Azure AD. Learn more about [adding support for Azure AD sign in](v1-authentication-scenarios.md).
 
 **Simplify sign up for your application.**  During sign up for your application, Azure AD can send essential information about a user so that you can pre-fill your sign up form or eliminate it completely. Users can sign up for your application using their Azure AD account via a familiar consent experience similar to those found in social media and mobile applications. Any user can sign up and sign in to an application that is integrated with Azure AD without requiring IT involvement. Learn more about [signing-up your application for Azure AD Account login](../../app-service/configure-authentication-provider-aad.md).
 
@@ -93,5 +93,5 @@ Integration with Azure AD comes with benefits that do not require you to write a
 
 [Get started writing code](v2-overview.md#getting-started).
 
-[Sign users in using Microsoft identity platform](authentication-scenarios.md)
+[Sign users in using Microsoft identity platform](v1-authentication-scenarios.md)
 

articles/active-directory/develop/app-types.md

@@ -78,4 +78,4 @@ Each scenario listed in this document includes a subsection that describes its p
 
 ## Next steps
 
-- Learn more about other Azure AD [authentication basics](authentication-scenarios.md)
+- Learn more about other Azure AD [authentication basics](v1-authentication-scenarios.md)

articles/active-directory/develop/conditional-access-dev-guide.md

@@ -31,7 +31,7 @@ For more information on the full capabilities of Conditional Access, see [Condit
 
 For developers building apps for Azure AD, this article shows how you can use Conditional Access and you'll also learn about the impact of accessing resources that you don't have control over that may have Conditional Access policies applied. The article also explores the implications of Conditional Access in the on-behalf-of flow, web apps, accessing Microsoft Graph, and calling APIs.
 
-Knowledge of [single](quickstart-v1-integrate-apps-with-azure-ad.md) and [multi-tenant](howto-convert-app-to-be-multi-tenant.md) apps and [common authentication patterns](authentication-scenarios.md) is assumed.
+Knowledge of [single](quickstart-v1-integrate-apps-with-azure-ad.md) and [multi-tenant](howto-convert-app-to-be-multi-tenant.md) apps and [common authentication patterns](v1-authentication-scenarios.md) is assumed.
 
 ## How does Conditional Access impact an app?
 

articles/active-directory/develop/howto-app-gallery-listing.md

@@ -68,7 +68,7 @@ Our team reviews the details and gives you access accordingly. After your reques
 
 To list an application in the Azure AD app gallery, you first need to implement one of the following federation protocols supported by Azure AD. You also need to agree to the Azure AD application gallery terms and conditions. Read the terms and conditions of the Azure AD application gallery on [this website](https://azure.microsoft.com/support/legal/active-directory-app-gallery-terms/).
 
-- **OpenID Connect**: To integrate your application with Azure AD by using the Open ID Connect protocol, follow the [developers' instructions](authentication-scenarios.md).
+- **OpenID Connect**: To integrate your application with Azure AD by using the Open ID Connect protocol, follow the [developers' instructions](v1-authentication-scenarios.md).
 
     ![Listing an OpenID Connect application in the gallery](./media/howto-app-gallery-listing/openid.png)
 

articles/active-directory/develop/howto-get-appsource-certified.md

@@ -109,7 +109,7 @@ For more information about the AppSource trial experience, see [this video](http
 
 ## Next Steps
 
-- For more information on building applications that support Azure AD sign-ins, see [Authentication scenarios for Azure AD](https://docs.microsoft.com/azure/active-directory/develop/authentication-scenarios).
+- For more information on building applications that support Azure AD sign-ins, see [Authentication scenarios for Azure AD](https://docs.microsoft.com/azure/active-directory/develop/v1-authentication-scenarios).
 - For information on how to list your SaaS application in AppSource, go see [AppSource Partner Information](https://appsource.microsoft.com/partners)
 
 ## Get support
@@ -121,8 +121,8 @@ We highly recommend you ask your questions on Stack Overflow first and browse ex
 Use the following comments section to provide feedback and help us refine and shape our content.
 
 <!--Reference style links -->
-[AAD-Auth-Scenarios]:authentication-scenarios.md
-[AAD-Auth-Scenarios-Browser-To-WebApp]:authentication-scenarios.md#web-browser-to-web-application
+[AAD-Auth-Scenarios]:v1-authentication-scenarios.md
+[AAD-Auth-Scenarios-Browser-To-WebApp]:v1-authentication-scenarios.md#web-browser-to-web-application
 [AAD-Dev-Guide]: v1-overview.md
 [AAD-Howto-Multitenant-Overview]: howto-convert-app-to-be-multi-tenant.md
 [AAD-QuickStart-Web-Apps]: v1-overview.md#get-started