Merge pull request #224825 from MicrosoftDocs/main

Publish to live, Tuesday 4 AM PST, 1/24

Author: ttorble

articles/active-directory/develop/consent-types-developer.md

@@ -3,8 +3,7 @@ title: Microsoft identity platform developers' guide to requesting permissions t
 description: Learn how developers can request for permissions through consent in the Microsoft identity platform endpoint.
 services: active-directory
 author: omondiatieno
-manager: mwongerapk
-
+manager: celesteDG
 ms.service: active-directory
 ms.subservice: develop
 ms.workload: identity

articles/active-directory/develop/customize-webviews.md

@@ -7,52 +7,52 @@ manager: CelesteDG
 
 ms.service: active-directory
 ms.subservice: develop
-ms.topic: how-to
+ms.topic: conceptual
 ms.workload: identity
-ms.date: 08/28/2019
+ms.date: 01/24/2023
 ms.author: henrymbugua
 ms.reviewer: oldalton
 ms.custom: aaddev, has-adal-ref
 ---
 
 # Customize browsers and WebViews for iOS/macOS
 
-A web browser is required for interactive authentication. On iOS and macOS 10.15+, the Microsoft Authentication Library (MSAL) uses the system web browser by default (which might appear on top of your app) to do interactive authentication to sign in users. Using the system browser has the advantage of sharing the Single Sign On (SSO) state with other applications and with web applications.
+A web browser is required for interactive authentication. On iOS and macOS 10.15+, the Microsoft Authentication Library (MSAL) uses the system web browser by default (which might appear on top of your app) to do interactive authentication to sign in users. Using the system browser has the advantage of sharing the single sign-on (SSO) state with other applications and with web applications.
 
 You can change the experience by customizing the configuration to other options for displaying web content, such as:
 
 For iOS only:
 
-- [SFAuthenticationSession](https://developer.apple.com/documentation/safariservices/sfauthenticationsession?language=objc) 
+- [SFAuthenticationSession](https://developer.apple.com/documentation/safariservices/sfauthenticationsession?language=objc)
 - [SFSafariViewController](https://developer.apple.com/documentation/safariservices/sfsafariviewcontroller?language=objc)
 
 For iOS and macOS:
 
 - [ASWebAuthenticationSession](https://developer.apple.com/documentation/authenticationservices/aswebauthenticationsession?language=objc)
 - [WKWebView](https://developer.apple.com/documentation/webkit/wkwebview?language=objc).
 
-MSAL for macOS only supports `WKWebView` on older OS versions. `ASWebAuthenticationSession` is only supported on macOS 10.15 and above. 
+MSAL for macOS only supports `WKWebView` on older OS versions. `ASWebAuthenticationSession` is only supported on macOS 10.15 and above.
 
 ## System browsers
 
 For iOS, `ASWebAuthenticationSession`, `SFAuthenticationSession`, and `SFSafariViewController` are considered system browsers. For macOS, only `ASWebAuthenticationSession` is available. In general, system browsers share cookies and other website data with the Safari browser application.
 
-By default, MSAL will dynamically detect iOS version and select the recommended system browser available on that version. On iOS 12+ it will be `ASWebAuthenticationSession`. 
+By default, MSAL will dynamically detect iOS version and select the recommended system browser available on that version. On iOS 12+ it will be `ASWebAuthenticationSession`.
 
 ### Default configuration for iOS
 
-| Version | Web browser |
-|:-------------:|:-------------:|
+| Version |        Web browser         |
+| :-----: | :------------------------: |
 | iOS 12+ | ASWebAuthenticationSession |
-| iOS 11 | SFAuthenticationSession |
-| iOS 10 | SFSafariViewController |
+| iOS 11  |  SFAuthenticationSession   |
+| iOS 10  |   SFSafariViewController   |
 
 ### Default configuration for macOS
 
-| Version | Web browser |
-|:-------------:|:-------------:|
-| macOS 10.15+ | ASWebAuthenticationSession |
-| other versions | WKWebView |
+|    Version     |        Web browser         |
+| :------------: | :------------------------: |
+|  macOS 10.15+  | ASWebAuthenticationSession |
+| other versions |         WKWebView          |
 
 Developers can also select a different system browser for MSAL apps:
 
@@ -63,19 +63,19 @@ Developers can also select a different system browser for MSAL apps:
 
 [WKWebView](https://developer.apple.com/documentation/webkit/wkwebview) is an in-app browser that displays web content. It doesn't share cookies or web site data with other **WKWebView** instances, or with the Safari browser. WKWebView is a cross-platform browser that is available for both iOS and macOS.
 
-## Cookie sharing and Single sign-on (SSO) implications
+## Cookie sharing and SSO implications
 
 The browser you use impacts the SSO experience because of how they share cookies. The following tables summarize the SSO experiences per browser.
 
-| Technology    | Browser Type  | iOS availability | macOS availability | Shares cookies and other data  | MSAL availability | SSO |
-|:-------------:|:-------------:|:-------------:|:-------------:|:-------------:|:-------------:|-------------:|
-| [ASWebAuthenticationSession](https://developer.apple.com/documentation/authenticationservices/aswebauthenticationsession) | System | iOS12 and up | macOS 10.15 and up | Yes | iOS and macOS 10.15+ | w/ Safari instances
-| [SFAuthenticationSession](https://developer.apple.com/documentation/safariservices/sfauthenticationsession) | System | iOS11 and up | N/A | Yes | iOS only |  w/ Safari instances
-| [SFSafariViewController](https://developer.apple.com/documentation/safariservices/sfsafariviewcontroller) | System | iOS11 and up | N/A | No | iOS only | No**
-| **SFSafariViewController** | System | iOS10 | N/A | Yes | iOS only |  w/ Safari instances
-| **WKWebView**  | In-app | iOS8 and up | macOS 10.10 and up | No | iOS and macOS | No**
+|                                                        Technology                                                         | Browser Type | iOS availability | macOS availability | Shares cookies and other data |  MSAL availability   |                 SSO |
+| :-----------------------------------------------------------------------------------------------------------------------: | :----------: | :--------------: | :----------------: | :---------------------------: | :------------------: | ------------------: |
+| [ASWebAuthenticationSession](https://developer.apple.com/documentation/authenticationservices/aswebauthenticationsession) |    System    |   iOS12 and up   | macOS 10.15 and up |              Yes              | iOS and macOS 10.15+ | w/ Safari instances |
+|        [SFAuthenticationSession](https://developer.apple.com/documentation/safariservices/sfauthenticationsession)        |    System    |   iOS11 and up   |        N/A         |              Yes              |       iOS only       | w/ Safari instances |
+|         [SFSafariViewController](https://developer.apple.com/documentation/safariservices/sfsafariviewcontroller)         |    System    |   iOS11 and up   |        N/A         |              No               |       iOS only       |              No\*\* |
+|                                                **SFSafariViewController**                                                 |    System    |      iOS10       |        N/A         |              Yes              |       iOS only       | w/ Safari instances |
+|                                                       **WKWebView**                                                       |    In-app    |   iOS8 and up    | macOS 10.10 and up |              No               |    iOS and macOS     |              No\*\* |
 
-** For SSO to work, tokens need to be shared between apps. This requires a token cache, or broker application, such as Microsoft Authenticator for iOS.
+\*\* For SSO to work, tokens need to be shared between apps. This requires a token cache, or broker application, such as Microsoft Authenticator for iOS.
 
 ## Change the default browser for the request
 
@@ -94,17 +94,20 @@ Additionally, MSAL supports passing in a custom `WKWebView` by setting the `MSAL
 For example:
 
 Objective-C
+
 ```objc
 UIViewController *myParentController = ...;
 WKWebView *myCustomWebView = ...;
 MSALWebviewParameters *webViewParameters = [[MSALWebviewParameters alloc] initWithAuthPresentationViewController:myParentController];
 webViewParameters.webviewType = MSALWebviewTypeWKWebView;
 webViewParameters.customWebview = myCustomWebView;
 MSALInteractiveTokenParameters *interactiveParameters = [[MSALInteractiveTokenParameters alloc] initWithScopes:@[@"myscope"] webviewParameters:webViewParameters];
-    
+
 [app acquireTokenWithParameters:interactiveParameters completionBlock:completionBlock];
 ```
+
 Swift
+
 ```swift
 let myParentController: UIViewController = ...
 let myCustomWebView: WKWebView = ...
@@ -149,17 +152,17 @@ typedef NS_ENUM(NSInteger, MSALWebviewType)
      For older macOS versions uses WKWebView
      */
     MSALWebviewTypeDefault,
-    
+
     /** Use ASWebAuthenticationSession where available.
      On older iOS versions uses SFAuthenticationSession
      Doesn't allow any other webview type, so if either of these are not present, fails the request*/
     MSALWebviewTypeAuthenticationSession,
-    
+
 #if TARGET_OS_IPHONE
-    
+
     /** Use SFSafariViewController for all versions. */
     MSALWebviewTypeSafariViewController,
-    
+
 #endif
     /** Use WKWebView */
     MSALWebviewTypeWKWebView,

articles/active-directory/develop/delegated-access-primer.md

@@ -3,8 +3,7 @@ title: Microsoft identity platform delegated access scenario
 description: Learn about delegated access in the Microsoft identity platform endpoint.
 services: active-directory
 author: omondiatieno
-manager: mwongerapk
-
+manager: celesteDG
 ms.service: active-directory
 ms.subservice: develop
 ms.workload: identity

articles/active-directory/develop/permissions-consent-overview.md

@@ -4,7 +4,6 @@ description: Learn the foundational concepts and scenarios around consent and pe
 services: active-directory
 author: omondiatieno
 manager: CelesteDG
-
 ms.service: active-directory
 ms.subservice: develop
 ms.workload: identity
@@ -52,7 +51,7 @@ There are other ways in which applications can be granted authorization for app-
 
 ### Comparison of delegated and application permissions
 
-| | Delegated permissions | Application permissions |
+| Permission types | Delegated permissions | Application permissions |
 |--|--|--|
 | Types of apps | Web / Mobile / single-page app (SPA) | Web / Daemon |
 | Access context | Get access on behalf of a user | Get access without a user |

articles/active-directory/develop/quickstart-v2-python-webapp.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: develop
 ms.topic: portal
 ms.workload: identity
-ms.date: 11/22/2021
+ms.date: 01/24/2023
 ROBOTS: NOINDEX
 ms.author: henrymbugua
 ms.custom: aaddev, devx-track-python, "scenarios:getting-started", "languages:Python", mode-api

articles/active-directory/develop/scopes-oidc.md

@@ -4,7 +4,6 @@ description: Learn about openID connect scopes and permissions in the Microsoft
 services: active-directory
 author: omondiatieno
 manager: CelesteDG
-
 ms.service: active-directory
 ms.subservice: develop
 ms.workload: identity

articles/active-directory/manage-apps/access-panel-collections.md

@@ -2,15 +2,16 @@
 title: Create collections for My Apps portals
 description: Use My Apps collections to Customize My Apps pages for a simpler My Apps experience for your users. Organize applications into groups with separate tabs.
 services: active-directory
-author: lnalepa
+author: omondiatieno
 manager: CelesteDG
 ms.service: active-directory
 ms.subservice: app-mgmt
 ms.workload: identity
 ms.topic: how-to
 ms.date: 09/02/2021
-ms.author: lenalepa
+ms.author: jomondi
 ms.collection: M365-identity-device-management
+ms.reviewer: lenalepa
 
 #customer intent: As an admin, I want to enable and create collections for My Apps portal in Azure AD so that I can create a simpler My Apps experience for users.
 ---

articles/active-directory/manage-apps/add-application-portal-setup-oidc-sso.md

@@ -2,14 +2,15 @@
 title: 'Add an OpenID Connect-based single sign-on application'
 description: Learn how to add OpenID Connect-based single sign-on application in Azure Active Directory.
 services: active-directory
-author: eringreenlee
+author: omondiatieno
 manager: CelesteDG
 ms.service: active-directory
 ms.subservice: app-mgmt
 ms.topic: conceptual
 ms.workload: identity
 ms.date: 04/14/2022
-ms.author: ergreenl
+ms.author: jomondi
+ms.reviewer: ergreenl
 ---
 
 # Add an OpenID Connect-based single sign-on application

articles/active-directory/manage-apps/admin-consent-workflow-faq.md

@@ -2,14 +2,14 @@
 title: Frequently asked questions about the admin consent workflow
 description: Find answers to frequently asked questions (FAQs) about the admin consent workflow.
 services: active-directory
-author: eringreenlee
+author: omondiatieno
 manager: CelesteDG
 ms.service: active-directory
 ms.subservice: app-mgmt
 ms.workload: identity
 ms.topic: reference
 ms.date: 05/27/2022
-ms.author: ergreenl
+ms.author: jomondi
 ms.reviewer: ergreenl
 ms.collection: M365-identity-device-management
 

articles/active-directory/manage-apps/admin-consent-workflow-overview.md

@@ -2,14 +2,15 @@
 title: Overview of admin consent workflow
 description: Learn about the admin consent workflow in Azure Active Directory 
 services: active-directory
-author: eringreenlee
+author: omondiatieno
 manager: CelesteDG
 ms.service: active-directory
 ms.subservice: app-mgmt
 ms.workload: identity
 ms.topic: conceptual
 ms.date: 11/02/2022
-ms.author: ergreenl
+ms.author: jomondi
+ms.reviewer: ergreenl
 ms.collection: M365-identity-device-management
 
 #customer intent: As an admin, I want to learn about the admin consent workflow and how it affects end-user and admin consent experience