Merge pull request #206311 from MicrosoftDocs/main

7/28 PM Publish

Author: huypub

articles/active-directory/fundamentals/scenario-azure-first-sap-identity-integration.md

@@ -29,7 +29,7 @@ This document provides advice on the technical design and configuration of SAP p
 | [IPS](https://help.sap.com/viewer/f48e822d6d484fa5ade7dda78b64d9f5/Cloud/en-US/2d2685d469a54a56b886105a06ccdae6.html) | SAP Cloud Identity Services - Identity Provisioning Service.  IPS helps to synchronize identities between different stores / target systems.                                                           |
 | [XSUAA](https://blogs.sap.com/2019/01/07/uaa-xsuaa-platform-uaa-cfuaa-what-is-it-all-about/)                          | Extended Services for Cloud Foundry User Account and Authentication.  XSUAA is a multi-tenant OAuth authorization server within the SAP BTP.                                                                   |
 | [CF](https://www.cloudfoundry.org/)                                                                                   | Cloud Foundry. Cloud Foundry is the environment on which SAP built their multi-cloud offering for BTP (AWS, Azure, GCP, Alibaba).                                                                                      |
-| [Fiori](https://www.sap.com/products/fiori/develop.html)                                                              | The web-based user experience of SAP (as opposed to the desktop-based experience).                                                                                                                            |
+| [Fiori](https://www.sap.com/products/fiori.html)                                                              | The web-based user experience of SAP (as opposed to the desktop-based experience).                                                                                                                            |
 
 ## Overview
 
@@ -272,4 +272,4 @@ Azure AD B2C doesn't natively support the use of groups to create collections of
 
 Fortunately, Azure AD B2C is highly customizable, so you can configure the SAML tokens it sends to IAS to include any custom information. For various options on supporting authorization claims, see the documentation accompanying the [Azure AD B2C App Roles sample](https://github.com/azure-ad-b2c/api-connector-samples/tree/main/Authorization-AppRoles), but in summary: through its [API Connector](../../active-directory-b2c/api-connectors-overview.md) extensibility mechanism you can optionally still use groups, app roles, or even a custom database to determine what the user is allowed to access.
 
-Regardless of where the authorization information comes from, it can then be emitted as the `Groups` attribute inside the SAML token by configuring that attribute name as the [default partner claim type on the claims schema](../../active-directory-b2c/claimsschema.md#defaultpartnerclaimtypes) or by overriding the [partner claim type on the output claims](../../active-directory-b2c/relyingparty.md#outputclaims). Note however that BTP allows you to [map Role Collections to User Attributes](https://help.sap.com/products/BTP/65de2977205c403bbc107264b8eccf4b/b3fbb1a9232d4cf99967a0b29dd85d4c.html), which means that *any* attribute name can be used for authorization decisions, even if you don't use the `Groups` attribute name.
+Regardless of where the authorization information comes from, it can then be emitted as the `Groups` attribute inside the SAML token by configuring that attribute name as the [default partner claim type on the claims schema](../../active-directory-b2c/claimsschema.md#defaultpartnerclaimtypes) or by overriding the [partner claim type on the output claims](../../active-directory-b2c/relyingparty.md#outputclaims). Note however that BTP allows you to [map Role Collections to User Attributes](https://help.sap.com/products/BTP/65de2977205c403bbc107264b8eccf4b/b3fbb1a9232d4cf99967a0b29dd85d4c.html), which means that *any* attribute name can be used for authorization decisions, even if you don't use the `Groups` attribute name.

articles/active-directory/privileged-identity-management/azure-pim-resource-rbac.md

@@ -3,7 +3,7 @@ title: View audit report for Azure resource roles in Privileged Identity Managem
 description: View activity and audit history for Azure resource roles in Azure AD Privileged Identity Management (PIM).
 services: active-directory
 documentationcenter: ''
-author: mtillman
+author: amsliu
 manager: karenhoran
 editor: ''
 
@@ -12,7 +12,7 @@ ms.subservice: pim
 ms.topic: how-to
 ms.workload: identity
 ms.date: 06/24/2022
-ms.author: mtillman
+ms.author: amsliu
 ms.reviewer: shaunliu
 ms.collection: M365-identity-device-management
 ---

articles/active-directory/privileged-identity-management/concept-privileged-access-versus-role-assignable.md

@@ -3,15 +3,15 @@ title: What's the difference between Privileged Access groups and role-assignabl
 description: Learn how to tell the difference between Privileged Access groups and role-assignable groups in Azure AD Privileged Identity Management (PIM).
 services: active-directory
 documentationcenter: ''
-author: mtillman
+author: amsliu
 manager: karenhoran
 ms.service: active-directory
 ms.topic: how-to
 ms.tgt_pltfrm: na
 ms.workload: identity
 ms.subservice: pim
 ms.date: 06/24/2022
-ms.author: mtillman
+ms.author: amsliu
 ms.reviewer: shaunliu
 ms.custom: pim
 ms.collection: M365-identity-device-management

articles/active-directory/privileged-identity-management/groups-activate-roles.md

@@ -3,15 +3,15 @@ title: Activate privileged access group roles in PIM - Azure AD | Microsoft Docs
 description: Learn how to activate your privileged access group roles in Azure AD Privileged Identity Management (PIM).
 services: active-directory
 documentationcenter: ''
-author: mtillman
+author: amsliu
 manager: karenhoran
 ms.service: active-directory
 ms.topic: how-to
 ms.tgt_pltfrm: na
 ms.workload: identity
 ms.subservice: pim
 ms.date: 02/24/2022
-ms.author: mtillman
+ms.author: amsliu
 ms.reviewer: shaunliu
 ms.custom: pim
 ms.collection: M365-identity-device-management

articles/active-directory/privileged-identity-management/groups-approval-workflow.md

@@ -3,15 +3,15 @@ title: Approve activation requests for group members and owners in Privileged Id
 description: Learn how to approve or deny requests for role-assignable groups in Azure AD Privileged Identity Management (PIM).
 services: active-directory
 documentationcenter: ''
-author: mtillman
+author: amsliu
 manager: karenhoran
 ms.service: active-directory
 ms.topic: conceptual
 ms.tgt_pltfrm: na
 ms.workload: identity
 ms.subservice: pim
 ms.date: 06/24/2022
-ms.author: mtillman
+ms.author: amsliu
 ms.reviewer: shaunliu
 ms.custom: pim
 ms.collection: M365-identity-device-management

articles/active-directory/privileged-identity-management/groups-assign-member-owner.md

@@ -3,15 +3,15 @@ title: Assign eligible owners and members for privileged access groups - Azure A
 description: Learn how to assign eligible owners or members of a role-assignable group in Azure AD Privileged Identity Management (PIM).
 services: active-directory
 documentationcenter: ''
-author: mtillman
+author: amsliu
 manager: karenhoran
 ms.service: active-directory
 ms.topic: conceptual
 ms.tgt_pltfrm: na
 ms.workload: identity
 ms.subservice: pim
 ms.date: 06/24/2022
-ms.author: mtillman
+ms.author: amsliu
 ms.reviewer: shaunliu
 ms.custom: pim
 ms.collection: M365-identity-device-management

articles/active-directory/privileged-identity-management/groups-audit.md

@@ -3,7 +3,7 @@ title: View audit report for privileged access group assignments in Privileged I
 description: View activity and audit history for privileged access group assignments in Azure AD Privileged Identity Management (PIM).
 services: active-directory
 documentationcenter: ''
-author: mtillman
+author: amsliu
 manager: karenhoran
 editor: ''
 
@@ -12,7 +12,7 @@ ms.topic: article
 ms.workload: identity
 ms.subservice: pim
 ms.date: 06/24/2022
-ms.author: mtillman
+ms.author: amsliu
 ms.reviewer: shaunliu
 ms.collection: M365-identity-device-management
 ---

articles/active-directory/privileged-identity-management/groups-discover-groups.md

@@ -3,15 +3,15 @@ title: Identify a group to manage in Privileged Identity Management - Azure AD |
 description: Learn how to onboard role-assignable groups to manage as privileged access groups in Privileged Identity Management (PIM).
 services: active-directory
 documentationcenter: ''
-author: mtillman
+author: amsliu
 manager: karenhoran
 ms.service: active-directory
 ms.topic: how-to
 ms.tgt_pltfrm: na
 ms.workload: identity
 ms.subservice: pim
 ms.date: 06/24/2022
-ms.author: mtillman
+ms.author: amsliu
 ms.reviewer: shaunliu
 ms.collection: M365-identity-device-management
 ---

articles/active-directory/privileged-identity-management/groups-features.md

@@ -3,7 +3,7 @@ title: Managing Privileged Access groups in Privileged Identity Management (PIM)
 description: How to manage members and owners of privileged access groups in Privileged Identity Management (PIM)
 services: active-directory
 documentationcenter: ''
-author: mtillman
+author: amsliu
 manager: karenhoran
 
 ms.assetid: 
@@ -13,7 +13,7 @@ ms.topic: overview
 ms.tgt_pltfrm: na
 ms.workload: identity
 ms.date: 06/24/2022
-ms.author: mtillman
+ms.author: amsliu
 ms.custom: pim 
 ms.collection: M365-identity-device-management
 

articles/active-directory/privileged-identity-management/groups-renew-extend.md

@@ -3,7 +3,7 @@ title: Renew expired group owner or member assignments in Privileged Identity Ma
 description: Learn how to extend or renew role-assignable group assignments in Azure AD Privileged Identity Management (PIM).
 services: active-directory
 documentationcenter: ''
-author: mtillman
+author: amsliu
 manager: karenhoran
 ms.reviewer: markwahl-msft
 ms.service: active-directory
@@ -12,7 +12,7 @@ ms.tgt_pltfrm: na
 ms.topic: how-to
 ms.subservice: pim
 ms.date: 06/24/2022
-ms.author: mtillman
+ms.author: amsliu
 ms.custom: pim
 ms.collection: M365-identity-device-management
 ---