Merge branch 'main' into eur/voices-locales

Author: eric-urban

.openpublishing.redirection.json

@@ -24142,10 +24142,29 @@
           "source_path": "articles/azure-cache-for-redis/cache-how-to-functions.md",
           "redirect_url": "/azure/azure-functions/functions-bindings-cache",
           "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/external-identities/customers/how-to-single-page-app-vanillajs-configure-authentication.md",
+            "redirect_url": "/azure/active-directory/external-identities/customers/tutorial-single-page-app-vanillajs-configure-authentication",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/external-identities/customers/how-to-single-page-app-vanillajs-prepare-app.md",
+            "redirect_url": "/azure/active-directory/external-identities/customers/tutorial-single-page-app-vanillajs-prepare-app",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/external-identities/customers/how-to-single-page-app-vanillajs-prepare-tenant.md",
+            "redirect_url": "/azure/active-directory/external-identities/customers/tutorial-single-page-app-vanillajs-prepare-tenant",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/external-identities/customers/how-to-single-page-app-vanillajs-sign-in-sign-out.md",
+            "redirect_url": "/azure/active-directory/external-identities/customers/tutorial-single-page-app-vanillajs-sign-in-sign-out",
+            "redirect_document_id": false
         }
 
 
-
 
     ]
 }

articles/active-directory/architecture/architecture-icons.md

@@ -0,0 +1,56 @@
+---
+title: Microsoft Entra architecture icons
+description: Learn about the official collection of Microsoft Entra icons that you can use in architectural diagrams, training materials, or documentation.
+author: CelesteDG
+manager: CelesteDG
+ms.service: active-directory
+ms.subservice: fundamentals
+ms.topic: conceptual
+ms.date: 08/15/2023
+ms.author: celested
+ms.reviewer: nicholepet
+
+# Customer intent: As a new or existing customer, I want to learn how I can use the official Microsoft Entra icons in architectural diagrams, training materials, or documentation.
+---
+
+# Microsoft Entra architecture icons
+
+Helping our customers design and architect new solutions is core to the Microsoft Entra mission. Architecture diagrams can help communicate design decisions and the relationships between components of a given workload. This article provides information about the official collection of Microsoft Entra icons that you can use in architectural diagrams, training materials, or documentation.
+
+## General guidelines
+
+### Do's
+
+- Use the icon to illustrate how products can work together.
+- In diagrams, we recommend including the product name somewhere close to the icon.
+
+### Don'ts
+
+- Don't crop, flip, or rotate icons.
+- Don't distort or change the icon shape in any way.
+- Don't use Microsoft product icons to represent your product or service.
+- Don't use Microsoft product icons in marketing communications.
+
+## Icon updates
+
+| Month | Change description |
+|-------|--------------------|
+| August 2023 | Added a downloadable package that contains the Microsoft Entra architecture icons, branding playbook (which contains guidelines about the Microsoft Security visual identity), and terms of use. |
+
+## Icon terms
+
+Microsoft permits the use of these icons in architectural diagrams, training materials, or documentation. You may copy, distribute, and display the icons only for the permitted use unless granted explicit permission by Microsoft. Microsoft reserves all other rights.
+
+<div id="consent-checkbox">
+I agree to the above terms.
+</div>
+
+ > [!div class="button"]
+ > [Download icons](https://download.microsoft.com/download/a/4/2/a4289cad-4eaf-4580-87fd-ce999a601516/Microsoft-Entra-architecture-icons.zip?wt.mc_id=microsoftentraicons_downloadmicrosoftentraicons_content_cnl_csasci)
+
+## More icon sets from Microsoft
+
+- [Azure architecture icons](/azure/architecture/icons)
+- [Microsoft 365 architecture icons and templates](/microsoft-365/solutions/architecture-icons-templates)
+- [Dynamics 365 icons](/dynamics365/get-started/icons)
+- [Microsoft Power Platform icons](/power-platform/guidance/icons)

articles/active-directory/architecture/toc.yml

@@ -7,6 +7,8 @@ items:
     items:
     - name: Azure AD architecture
       href: architecture.md
+    - name: Microsoft Entra architecture icons
+      href: architecture-icons.md
     - name: Road to the cloud
       items:
       - name: Introduction

articles/active-directory/authentication/concept-authentication-default-enablement.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 06/22/2023
+ms.date: 08/16/2023
 
 ms.author: justinha
 author: mjsantani
@@ -58,6 +58,7 @@ The following table lists each setting that can be set to Microsoft managed and
 | [Application name in Microsoft Authenticator notifications](how-to-mfa-additional-context.md)   | Disabled      |
 | [System-preferred MFA](concept-system-preferred-multifactor-authentication.md)                  | Enabled       |
 | [Authenticator Lite](how-to-mfa-authenticator-lite.md)                                          | Enabled       |  
+| [Report suspicious activity](howto-mfa-mfasettings.md#report-suspicious-activity)                  | Disabled      |
 
 As threat vectors change, Azure AD may announce default protection for a **Microsoft managed** setting in [release notes](../fundamentals/whats-new.md) and on commonly read forums like [Tech Community](https://techcommunity.microsoft.com/). For example, see our blog post [It's Time to Hang Up on Phone Transports for Authentication](https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/it-s-time-to-hang-up-on-phone-transports-for-authentication/ba-p/1751752) for more information about the need to move away from using SMS and voice calls, which led to default enablement for the registration campaign to help users to set up Authenticator for modern authentication.
 

articles/active-directory/authentication/howto-mfa-mfasettings.md

@@ -6,12 +6,12 @@ services: multi-factor-authentication
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 07/17/2023
+ms.date: 08/16/2023
 
 ms.author: justinha
 author: justinha
 manager: amycolannino
-ms.reviewer: michmcla
+ms.reviewer: jupetter
 
 ms.collection: M365-identity-device-management
 ms.custom: contperf-fy20q4
@@ -87,11 +87,16 @@ To unblock a user, complete the following steps:
 
 Users who report an MFA prompt as suspicious are set to **High User Risk**. Administrators can use risk-based policies to limit access for these users, or enable self-service password reset (SSPR) for users to remediate problems on their own. If you previously used the **Fraud Alert** automatic blocking feature and don't have an Azure AD P2 license for risk-based policies, you can use risk detection events to identify and disable impacted users and automatically prevent their sign-in. For more information about using risk-based policies, see [Risk-based access policies](../identity-protection/concept-identity-protection-policies.md).  
 
-To enable **Report suspicious activity** from the Authentication Methods Settings:   
+To enable **Report suspicious activity** from the Authentication methods **Settings**:   
 
 1. In the Azure portal, click **Azure Active Directory** > **Security** > **Authentication Methods** > **Settings**. 
-1. Set **Report suspicious activity** to **Enabled**. 
+1. Set **Report suspicious activity** to **Enabled**. The feature remains disabled if you choose **Microsoft managed**. For more information about Microsoft managed values, see [Protecting authentication methods in Azure Active Directory](concept-authentication-default-enablement.md).
 1. Select **All users** or a specific group. 
+1. Select a **Reporting code**.
+1. Click **Save**. 
+
+>[!NOTE]
+>If you enable **Report suspicious activity** and specify a custom voice reporting value while the tenant still has **Fraud Alert** enabled in parallel with a custom voice reporting number configured, the **Report suspicious activity** value will be used instead of **Fraud Alert**.
 
 ### View suspicious activity events 
 

articles/active-directory/develop/howto-create-self-signed-certificate.md

@@ -46,7 +46,7 @@ To customize the start and expiry date and other properties of the certificate,
 
 Use the certificate you create using this method to authenticate from an application running from your machine. For example, authenticate from Windows PowerShell.
 
-In an elevated PowerShell prompt, run the following command and leave the PowerShell console session open. Replace `{certificateName}` with the name that you wish to give to your certificate.
+In a PowerShell prompt, run the following command and leave the PowerShell console session open. Replace `{certificateName}` with the name that you wish to give to your certificate.
 
 ```powershell
 $certname = "{certificateName}"    ## Replace {certificateName}

articles/active-directory/develop/identity-videos.md

@@ -175,12 +175,12 @@ ___
 
 
 <!-- IMAGES -->
-[auth-fund-01-img]: ./media/identity-videos/aad-auth-fund-01.jpg
-[auth-fund-02-img]: ./media/identity-videos/aad-auth-fund-02.jpg
-[auth-fund-03-img]: ./media/identity-videos/aad-auth-fund-03.jpg
-[auth-fund-04-img]: ./media/identity-videos/aad-auth-fund-04.jpg
-[auth-fund-05-img]: ./media/identity-videos/aad-auth-fund-05.jpg
-[auth-fund-06-img]: ./media/identity-videos/aad-auth-fund-06.jpg
+[auth-fund-01-img]: ./media/identity-videos/auth-fund-01.jpg
+[auth-fund-02-img]: ./media/identity-videos/auth-fund-02.jpg
+[auth-fund-03-img]: ./media/identity-videos/auth-fund-03.jpg
+[auth-fund-04-img]: ./media/identity-videos/auth-fund-04.jpg
+[auth-fund-05-img]: ./media/identity-videos/auth-fund-05.jpg
+[auth-fund-06-img]: ./media/identity-videos/auth-fund-06.jpg
 
 <!-- VIDEOS -->
 [auth-fund-01-vid]: https://www.youtube.com/watch?v=fbSVgC8nGz4&list=PLLasX02E8BPD5vC2XHS_oHaMVmaeHHPLy&index=1

articles/active-directory/develop/mark-app-as-publisher-verified.md

@@ -1,58 +1,58 @@
 ---
 title: Mark an app as publisher verified
-description: Describes how to mark an app as publisher verified. When an application is marked as publisher verified, it means that the publisher (application developer) has verified the authenticity of their organization using a Microsoft Partner Network (MPN) account that has completed the verification process and has associated this MPN account with that application registration.
+description: Describes how to mark an app as publisher verified. When an application is marked as publisher verified, it means that the publisher (application developer) has verified the authenticity of their organization using a Cloud Partner Program (CPP) account that has completed the verification process and has associated this CPP account with that application registration.
 services: active-directory
 author: rwike77
 manager: CelesteDG
 ms.service: active-directory
 ms.subservice: develop
 ms.topic: how-to
 ms.workload: identity
-ms.date: 03/16/2023
+ms.date: 08/17/2023
 ms.author: ryanwi
 ms.custom: aaddev
 ms.reviewer: xurobert
 ---
 
 # Mark your app as publisher verified
 
-When an app registration has a verified publisher, it means that the publisher of the app has [verified](/partner-center/verification-responses) their identity using their Microsoft Partner Network (MPN) account and has associated this MPN account with their app registration. This article describes how to complete the [publisher verification](publisher-verification-overview.md) process.
+When an app registration has a verified publisher, it means that the publisher of the app has [verified](/partner-center/verification-responses) their identity using their Cloud Partner Program (CPP) account and has associated this CPP account with their app registration. This article describes how to complete the [publisher verification](publisher-verification-overview.md) process.
 
 ## Quickstart
-If you are already enrolled in the Microsoft Partner Network (MPN) and have met the [pre-requisites](publisher-verification-overview.md#requirements), you can get started right away: 
+If you are already enrolled in the [Cloud Partner Program (CPP)](/partner-center/intro-to-cloud-partner-program-membership) and have met the [pre-requisites](publisher-verification-overview.md#requirements), you can get started right away: 
 
 1. Sign into the [App Registration portal](https://aka.ms/PublisherVerificationPreview) using [multi-factor authentication](../fundamentals/concept-fundamentals-mfa-get-started.md)
 
 1. Choose an app and click **Branding & properties**. 
 
-1. Click **Add MPN ID to verify publisher** and review the listed requirements.
+1. Click **Add Partner One ID to verify publisher** and review the listed requirements.
 
-1. Enter your MPN ID and click **Verify and save**.
+1. Enter your Partner One ID and click **Verify and save**.
 
 For more details on specific benefits, requirements, and frequently asked questions see the [overview](publisher-verification-overview.md).
 
 ## Mark your app as publisher verified
 Make sure you meet the [pre-requisites](publisher-verification-overview.md#requirements), then follow these steps to mark your app(s) as Publisher Verified.  
 
-1. Sign in using [multi-factor authentication](../fundamentals/concept-fundamentals-mfa-get-started.md) to an organizational (Azure AD) account authorized to make changes to the app you want to mark as Publisher Verified and on the MPN Account in Partner Center.
+1. Sign in using [multi-factor authentication](../fundamentals/concept-fundamentals-mfa-get-started.md) to an organizational (Azure AD) account authorized to make changes to the app you want to mark as Publisher Verified and on the CPP Account in Partner Center.
 
     - The Azure AD user must have one of the following [roles](../roles/permissions-reference.md): Application Admin, Cloud Application Admin, or Global Administrator. 
 
-    - The user in Partner Center must have the following [roles](/partner-center/permissions-overview): MPN Admin, Accounts Admin, or a Global Administrator (a shared role mastered in Azure AD). 
+    - The user in Partner Center must have the following [roles](/partner-center/permissions-overview): CPP Admin, Accounts Admin, or a Global Administrator (a shared role mastered in Azure AD). 
 
 1. Navigate to the **App registrations** blade:  
 
 1. Click on an app you would like to mark as Publisher Verified and open the **Branding & properties** blade. 
 
 1. Ensure the app’s [publisher domain](howto-configure-publisher-domain.md) is set. 
 
-1. Ensure that either the publisher domain or a DNS-verified [custom domain](../fundamentals/add-custom-domain.md) on the tenant matches the domain of the email address used during the verification process for your MPN account.
+1. Ensure that either the publisher domain or a DNS-verified [custom domain](../fundamentals/add-custom-domain.md) on the tenant matches the domain of the email address used during the verification process for your CPP account.
 
-1. Click **Add MPN ID to verify publisher** near the bottom of the page. 
+1. Click **Add Partner One ID to verify publisher** near the bottom of the page. 
 
-1. Enter the **MPN ID** for: 
+1. Enter the **Partner One ID** for: 
 
-    - A valid Microsoft Partner Network account that has completed the verification process.  
+    - A valid Cloud Partner Program account that has completed the verification process.  
 
     - The Partner global account (PGA) for your organization.