Bringing even with master.

Author: v-alje

articles/active-directory/connect/active-directory-aadconnect-version-history.md

@@ -12,7 +12,7 @@ ms.devlang: na
 ms.topic: article
 ms.tgt_pltfrm: na
 ms.workload: identity
-ms.date: 08/10/2018
+ms.date: 08/21/2018
 ms.component: hybrid
 ms.author: billmath
 
@@ -36,7 +36,7 @@ Download| [Download Azure AD Connect](http://go.microsoft.com/fwlink/?LinkId=615
 
 ### Release status
 
-7/20/2018: Released for download and auto upgrade. The auto upgrade process is still in progress.
+8/21/2018: Released for download and auto upgrade. 
 
 ### New features and improvements
 

articles/active-directory/develop/howto-get-appsource-certified.md

@@ -14,41 +14,46 @@ ms.devlang: na
 ms.topic: article
 ms.tgt_pltfrm: na
 ms.workload: identity
-ms.date: 08/03/2017
+ms.date: 08/21/2018
 ms.author: celested
 ms.reviewer: andret
 ms.custom: aaddev
 ---
 
 # How to get AppSource Certified for Azure Active Directory
+
 [Microsoft AppSource](https://appsource.microsoft.com/) is a destination for business users to discover, try, and manage line-of-business SaaS applications (standalone SaaS and add-on to existing Microsoft SaaS products).
 
-To list a standalone SaaS application on AppSource, your application must accept single sign-on from work accounts from any company or organization that has Azure Active Directory. The sign-in process must use the [OpenID Connect](v1-protocols-openid-connect-code.md) or [OAuth 2.0](v1-protocols-oauth-code.md) protocols. SAML integration is not accepted for AppSource certification.
+To list a standalone SaaS application on AppSource, your application must accept single sign-on from work accounts from any company or organization that has Azure Active Directory (Azure AD). The sign-in process must use the [OpenID Connect](v1-protocols-openid-connect-code.md) or [OAuth 2.0](v1-protocols-oauth-code.md) protocols. SAML integration is not accepted for AppSource certification.
 
 ## Guides and code samples
-If you want to learn about how to integrate your application with Azure Active Directory using Open ID connect, follow our guides and code samples in the [Azure Active Directory developer's guide](azure-ad-developers-guide.md#get-started "Get Started with Azure AD for developers").
+
+If you want to learn about how to integrate your application with Azure AD using Open ID connect, follow our guides and code samples in the [Azure Active Directory developer's guide](azure-ad-developers-guide.md#get-started "Get Started with Azure AD for developers").
 
 ## Multi-tenant applications
 
-An application that accepts sign-ins from users from any company or organization that have Azure Active Directory without requiring a separate instance, configuration, or deployment is known as a *multi-tenant application*. AppSource recommends that applications implement multi-tenancy to enable the *single-click* free trial experience.
+A *multi-tenant application* is an application that accepts sign-ins from users from any company or organization that have Azure AD without requiring a separate instance, configuration, or deployment. AppSource recommends that applications implement multi-tenancy to enable the *single-click* free trial experience.
 
-In order to enable multi-tenancy on your application:
-- Set `Multi-Tenanted` property to `Yes` on your application registration's information in the [Azure Portal](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps) (by default, applications created in the Azure Portal are configured as *single-tenant*)
-- Update your code to send requests to the '`common`' endpoint (update the endpoint from *https://login.microsoftonline.com/{yourtenant}* to *https://login.microsoftonline.com/common*)
-- For some platforms, like ASP.NET, you need also to update your code to accept multiple issuers
+To enable multi-tenancy on your application, follow these steps:
+1. Set `Multi-Tenanted` property to `Yes` on your application registration's information in the [Azure portal](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps). By default, applications created in the Azure portal are configured as *[single-tenant](#single-tenant-applications)*.
+1. Update your code to send requests to the `common` endpoint. To do this, update the endpoint from `https://login.microsoftonline.com/{yourtenant}` to `https://login.microsoftonline.com/common*`.
+1. For some platforms, like ASP .NET, you need also to update your code to accept multiple issuers.
 
-For more information about multi-tenancy, see: [How to sign in any Azure Active Directory (AD) user using the multi-tenant application pattern](howto-convert-app-to-be-multi-tenant.md).
+For more information about multi-tenancy, see [How to sign in any Azure Active Directory (Azure AD) user using the multi-tenant application pattern](howto-convert-app-to-be-multi-tenant.md).
 
 ### Single-tenant applications
-Applications that only accept sign-ins from users of a defined Azure Active Directory instance are known as *single-tenant application*. External users (including Work or School accounts from other organizations, or personal account) can sign in to a single-tenant application after adding each user as *guest account* to the Azure Active Directory instance that the application is registered. You can add users as guest accounts to an Azure Active Directory via the [*Azure AD B2B collaboration*](../b2b/what-is-b2b.md) - and it can be done [programatically](../../active-directory-b2c/code-samples.md). When you add a user as guest account to an Azure Active Directory, an invitation email is sent to the user, who has to accept the invitation by clicking on the link in the invitation email. Invitations that are sent to an additional user in an inviting organization that is also a member of the partner organization are not required to accept an invitation to sign in.
 
-Single-tenant applications can enable the *Contact Me* experience, but if you want to enable the single-click/ free trial experience that AppSource recommends, enable multi-tenancy on your application instead.
+A *single-tenant application* is an application that only accepts sign-ins from users of a defined Azure AD instance. External users (including work or school accounts from other organizations, or personal accounts) can sign in to a single-tenant application after adding each user as a guest account to the Azure AD instance that the application is registered. 
 
+You can add users as guest accounts to Azure AD through the [Azure AD B2B collaboration](../b2b/what-is-b2b.md) and you can do this [programatically](../../active-directory-b2c/code-samples.md). When using B2B, users can create a self-service portal that does not require an invitation to sign in. For more info, see [Self-service portal for Azure AD B2B collaboration sign-up](https://docs.microsoft.com/azure/active-directory/b2b/self-service-portal).
+
+Single-tenant applications can enable the *Contact Me* experience, but if you want to enable the single-click/free trial experience that AppSource recommends, enable multi-tenancy on your application instead.
 
 ## AppSource trial experiences
 
-### Free Trial (Customer-led trial experience) 
-The *customer-led trial* is the experience that AppSource recommends as it offers a single-click access to your application. Below an illustration of how this experience looks like:<br/><br/>
+### Free trial (customer-led trial experience) 
+
+The customer-led trial is the experience that AppSource recommends as it offers a single-click access to your application. Below an illustration of how this experience looks like:<br/><br/>
 
 <table >
 <tr>
@@ -63,8 +68,9 @@ The *customer-led trial* is the experience that AppSource recommends as it offer
 </tr>
 </table>
 
-### Contact Me (Partner-led trial experience)
-The *partner trial experience* can be used when a manual or a long-term operation needs to happen to provision the user/ company: for example, your application needs to provision virtual machines, database instances, or operations that take much time to complete. In this case, after user selects the *'Request Trial'* button and fills out a form, AppSource sends you the user's contact information. Upon receiving this information, you then provision the environment and send the instructions to the user on how to access the trial experience:<br/><br/>
+### Contact me (partner-led trial experience)
+
+You can use the partner trial experience when a manual or a long-term operation needs to happen to provision the user/company--for example, your application needs to provision virtual machines, database instances, or operations that take much time to complete. In this case, after the user selects the **Request Trial** button and fills out a form, AppSource sends you the user's contact information. When you receive this information, you then provision the environment and send the instructions to the user on how to access the trial experience:<br/><br/>
 
 <table valign="top">
 <tr>
@@ -97,17 +103,18 @@ The *partner trial experience* can be used when a manual or a long-term operatio
 </table>
 
 ### More information
+
 For more information about the AppSource trial experience, see [this video](https://aka.ms/trialexperienceforwebapps). 
 
 ## Next Steps
 
-- For more information on building applications that support Azure Active Directory sign-ins, see [Authentication Scenarios for Azure AD](https://docs.microsoft.com/azure/active-directory/develop/active-directory-authentication-scenarios) 
-
+- For more information on building applications that support Azure AD sign-ins, see [Authentication scenarios for Azure AD](https://docs.microsoft.com/azure/active-directory/develop/authentication-scenarios).
 - For information on how to list your SaaS application in AppSource, go see [AppSource Partner Information](https://appsource.microsoft.com/partners)
 
 
-## Get Support
-For Azure Active Directory integration, we use [Stack Overflow](http://stackoverflow.com/questions/tagged/azure-active-directory+appsource) with the community to provide support. 
+## Get support
+
+For Azure AD integration, we use [Stack Overflow](http://stackoverflow.com/questions/tagged/azure-active-directory+appsource) with the community to provide support. 
 
 We highly recommend you ask your questions on Stack Overflow first and browse existing issues to see if someone has asked your question before. Make sure that your questions or comments are tagged with [`[azure-active-directory]` and `[appsource]`](http://stackoverflow.com/questions/tagged/azure-active-directory+appsource).
 
@@ -121,4 +128,4 @@ Use the following comments section to provide feedback and help us refine and sh
 [AAD-QuickStart-Web-Apps]: azure-ad-developers-guide.md#get-started
 
 
-<!--Image references-->
+<!--Image references-->

articles/active-directory/develop/quickstart-v1-openid-connect-code.md

@@ -404,7 +404,7 @@ Finally, build and run your app. Run `node app.js`, and then go to `http://local
 
 Sign in with either a personal Microsoft account or a work or school account, and notice how the user's identity is reflected in the /account list. You now have a web app that's secured with industry standard protocols that can authenticate users with both their personal and work/school accounts.
 
-For reference, the completed sample (without your configuration values) [is provided as a .zip file](https://github.com/AzureADQuickStarts/WebApp-OpenIDConnect-NodeJS/archive/complete.zip). Alternatively, you can clone it from GitHub:
+For reference, the completed sample (without your configuration values) [is provided as a .zip file](https://github.com/AzureADQuickStarts/WebApp-OpenIDConnect-NodeJS/archive/master.zip). Alternatively, you can clone it from GitHub:
 
 ```git clone --branch master https://github.com/AzureADQuickStarts/WebApp-OpenIDConnect-NodeJS.git```
 

articles/active-directory/fundamentals/active-directory-get-started-premium.md

@@ -39,9 +39,9 @@ You can get started with Azure AD via EMS licenses using one of the following li
 - Purchase [Enterprise Mobility + Security E3 licenses](https://signup.microsoft.com/Signup?OfferId=4BBA281F-95E8-4136-8B0F-037D6062F54C&ali=1)
 
 ### Microsoft volume licensing
-Azure Active Directory Premium is available through a [Microsoft Enterprise Agreement](https://www.microsoft.com/licensing/licensing-programs/enterprise.aspx) (250 or more licenses) or the [Open Volume License](https://www.microsoft.com/licensing/licensing-programs/open-license.aspx) (5–250 licenses) program.
+Azure Active Directory Premium is available through a [Microsoft Enterprise Agreement](https://www.microsoft.com/en-us/licensing/licensing-programs/enterprise.aspx) (250 or more licenses) or the [Open Volume License](https://www.microsoft.com/en-us/licensing/licensing-programs/open-license.aspx) (5–250 licenses) program.
 
-You can learn more about volume licensing purchase options on the [How to purchase through Volume Licensing](https://www.microsoft.com/Licensing/how-to-buy/how-to-buy.aspx) page.
+You can learn more about volume licensing purchase options on the [How to purchase through Volume Licensing](https://www.microsoft.com/en-us/licensing/how-to-buy/how-to-buy.aspx) page.
 
 > [!NOTE]
 > Azure Active Directory Premium and Basic editions are available for customers in China using the worldwide instance of Azure Active Directory. Azure Active Directory Premium and Basic editions are not currently supported in the Microsoft Azure service operated by 21Vianet in China. For more information, contact us at the [Azure Active Directory Forum](https://feedback.azure.com/forums/169401-azure-active-directory/).
@@ -92,4 +92,4 @@ In this quickstart, you’ve learned how to sign up for Azure AD Premium and act
 If you already have an Azure subscription, you can use the following link to start a trial or purchase Azure AD Premium licenses from the Azure portal.
 
 > [!div class="nextstepaction"]
-> [Activate Azure AD Premium licenses](https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/TryBuyProductBlade)
+> [Activate Azure AD Premium licenses](https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/TryBuyProductBlade)

articles/active-directory/manage-apps/application-proxy-publish-azure-portal.md

@@ -2,19 +2,15 @@
 title: Publish apps with Azure AD Application Proxy | Microsoft Docs
 description: Publish on-premises applications to the cloud with Azure AD Application Proxy in the Azure portal.
 services: active-directory
-documentationcenter: ''
 author: barbkess
 manager: mtillman
-
 ms.service: active-directory
 ms.component: app-mgmt
 ms.workload: identity
-ms.tgt_pltfrm: na
-ms.devlang: na
 ms.topic: conceptual
-ms.date: 05/24/2018
+ms.date: 08/20/2018
 ms.author: barbkess
-ms.reviewer: harshja
+ms.reviewer: japere
 ms.custom: it-pro
 ---
 
@@ -69,6 +65,7 @@ Follow these steps to publish your apps with Application Proxy. If you haven't a
    ![Configure your application](./media/application-proxy-publish-azure-portal/configure-app.png)
 5. If necessary, configure additional settings. For most applications, you should keep these settings in their default states. 
    - **Backend Application Timeout**: Set this value to **Long** only if your application is slow to authenticate and connect. 
+   - **Use HTTP-Only Cookie**: Set this value to **Yes** to have Application Proxy cookies include the HTTPOnly flag in the HTTP response header.
    - **Translate URLs in Headers**: Keep this value as **Yes** unless your application required the original host header in the authentication request.
    - **Translate URLs in Application Body**: Keep this value as **No** unless you have hardcoded HTML links to other on-premises applications, and don't use custom domains. For more information, see [Link translation with Application Proxy](application-proxy-configure-hard-coded-link-translation.md).
 

articles/active-directory/saas-apps/fieldglass-tutorial.md

@@ -118,7 +118,7 @@ In this section, you enable Azure AD single sign-on in the Azure portal and conf
 	| `https://<company name>.fgvms.com/<company name>`|
 
 	> [!NOTE] 
-	> These values are not real. Update these values with the actual Identifier and Reply URL. Contact [Fieldglass support team](http://www.fieldglass.com/solutions/support) to get these values.
+	> These values are not real. Update these values with the actual Identifier and Reply URL. Contact [Fieldglass support team](https://www.fieldglass.com/customer-support) to get these values.
 
 1. On the **SAML Signing Certificate** section, click **Certificate(Base64)** and then save the certificate file on your computer.
 
@@ -132,7 +132,7 @@ In this section, you enable Azure AD single sign-on in the Azure portal and conf
 
 	![Configure Single Sign-On](./media/fieldglass-tutorial/tutorial_fieldglass_configure.png) 
 
-1. To configure single sign-on on **Fieldglass** side, you need to send the downloaded **Certificate(Base64)** and **Sign-Out URL, SAML Entity ID** to [Fieldglass support team](http://www.fieldglass.com/solutions/support). They set this setting to have the SAML SSO connection set properly on both sides.
+1. To configure single sign-on on **Fieldglass** side, you need to send the downloaded **Certificate(Base64)** and **Sign-Out URL, SAML Entity ID** to [Fieldglass support team](https://www.fieldglass.com/customer-support). They set this setting to have the SAML SSO connection set properly on both sides.
 
 > [!TIP]
 > You can now read a concise version of these instructions inside the [Azure portal](https://portal.azure.com), while you are setting up the app!  After adding this app from the **Active Directory > Enterprise Applications** section, simply click the **Single Sign-On** tab and access the embedded documentation through the **Configuration** section at the bottom. You can read more about the embedded documentation feature here: [Azure AD embedded documentation]( https://go.microsoft.com/fwlink/?linkid=845985)
@@ -170,7 +170,7 @@ The objective of this section is to create a test user in the Azure portal calle
 
 ### Creating a Fieldglass test user
 
-The objective of this section is to create a user called Britta Simon in FieldGlass. Please work with your [Fieldglass support team](http://www.fieldglass.com/solutions/support) to add the users in the Fieldglass account.
+The objective of this section is to create a user called Britta Simon in FieldGlass. Please work with your [Fieldglass support team](https://www.fieldglass.com/customer-support) to add the users in the Fieldglass account.
 
 ### Assigning the Azure AD test user