Merge branch 'main' into release-preview-aml-cli-v2-refresh

Author: v-alje

.openpublishing.redirection.azure-sql.json

@@ -190,6 +190,16 @@
             "redirect_url": "/azure/azure-sql/managed-instance/job-automation-managed-instance",
             "redirect_document_id": true
         },   
+        {
+            "source_path_from_root": "/articles/azure-sql/managed-instance/link-feature.md",
+            "redirect_url": "/azure/azure-sql/managed-instance/managed-instance-link-feature-overview",
+            "redirect_document_id": true
+        },
+        {
+            "source_path_from_root": "/articles/azure-sql/managed-instance/link-feature-best-practices.md",
+            "redirect_url": "/azure/azure-sql/managed-instance/managed-instance-link-best-practices",
+            "redirect_document_id": true
+        }, 
         {
             "source_path_from_root": "/articles/azure-sql/database/service-tiers-general-purpose-business-critical.md",
             "redirect_url": "/azure/azure-sql/database/service-tiers-vcore",

.openpublishing.redirection.media-services.json

@@ -628,12 +628,12 @@
           {
             "source_path_from_root": "/articles/media-services/latest/asset-create-asset-upload-portal-quickstart.md",
             "redirect_url": "/azure/media-services/latest/video-on-demand-simple-portal-quickstart",
-            "redirect_document_id": true
+            "redirect_document_id": false
           },
           {
             "source_path_from_root": "/articles/media-services/latest/architecture-design-multi-drm-system.md",
             "redirect_url": "/azure/media-services/latest/drm-content-protection-concept",
-            "redirect_document_id": true
+            "redirect_document_id": false
           },
           {
             "source_path_from_root": "/articles/media-services/latest/job-create-cli-how-to.md",
@@ -644,7 +644,7 @@
             "source_path_from_root": "/articles/media-services/latest/transform-subclip-video-dotnet-how-to.md",
             "redirect_url": "/azure/media-services/latest/transform-subclip-video-how-to",
             "redirect_document_id": false
-          }, 
+          },
           {
             "source_path_from_root": "/articles/media-services/latest/transform-subclip-video-rest-how-to.md",
             "redirect_url": "/azure/media-services/latest/transform-subclip-video-how-to",
@@ -659,12 +659,12 @@
             "source_path_from_root": "/articles/media-services/latest/transform-generate-thumbnails-dotnet-how-to.md",
             "redirect_url": "/azure/media-services/latest/transform-generate-thumbnails-how-to",
             "redirect_document_id": false
-          },   
+          },
           {
             "source_path_from_root": "/articles/media-services/latest/crop-howto.md",
             "redirect_url": "/azure/media-services/latest/transform-crop-how-to",
             "redirect_document_id": false
-          },  
+          },
           {
             "source_path_from_root": "/articles/media-services/latest/transform-custom-preset-cli-how-to.md",
             "redirect_url": "/azure/media-services/latest/transform-custom-transform-how-to",
@@ -694,6 +694,6 @@
           "source_path_from_root": "/articles/media-services/video-indexer/upload-index-video.md",
           "redirect_url": "/azure/azure-video-analyzer/video-analyzer-for-media-docs/upload-index-video",
           "redirect_document_id": false
-        }        
+        }
     ]
 }

CODEOWNERS

@@ -5,9 +5,9 @@
 # NOTE: The people you choose as code owners must have _write_ permissions for the repository. When the code owner is a team, that team must be _visible_ and it must have _write_ permissions, even if all the individual members of the team already have write permissions directly, through organization membership, or through another team membership.
 
 # Azure Policy: Samples and Compliance Controls
-/articles/**/policy-reference.md @DCtheGeek
-/articles/**/security-controls-policy.md @DCtheGeek
-/includes/policy/ @DCtheGeek
+/articles/**/policy-reference.md @timwarner
+/articles/**/security-controls-policy.md @timwarner
+/includes/policy/ @timwarner
 
 # Azure Monitor
 articles/azure-monitor/* @bwren
@@ -57,7 +57,7 @@ articles/service-health @rboucher
 /articles/container-registry/ @dlepow @mimckitt
 
 # Governance
-/articles/governance/ @DCtheGeek
+/articles/governance/ @timwarner
 
 # Security
 /articles/security/fundamentals/feature-availability.md @msmbaldwin @terrylanfear

articles/active-directory-b2c/TOC.yml

@@ -357,6 +357,8 @@
           href: partner-typingdna.md
         - name: WhoIAM
           href: partner-whoiam.md
+        - name: xID
+          href: partner-xid.md
     - name: Set up direct sign-in
       href: direct-signin.md
   - name: Tokens and session management

articles/active-directory-b2c/media/partner-gallery/xid-logo.png

@@ -92,9 +92,7 @@ The following architecture diagram shows the implementation.
 
 [Contact eID-Me](https://bluink.ca/contact) and configure a test or production environment to set up Azure AD B2C tenants as a Relying Party. Tenants must determine what identity claims they'll need from their consumers as they sign up using eID-Me.
 
-## Integrate eID-Me with Azure AD B2C
-
-### Step 1 - Configure an application in eID-Me
+## Step 1: Configure an application in eID-Me
 
 To configure your tenant application as a Relying Party in eID-Me the following information should be supplied to eID-Me:
 
@@ -114,7 +112,7 @@ eID-Me will provide a Client ID and a Client Secret once the Relying Party has b
 
 ::: zone pivot="b2c-user-flow"
 
-### Step 2 - Add a new Identity provider in Azure AD B2C
+## Step 2: Add a new Identity provider in Azure AD B2C
 
 1. Sign in to the [Azure portal](https://portal.azure.com/#home) as the global administrator of your Azure AD B2C tenant.
 
@@ -128,7 +126,7 @@ eID-Me will provide a Client ID and a Client Secret once the Relying Party has b
 
 6. Select **Add**.
 
-### Step 3 - Configure an Identity provider
+## Step 3: Configure an Identity provider
 
 To configure an identity provider, follow these steps:
 
@@ -161,11 +159,11 @@ To configure an identity provider, follow these steps:
 
 6. Select **Save** to complete the setup for your new OIDC Identity provider.
 
-### Step 4 - Configure multi-factor authentication
+## Step 4: Configure multi-factor authentication
 
 eID-Me is a decentralized digital identity with strong two-factor user authentication built in. Since eID-Me is already a multi-factor authenticator, you don't need to configure any multi-factor authentication settings in your user flows when using eID-Me. eID-Me offers a fast and simple user experience, which also eliminates the need for any additional passwords.
 
-### Step 5 - Create a user flow policy
+## Step 5: Create a user flow policy
 
 You should now see eID-Me as a new OIDC Identity provider listed within your B2C identity providers.  
 
@@ -206,7 +204,7 @@ For additional information, review the following articles:
 >[!NOTE]
 >In Azure AD B2C, [**custom policies**](./user-flow-overview.md) are designed primarily to address complex scenarios. For most scenarios, we recommend that you use built-in [**user flows**](./user-flow-overview.md).
 
-### Step 2 - Create a policy key
+## Step 2: Create a policy key
 
 Store the client secret that you previously recorded in your Azure AD B2C tenant.
 
@@ -232,7 +230,7 @@ Store the client secret that you previously recorded in your Azure AD B2C tenant
 
 11. Select **Create**.
 
-### Step 3- Configure eID-Me as an Identity provider
+## Step 3: Configure eID-Me as an Identity provider
 
 To enable users to sign in using eID-Me decentralized identity, you need to define eID-Me as a claims provider that Azure AD B2C can communicate with through an endpoint. The endpoint provides a set of claims that are used by Azure AD B2C to verify a specific user has authenticated using digital ID available on their device, proving the user’s identity.
 
@@ -430,7 +428,7 @@ There are additional identity claims that eID-Me supports and can be added.
 
    ```
 
-### Step 4 - Add a user journey
+## Step 4: Add a user journey
 
 At this point, the identity provider has been set up, but it's not yet available in any of the sign-in pages. If you don't have your own custom user journey, create a duplicate of an existing template user journey, otherwise continue to the next step.  
 
@@ -444,7 +442,7 @@ At this point, the identity provider has been set up, but it's not yet available
 
 5. Rename the ID of the user journey. For example,  ID=`CustomSignUpSignIn`
 
-### Step 5 - Add the identity provider to a user journey
+## Step 5: Add the identity provider to a user journey
 
 Now that you have a user journey, add the new identity provider to the user journey. 
 
@@ -533,7 +531,7 @@ Now that you have a user journey, add the new identity provider to the user jour
 
    ```
 
-### Step 6 - Configure the relying party policy
+## Step 6: Configure the relying party policy
 
 The relying party policy specifies the user journey which Azure AD B2C will execute. You can also control what claims are passed to your application by adjusting the **OutputClaims** element of the **eID-Me-OIDC-Signup** TechnicalProfile element. In this sample, the application will receive the user’s postal code, locality, region, IAL, portrait, middle name, and birth date. It also receives the boolean **signupConditionsSatisfied** claim, which indicates whether an account has been created or not:
 
@@ -566,7 +564,7 @@ The relying party policy specifies the user journey which Azure AD B2C will exec
 
    ```
 
-### Step 7 - Upload the custom policy
+## Step 7: Upload the custom policy
 
 1. Sign in to the [Azure portal](https://portal.azure.com/#home).
 
@@ -579,7 +577,7 @@ The relying party policy specifies the user journey which Azure AD B2C will exec
 5. Under Policies, select **Identity Experience Framework**.
 Select **Upload Custom Policy**, and then upload the two policy files that you changed, in the following order: the extension policy, for example `TrustFrameworkBase.xml`, then the relying party policy, such as `SignUp.xml`.
 
-### Step 8 - Test your custom policy
+## Step 8: Test your custom policy
 
 1. Select your relying party policy, for example `B2C_1A_signup`.
 

articles/active-directory-b2c/media/partner-xid/partner-xid-architecture-diagram.png

@@ -55,6 +55,7 @@ Microsoft partners with the following ISVs for MFA and Passwordless authenticati
 | ![Screenshot of a twilio logo.](./media/partner-gallery/twilio-logo.png) | [Twilio Verify app](./partner-twilio.md) provides multiple solutions to enable MFA through SMS one-time password (OTP), time-based one-time password (TOTP), and push notifications, and to comply with SCA requirements for PSD2. |
 | ![Screenshot of a typingDNA logo](./media/partner-gallery/typingdna-logo.png) | [TypingDNA](./partner-typingdna.md) enables strong customer authentication by analyzing a user’s typing pattern. It helps companies enable a silent MFA and comply with SCA requirements for PSD2. |
 | ![Screenshot of a whoiam logo](./media/partner-gallery/whoiam-logo.png) | [WhoIAM](./partner-whoiam.md) is a Branded Identity Management System (BRIMS) application that enables organizations to verify their user base by voice, SMS, and email. |
+| ![Screenshot of a xid logo](./media/partner-gallery/xid-logo.png) | [xID](./partner-xID.md) is a digital ID solution that provides users with passwordless, secure, multifactor authentication. xID-authenticated users obtain their identities verified by a My Number Card, the digital ID card issued by the Japanese government. Organizations can get users verified Personal Identification Information (PII) through the xID API. |
 
 ## Role-based access control