MicrosoftDocs
diff --git a/‎.openpublishing.redirection.json
Lines changed: 5 additions & 0 deletions b/‎.openpublishing.redirection.json
Lines changed: 5 additions & 0 deletions
diff --git a/‎articles/active-directory-b2c/active-directory-b2c-devquickstarts-graph-dotnet.md
Lines changed: 0 additions & 1 deletion b/‎articles/active-directory-b2c/active-directory-b2c-devquickstarts-graph-dotnet.md
Lines changed: 0 additions & 1 deletion
diff --git a/‎articles/active-directory-b2c/b2clogin.md
Lines changed: 22 additions & 2 deletions b/‎articles/active-directory-b2c/b2clogin.md
Lines changed: 22 additions & 2 deletions
diff --git a/‎articles/active-directory/cloud-provisioning/what-is-cloud-provisioning.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/cloud-provisioning/what-is-cloud-provisioning.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/conditional-access/TOC.yml
Lines changed: 0 additions & 2 deletions b/‎articles/active-directory/conditional-access/TOC.yml
Lines changed: 0 additions & 2 deletions
diff --git a/‎articles/active-directory/conditional-access/howto-conditional-access-policy-registration.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/conditional-access/howto-conditional-access-policy-registration.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/develop/config-authority.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/develop/config-authority.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/develop/howto-add-app-roles-in-azure-ad-apps.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/develop/howto-add-app-roles-in-azure-ad-apps.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/develop/msal-configuration.md
Lines changed: 3 additions & 3 deletions b/‎articles/active-directory/develop/msal-configuration.md
Lines changed: 3 additions & 3 deletions
diff --git a/‎articles/active-directory/develop/msal-js-avoid-page-reloads.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/develop/msal-js-avoid-page-reloads.md
Lines changed: 1 addition & 1 deletion
@@ -10037,6 +10037,11 @@
       "redirect_url": "/azure-stack/user/azure-stack-vpn-gateway-about-vpn-gateways",
       "redirect_document_id": false
     },
+    {
+      "source_path": "articles/virtual-wan/virtual-wan-office365-overview.md",
+      "redirect_url": "/azure/virtual-wan/virtual-wan-about",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/azure-stack/azure-stack-vpn-gateway-settings.md",
       "redirect_url": "/azure-stack/user/azure-stack-vpn-gateway-settings",
 
@@ -360,6 +360,5 @@ By using `B2CGraphClient`, you have a service application that can manage your B
 As you incorporate this functionality into your own application, remember a few key points for B2C applications:
 
 * Grant the application the required permissions in the tenant.
-* For now, you need to use ADAL (not MSAL) to get access tokens. (You can also send protocol messages directly, without using a library.)
 * When you call the Graph API, use `api-version=1.6`.
 * When you create and update consumer users, a few properties are required, as described above.
@@ -1,5 +1,5 @@
 ---
-title: Set redirect URLs to b2clogin.com - Azure Active Directory B2C
+title: Migrate applications and APIs to b2clogin.com - Azure AD B2C
 description: Learn about using b2clogin.com in your redirect URLs for Azure Active Directory B2C.
 services: active-directory-b2c
 author: mmacy
@@ -8,7 +8,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 08/17/2019
+ms.date: 12/04/2019
 ms.author: marsma
 ms.subservice: B2C
 ---
@@ -17,6 +17,16 @@ ms.subservice: B2C
 
 When you set up an identity provider for sign-up and sign-in in your Azure Active Directory B2C (Azure AD B2C) application, you need to specify a redirect URL. You should no longer reference *login.microsoftonline.com* in your applications and APIs. Instead, use *b2clogin.com* for all new applications, and migrate existing applications from *login.microsoftonline.com* to *b2clogin.com*.
 
+## Deprecation of login.microsoftonline.com
+
+On 04 December 2019, we announced the scheduled retirement of login.microsoftonline.com support in Azure AD B2C on **04 December 2020**:
+
+[Azure Active Directory B2C is deprecating login.microsoftonline.com](https://azure.microsoft.com/updates/b2c-deprecate-msol/)
+
+The deprecation of login.microsoftonline.com goes into effect for all Azure AD B2C tenants on 04 December 2020, providing existing tenants one (1) year to migrate to b2clogin.com. New tenants created after 04 December 2019 will not accept requests from login.microsoftonline.com. All functionality remains the same on the b2clogin.com endpoint.
+
+The deprecation of login.microsoftonline.com does not impact Azure Active Directory tenants. Only Azure Active Directory B2C tenants are affected by this change.
+
 ## Benefits of b2clogin.com
 
 When you use *b2clogin.com* as your redirect URL:
@@ -68,6 +78,10 @@ For example, the authority endpoint for Contoso's sign-up/sign-in policy would n
 https://contosob2c.b2clogin.com/00000000-0000-0000-0000-000000000000/B2C_1_signupsignin1
 ```
 
+For information about migrating OWIN-based web applications to b2clogin.com, see [Migrate an OWIN-based web API to b2clogin.com](multiple-token-endpoints.md).
+
+For migrating Azure API Management APIs protected by Azure AD B2C, see the [Migrate to b2clogin.com](secure-api-management.md#migrate-to-b2clogincom) section of [Secure an Azure API Management API with Azure AD B2C](secure-api-management.md).
+
 ## Microsoft Authentication Library (MSAL)
 
 ### ValidateAuthority property
@@ -92,6 +106,12 @@ this.clientApplication = new UserAgentApplication(
 );
 ```
 
+## Next steps
+
+For information about migrating OWIN-based web applications to b2clogin.com, see [Migrate an OWIN-based web API to b2clogin.com](multiple-token-endpoints.md).
+
+For migrating Azure API Management APIs protected by Azure AD B2C, see the [Migrate to b2clogin.com](secure-api-management.md#migrate-to-b2clogincom) section of [Secure an Azure API Management API with Azure AD B2C](secure-api-management.md).
+
 <!-- LINKS - External -->
 [msal-dotnet]: https://github.com/AzureAD/microsoft-authentication-library-for-dotnet
 [msal-dotnet-b2c]: https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/AAD-B2C-specifics
 
@@ -29,7 +29,7 @@ With Azure AD Connect cloud provisioning, provisioning from AD to Azure AD is or
 
 The following table provides a comparison between Azure AD Connect and Azure AD Connect cloud provisioning:
 
-| Feature | Azure Active Directory Connect synch| Azure Active Directory Connect cloud provisioning |
+| Feature | Azure Active Directory Connect sync| Azure Active Directory Connect cloud provisioning |
 |:--- |:---:|:---:|
 |Connect to single on-premises AD forest|● |● |
 | Connect to multiple on-premises AD forests |● |● |
 
@@ -64,8 +64,6 @@
       href: howto-conditional-access-policy-compliant-device.md
   - name: Block legacy authentication
     href: block-legacy-authentication.md
-  - name: Conditional Access for MFA registration
-    href: ../authentication/howto-registration-mfa-sspr-combined.md#conditional-access-policies-for-combined-registration
   - name: Require approved client apps
     href: app-based-conditional-access.md
   - name: Require app protection policy
 
@@ -17,7 +17,7 @@ ms.collection: M365-identity-device-management
 ---
 # Conditional Access: Require trusted location for MFA registration
 
-Securing when and how users register for Azure Multi-Factor Authentication and self-service password reset is now possible with user actions in Conditional Access policy. This preview feature is available to organizations who have enabled the [combined registration preview](../authentication/concept-registration-mfa-sspr-combined.md). This functionality may be enabled in organizations where they want users to register for Azure Multi-Factor Authentication and SSPR from a central location such as a trusted network location during HR onboarding. For more information about creating trusted locations in Conditional Access, see the article [What is the location condition in Azure Active Directory Conditional Access?](../conditional-access/location-condition.md#named-locations)
+Securing when and how users register for Azure Multi-Factor Authentication and self-service password reset is now possible with user actions in Conditional Access policy. This preview feature is available to organizations who have enabled the [combined registration preview](../authentication/concept-registration-mfa-sspr-combined.md). This functionality may be enabled in organizations where they want to use conditions like trusted network location to restrict access to register for Azure Multi-Factor Authentication and SSPR. For more information about creating trusted locations in Conditional Access, see the article [What is the location condition in Azure Active Directory Conditional Access?](../conditional-access/location-condition.md#named-locations)
 
 ## Create a policy to require registration from a trusted location
 
 
@@ -1,5 +1,5 @@
 ---
-title: Configure MSAL for iOS and macOS to use different identity providers 
+title: Configure different identity providers (MSAL iOS/macOS) | Azure
 titleSuffix: Microsoft identity platform
 description: Learn how to use different authorities such as B2C, sovereign clouds, and guest users, with MSAL for iOS and macOS.
 services: active-directory
 
@@ -1,5 +1,5 @@
 ---
-title: Add app roles in your Azure Active Directory-registered app and receive them in the token 
+title: Add app roles and get them from a token | Azure
 titleSuffix: Microsoft identity platform
 description: Learn how to add app roles in an application registered in Azure Active Directory, assign users and groups to these roles and receive them in the `roles` claim in the token.
 services: active-directory
 
@@ -1,5 +1,5 @@
 ---
-title: Understand  the Android Microsoft Authentication Library (MSAL) configuration file 
+title: Android Microsoft Authentication Library config file | Azure
 titleSuffix: Microsoft identity platform
 description: An overview of the Android Microsoft Authentication Library (MSAL) configuration file, which represents an application's configuration in Azure Active Directory.
 services: active-directory
@@ -20,9 +20,9 @@ ms.reviewer: shoatman
 ms.collection: M365-identity-device-management
 ---
 
-# Android Microsoft Authentication Library (MSAL) configuration file
+# Android Microsoft Authentication Library configuration file
 
-MSAL ships with a [default configuration JSON file](https://github.com/AzureAD/microsoft-authentication-library-for-android/blob/dev/msal/src/main/res/raw/msal_default_config.json) that you customize to define the behavior of your public client app for things such as the default authority, which authorities you'll use, and so on.
+The Android Microsoft Authentication Library (MSAL) ships with a [default configuration JSON file](https://github.com/AzureAD/microsoft-authentication-library-for-android/blob/dev/msal/src/main/res/raw/msal_default_config.json) that you customize to define the behavior of your public client app for things such as the default authority, which authorities you'll use, and so on.
 
 This article will help you understand the various settings in the configuration file and how to specify the configuration file to use in your MSAL-based app.
 
 
@@ -1,5 +1,5 @@
 ---
-title: Avoid page reloads (MSAL.js) 
+title: Avoid page reloads (MSAL.js) | Azure
 titleSuffix: Microsoft identity platform
 description: Learn how to avoid page reloads when acquiring and renewing tokens silently using the Microsoft Authentication Library for JavaScript (MSAL.js).
 services: active-directory