Merging changes synced from https://github.com/MicrosoftDocs/azure-docs-pr (branch live)

Author: Learn Build Service GitHub App

articles/active-directory/authentication/concept-authentication-passwordless.md

@@ -122,6 +122,7 @@ The following providers offer FIDO2 security keys of different form factors that
 | [Feitian](https://shop.ftsafe.us/pages/microsoft) | ![y] | ![y]| ![y]| ![y]| ![y] |
 | [Fortinet](https://www.fortinet.com/) | ![n] | ![y]| ![n]| ![n]| ![n] |
 | [Giesecke + Devrient (G+D)](https://www.gi-de.com/en/identities/enterprise-security/hardware-based-authentication) | ![y] | ![y]| ![y]| ![y]| ![n] |
+| [Google](https://store.google.com/us/product/titan_security_key) | ![n] | ![y]| ![y]| ![n]| ![n] |
 | [GoTrustID Inc.](https://www.gotrustid.com/idem-key) | ![n] | ![y]| ![y]| ![y]| ![n] |
 | [HID](https://www.hidglobal.com/products/crescendo-key) | ![n] | ![y]| ![y]| ![n]| ![n] |
 | [HIDEEZ](https://hideez.com/products/hideez-key-4) | ![n] | ![y]| ![y]| ![y]| ![n] |
@@ -135,6 +136,7 @@ The following providers offer FIDO2 security keys of different form factors that
 | [Nymi](https://www.nymi.com/nymi-band) | ![y] | ![n]| ![y]| ![n]| ![n] |
 | [Octatco](https://octatco.com/) | ![y] | ![y]| ![n]| ![n]| ![n] |
 | [OneSpan Inc.](https://www.onespan.com/products/fido) | ![n] | ![y]| ![n]| ![y]| ![n] |
+| [PONE Biometrics](https://ponebiometrics.com/) | ![n] | ![n]| ![n]| ![y]| ![n] |
 | [Precision Biometric](https://www.innait.com/product/fido/) | ![n] | ![y]| ![n]| ![n]| ![n] |
 | [RSA](https://www.rsa.com/products/securid/) | ![n] | ![y]| ![n]| ![n]| ![n] |
 | [Sentry](https://sentryenterprises.com/) | ![n] | ![n]| ![y]| ![n]| ![n] |

articles/active-directory/authentication/concept-fido2-hardware-vendor.md

@@ -43,6 +43,7 @@ The following table lists partners who are Microsoft-compatible FIDO2 security k
 | [Feitian](https://shop.ftsafe.us/pages/microsoft) | ![y] | ![y]| ![y]| ![y]| ![y] |
 | [Fortinet](https://www.fortinet.com/) | ![n] | ![y]| ![n]| ![n]| ![n] |
 | [Giesecke + Devrient (G+D)](https://www.gi-de.com/en/identities/enterprise-security/hardware-based-authentication) | ![y] | ![y]| ![y]| ![y]| ![n] |
+| [Google](https://store.google.com/us/product/titan_security_key) | ![n] | ![y]| ![y]| ![n]| ![n] |
 | [GoTrustID Inc.](https://www.gotrustid.com/idem-key) | ![n] | ![y]| ![y]| ![y]| ![n] |
 | [HID](https://www.hidglobal.com/products/crescendo-key) | ![n] | ![y]| ![y]| ![n]| ![n] |
 | [HIDEEZ](https://hideez.com/products/hideez-key-4) | ![n] | ![y]| ![y]| ![y]| ![n] |
@@ -56,6 +57,7 @@ The following table lists partners who are Microsoft-compatible FIDO2 security k
 | [Nymi](https://www.nymi.com/nymi-band) | ![y] | ![n]| ![y]| ![n]| ![n] |
 | [Octatco](https://octatco.com/) | ![y] | ![y]| ![n]| ![n]| ![n] |
 | [OneSpan Inc.](https://www.onespan.com/products/fido) | ![n] | ![y]| ![n]| ![y]| ![n] |
+| [PONE Biometrics](https://ponebiometrics.com/) | ![n] | ![n]| ![n]| ![y]| ![n] |
 | [Precision Biometric](https://www.innait.com/product/fido/) | ![n] | ![y]| ![n]| ![n]| ![n] |
 | [RSA](https://www.rsa.com/products/securid/) | ![n] | ![y]| ![n]| ![n]| ![n] |
 | [Sentry](https://sentryenterprises.com/) | ![n] | ![n]| ![y]| ![n]| ![n] |

articles/active-directory/develop/quickstart-daemon-app-java-acquire-token.md

@@ -28,25 +28,10 @@ To run this sample, you need:
 - [Java Development Kit (JDK)](https://openjdk.java.net/) 8 or greater
 - [Maven](https://maven.apache.org/)
 
-
-## Register and download your quickstart app
-
-You have two options to start your quickstart application: Express (Option 1 below), and Manual (Option 2)
-
-### Option 1: Register and auto configure your app and then download your code sample
-
-1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least an [Application Developer](../roles/permissions-reference.md#application-developer).
-1. Browse to **Identity** > **Applications** > **Application registrations**.
-1. Select **New registration**.
-1. Enter a name for your application and select **Register**.
-1. Follow the instructions to download and automatically configure your new application with just one click.
-
-### Option 2: Register and manually configure your application and code sample
-
-#### Step 1: Register your application
-
 [!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)]
 
+### Step 1: Register the application
+
 To register your application and add the app's registration information to your solution manually, follow these steps:
 
 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least an [Application Developer](../roles/permissions-reference.md#application-developer).
@@ -61,10 +46,10 @@ To register your application and add the app's registration information to your
 1. Select **Application permissions**.
 1. Under **User** node, select **User.Read.All**, then select **Add permissions**.
 
-#### Step 2: Download the Java project
+### Step 2: Download the Java project
 [Download the Java daemon project](https://github.com/Azure-Samples/ms-identity-java-daemon/archive/master.zip)
 
-#### Step 3: Configure the Java project
+### Step 3: Configure the Java project
 
 1. Extract the zip file to a local folder close to the root of the disk, for example, *C:\Azure-Samples*.
 1. Navigate to the sub folder **msal-client-credential-secret**.
@@ -81,18 +66,18 @@ To register your application and add the app's registration information to your
    - `Enter_the_Client_Secret_Here` - replace this value with the client secret created on step 1.
 
 >[!TIP]
->To find the values of **Application (client) ID**, **Directory (tenant) ID**, go to the app's **Overview** page in the Azure portal. To generate a new key, go to **Certificates & secrets** page.
+>To find the values of **Application (client) ID**, **Directory (tenant) ID**, go to the app's **Overview** page. To generate a new key, go to **Certificates & secrets** page.
 
-#### Step 4: Admin consent
+### Step 4: Admin consent
 
 If you try to run the application at this point, you'll receive *HTTP 403 - Forbidden* error: `Insufficient privileges to complete the operation`. This error happens because any *app-only permission* requires Admin consent: a global administrator of your directory must give consent to your application. Select one of the options below depending on your role:
 
-##### Global tenant administrator
+#### Global tenant administrator
 
 
-If you are a global tenant administrator, go to **API Permissions** page in **App registrations** in the Azure portal and select **Grant admin consent for {Tenant Name}** (Where {Tenant Name} is the name of your directory).
+If you are a global tenant administrator, go to **API Permissions** page in **App registrations** and select **Grant admin consent for {Tenant Name}** (Where {Tenant Name} is the name of your directory).
 
-##### Standard user
+#### Standard user
 
 If you're a standard user of your tenant, then you need to ask a global administrator to grant admin consent for your application. To do this, give the following URL to your administrator:
 
@@ -105,7 +90,7 @@ https://login.microsoftonline.com/Enter_the_Tenant_Id_Here/adminconsent?client_i
  * `Enter_the_Application_Id_Here` - is the **Application (client) ID** for the application you registered.
 
 
-#### Step 5: Run the application
+### Step 5: Run the application
 
 You can test the sample directly by running the main method of ClientCredentialGrant.java from your IDE.
 
@@ -172,8 +157,8 @@ ConfidentialClientApplication cca =
 
 | Where: |Description |
 |---------|---------|
-| `CLIENT_SECRET` | Is the client secret created for the application in Azure portal. |
-| `CLIENT_ID` | Is the **Application (client) ID** for the application registered in the Azure portal. You can find this value in the app's **Overview** page in the Azure portal. |
+| `CLIENT_SECRET` | Is the client secret created for the application. |
+| `CLIENT_ID` | Is the **Application (client) ID** for the registered application. You can find this value in the app's **Overview** page. |
 | `AUTHORITY`    | The STS endpoint for user to authenticate. Usually `https://login.microsoftonline.com/{tenant}` for public cloud, where {tenant} is the name of your tenant or your tenant ID.|
 
 ### Requesting tokens
@@ -212,7 +197,7 @@ IAuthenticationResult result;
 
 |Where:| Description |
 |---------|---------|
-| `SCOPE` | Contains the scopes requested. For confidential clients, this should use the format similar to `{Application ID URI}/.default` to indicate that the scopes being requested are the ones statically defined in the app object set in the Azure portal (for Microsoft Graph, `{Application ID URI}` points to `https://graph.microsoft.com`). For custom web APIs, `{Application ID URI}` is defined under the **Expose an API** section in **App registrations** in the Azure portal.|
+| `SCOPE` | Contains the scopes requested. For confidential clients, this should use the format similar to `{Application ID URI}/.default` to indicate that the scopes being requested are the ones statically defined in the app object (for Microsoft Graph, `{Application ID URI}` points to `https://graph.microsoft.com`). For custom web APIs, `{Application ID URI}` is defined under the **Expose an API** section in **App registrations**.|
 
 [!INCLUDE [Help and support](includes/error-handling-and-tips/help-support-include.md)]
 

articles/active-directory/develop/quickstart-single-page-app-angular-sign-in.md

@@ -29,29 +29,14 @@ This quickstart uses MSAL Angular v2 with the authorization code flow.
 * [Node.js](https://nodejs.org/en/download/)
 * [Visual Studio Code](https://code.visualstudio.com/download) or another code editor
 
-
-## Register and download your quickstart application
+## Register your quickstart application
 
 [!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)]
 
-To start your quickstart application, use either of the following options.
-
-### Option 1 (Express): Register and auto configure your app and then download your code sample
-
-1. Go to the [Azure portal - App registrations](https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade/quickStartType/AngularSpaQuickstartPage/sourceType/docs) quickstart experience.
-1. Enter a name for your application.
-1. Under **Supported account types**, select **Accounts in any organizational directory and personal Microsoft accounts**.
-1. Select **Register**.
-1. Go to the quickstart pane and follow the instructions to download and automatically configure your new application.
-
-### Option 2 (Manual): Register and manually configure your application and code sample
-
-#### Step 1: Register your application
-
-1. Sign in to the [Azure portal](https://portal.azure.com/).
-1. If you have access to multiple tenants, use the **Directories + subscriptions** filter :::image type="icon" source="media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant in which you want to register the application.
-1. Search for and select **Azure Active Directory**.
-1. Under **Manage**, select **App registrations** > **New registration**.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least an [Application Developer](../roles/permissions-reference.md#application-developer).
+1. If access to multiple tenants is available, use the **Directories + subscriptions** filter :::image type="icon" source="media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant in which you want to register the application.
+1. Browse to **Identity** > **Applications** > **Application registrations**.
+1. Select **New registration**.
 1. Enter a **Name** for your application. Users of your app might see this name, and you can change it later.
 1. Under **Supported account types**, select **Accounts in any organizational directory and personal Microsoft accounts**.
 1. Select **Register**. On the app **Overview** page, note the **Application (client) ID** value for later use.
@@ -90,17 +75,17 @@ Modify the values in the `auth` section as described here:
 
 - `Enter_the_Application_Id_Here` is the **Application (client) ID** for the application you registered.
 
-   To find the value of **Application (client) ID**, go to the app registration's **Overview** page in the Azure portal.
+   To find the value of **Application (client) ID**, go to the app registration's **Overview** page.
 - `Enter_the_Cloud_Instance_Id_Here` is the instance of the Azure cloud. For the main or global Azure cloud, enter `https://login.microsoftonline.com`. For **national** clouds (for example, China), see [National clouds](authentication-national-cloud.md).
 - `Enter_the_Tenant_info_here` is set to one of the following:
   - If your application supports *accounts in this organizational directory*, replace this value with the **Tenant ID** or **Tenant name**. For example, `contoso.microsoft.com`.
 
-   To find the value of the **Directory (tenant) ID**, go to the app registration's **Overview** page in the Azure portal.
+   To find the value of the **Directory (tenant) ID**, go to the app registration's **Overview** page.
   - If your application supports *accounts in any organizational directory*, replace this value with `organizations`.
   - If your application supports *accounts in any organizational directory and personal Microsoft accounts*, replace this value with `common`. **For this quickstart**, use `common`.
   - To restrict support to *personal Microsoft accounts only*, replace this value with `consumers`.
 
-   To find the value of **Supported account types**, go to the app registration's **Overview** page in the Azure portal.
+   To find the value of **Supported account types**, go to the app registration's **Overview** page.
 - `Enter_the_Redirect_Uri_Here` is `http://localhost:4200/`.
 
 The `authority` value in your *app.module.ts* should be similar to the following if you're using the main (global) Azure cloud:

articles/active-directory/develop/quickstart-single-page-app-javascript-sign-in.md

@@ -33,24 +33,12 @@ See [How the sample works](#how-the-sample-works) for an illustration.
 
 [!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)]
 
-To start your quickstart application, use either of the following options.
+### Step 1: Register your application
 
-### Option 1 (Express): Register and auto configure your app and then download your code sample
-
-1. Go to the [Azure portal - App registrations](https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade/quickStartType/AngularSpaQuickstartPage/sourceType/docs) quickstart experience.
-1. Enter a name for your application.
-1. Under **Supported account types**, select **Accounts in any organizational directory and personal Microsoft accounts**.
-1. Select **Register**.
-1. Go to the quickstart pane and follow the instructions to download and automatically configure your new application.
-
-### Option 2 (Manual): Register and manually configure your application and code sample
-
-#### Step 1: Register your application
-
-1. Sign in to the [Azure portal](https://portal.azure.com/).
-1. If you have access to multiple tenants, use the **Directories + subscriptions** filter :::image type="icon" source="media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant in which you want to register the application.
-1. Search for and select **Azure Active Directory**.
-1. Under **Manage**, select **App registrations** > **New registration**.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least an [Application Developer](../roles/permissions-reference.md#application-developer).
+1. If access to multiple tenants is available, use the **Directories + subscriptions** filter :::image type="icon" source="media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant in which you want to register the application.
+1. Browse to **Identity** > **Applications** > **Application registrations**.
+1. Select **New registration**.
 1. Enter a **Name** for your application. Users of your app might see this name, and you can change it later.
 1. Under **Supported account types**, select **Accounts in any organizational directory and personal Microsoft accounts**.
 1. Select **Register**. On the app **Overview** page, note the **Application (client) ID** value for later use.
@@ -59,12 +47,11 @@ To start your quickstart application, use either of the following options.
 1. Set the **Redirect URI** value to `http://localhost:3000/`.
 1. Select **Configure**.
 
-#### Step 2: Download the project
+### Step 2: Download the project
 
 To run the project with a web server by using Node.js, [download the core project files](https://github.com/Azure-Samples/ms-identity-javascript-v2/archive/master.zip).
 
-
-#### Step 3: Configure your JavaScript app
+### Step 3: Configure your JavaScript app
 
 In the *app* folder, open the *authConfig.js* file, and then update the `clientID`, `authority`, and `redirectUri` values in the `msalConfig` object.
 
@@ -87,17 +74,17 @@ Modify the values in the `msalConfig` section:
 
 - `Enter_the_Application_Id_Here` is the **Application (client) ID** for the application you registered.
 
-   To find the value of **Application (client) ID**, go to the app registration's **Overview** page in the Azure portal.
+   To find the value of **Application (client) ID**, go to the app registration's **Overview** page.
 - `Enter_the_Cloud_Instance_Id_Here` is the Azure cloud instance. For the main or global Azure cloud, enter `https://login.microsoftonline.com`. For **national** clouds (for example, China), see [National clouds](authentication-national-cloud.md).
 - `Enter_the_Tenant_info_here` is one of the following:
   - If your application supports *accounts in this organizational directory*, replace this value with the **Tenant ID** or **Tenant name**. For example, `contoso.microsoft.com`.
 
-   To find the value of the **Directory (tenant) ID**, go to the app registration's **Overview** page in the Azure portal.
+   To find the value of the **Directory (tenant) ID**, go to the app registration's **Overview** page.
   - If your application supports *accounts in any organizational directory*, replace this value with `organizations`.
   - If your application supports *accounts in any organizational directory and personal Microsoft accounts*, replace this value with `common`. **For this quickstart**, use `common`.
   - To restrict support to *personal Microsoft accounts only*, replace this value with `consumers`.
 
-   To find the value of **Supported account types**, go to the app registration's **Overview** page in the Azure portal.
+   To find the value of **Supported account types**, go to the app registration's **Overview** page.
 - `Enter_the_Redirect_Uri_Here` is `http://localhost:3000/`.
 
 The `authority` value in your *authConfig.js* should be similar to the following if you're using the main (global) Azure cloud:
@@ -130,7 +117,7 @@ graphMeEndpoint: "https://graph.microsoft.com/v1.0/me",
 graphMailEndpoint: "https://graph.microsoft.com/v1.0/me/messages"
 ```
 
-#### Step 4: Run the project
+### Step 4: Run the project
 
 Run the project with a web server by using Node.js.