Merge branch 'master' of github.com:MicrosoftDocs/azure-docs-pr

Author: mmacy

articles/active-directory-b2c/active-directory-b2c-devquickstarts-graph-dotnet.md

@@ -26,9 +26,6 @@ For B2C tenants, there are two primary modes of communicating with the Graph API
 
 In this article, you learn how to perform the automated use case. You'll build a .NET 4.5 `B2CGraphClient` that performs user create, read, update, and delete (CRUD) operations. The client will have a Windows command-line interface (CLI) that allows you to invoke various methods. However, the code is written to behave in a non-interactive, automated fashion.
 
->[!IMPORTANT]
-> You **must** use the [Azure AD Graph API](../active-directory/develop/active-directory-graph-api-quickstart.md) to manage users in an Azure AD B2C directory. The Azure AD Graph API is different from the Microsoft Graph API. Learn more in this MSDN blog post: [Microsoft Graph or Azure AD Graph](https://blogs.msdn.microsoft.com/aadgraphteam/2016/07/08/microsoft-graph-or-azure-ad-graph/).
-
 ## Prerequisites
 
 Before you can create applications or users, you need an Azure AD B2C tenant. If you don't already have one, [Create an Azure Active Directory B2C tenant](tutorial-create-tenant.md).

articles/active-directory-b2c/manage-user-access.md

@@ -172,3 +172,4 @@ The following is an example of a Version based terms of use consent in a claim:
 ## Next steps
 
 - To learn how to delete and export user data, see [Manage user data](manage-user-data.md).
+- For an example custom policy that implements a terms of use prompt, see [A B2C IEF Custom Policy - Sign Up and Sign In with 'Terms of Use' prompt](https://github.com/azure-ad-b2c/samples/tree/master/policies/sign-in-sign-up-versioned-tou).

articles/active-directory/develop/active-directory-authentication-protocols.md

@@ -1,6 +1,6 @@
 ---
-title: Azure Active Directory authentication protocols | Microsoft Docs
-description: An overview of the authentication protocols supported by Azure Active Directory (AD)
+title: Microsoft identity platform authentication protocols | Microsoft Docs
+description: An overview of the authentication protocols supported by Microsoft identity platform
 author: rwike77
 services: active-directory
 manager: CelesteDG
@@ -10,29 +10,28 @@ ms.service: active-directory
 ms.subservice: develop
 ms.topic: conceptual
 ms.workload: identity
-ms.date: 04/27/2017
+ms.date: 12/18/2019
 ms.author: ryanwi
 ms.custom: aaddev
 ms.reviewer: hirsin
 ms.collection: M365-identity-device-management
 ---
 
-# Azure Active Directory authentication protocols
+# Microsoft identity platform authentication protocols
 
-Azure Active Directory (Azure AD) supports several of the most widely used authentication and authorization protocols. The topics in this section describe the supported protocols and their implementation in Azure AD. The topics included a review of supported claim types, an introduction to the use of federation metadata, detailed OAuth 2.0. and SAML 2.0 protocol reference documentation, and a troubleshooting section.
+Microsoft identity platform supports several of the most widely used authentication and authorization protocols. The topics in this section describe the supported protocols and their implementation in Microsoft identity platform. The topics included a review of supported claim types, an introduction to the use of federation metadata, detailed OAuth 2.0. and SAML 2.0 protocol reference documentation, and a troubleshooting section.
 
 ## Authentication protocols articles and reference
 
-* [Important Information About Signing Key Rollover in Azure AD](active-directory-signing-key-rollover.md) – Learn about Azure AD’s signing key rollover cadence, changes you can make to update the key automatically, and discussion for how to update the most common application scenarios.
-* [Supported Token and Claim Types](v1-id-and-access-tokens.md) - Learn about the claims in the tokens that Azure AD issues.
-* [Federation Metadata](azure-ad-federation-metadata.md) - Learn how to find and interpret the metadata documents that Azure AD generates.
-* [OAuth 2.0 in Azure AD](v1-protocols-oauth-code.md) - Learn about the implementation of OAuth 2.0 in Azure AD.
-* [OpenID Connect 1.0](v1-protocols-openid-connect-code.md) - Learn how to use OAuth 2.0, an authorization protocol, for authentication.
-* [Service to Service Calls with Client Credentials](v1-oauth2-client-creds-grant-flow.md) - Learn how to use OAuth 2.0 client credentials grant flow for service to service calls.
-* [Service to Service Calls with On-Behalf-Of Flow](v1-oauth2-on-behalf-of-flow.md) - Learn how to use OAuth 2.0 On-Behalf-Of flow for service to service calls.
-* [SAML Protocol Reference](active-directory-saml-protocol-reference.md) - Learn about the Single Sign-On and Single Sign-out SAML profiles of Azure AD.
+* [Important Information About Signing Key Rollover in Microsoft identity platform](active-directory-signing-key-rollover.md) – Learn about Microsoft identity platform’s signing key rollover cadence, changes you can make to update the key automatically, and discussion for how to update the most common application scenarios.
+* [Supported Token and Claim Types](id-tokens.md) - Learn about the claims in the tokens that Microsoft identity platform issues.
+* [OAuth 2.0 in Microsoft identity platform](v2-oauth2-auth-code-flow.md) - Learn about the implementation of OAuth 2.0 in Microsoft identity platform.
+* [OpenID Connect 1.0](v2-protocols-oidc.md) - Learn how to use OAuth 2.0, an authorization protocol, for authentication.
+* [Service to Service Calls with Client Credentials](v2-oauth2-client-creds-grant-flow.md) - Learn how to use OAuth 2.0 client credentials grant flow for service to service calls.
+* [Service to Service Calls with On-Behalf-Of Flow](v2-oauth2-on-behalf-of-flow.md) - Learn how to use OAuth 2.0 On-Behalf-Of flow for service to service calls.
+* [SAML Protocol Reference](active-directory-saml-protocol-reference.md) - Learn about the Single Sign-On and Single Sign-out SAML profiles of Microsoft identity platform.
 
 ## See also
 
-* [Azure Active Directory Developer's Guide](v1-overview.md)
-* [Active Directory Code Samples](sample-v1-code.md)
+* [Microsoft identity platform overview](v2-overview.md)
+* [Active Directory Code Samples](sample-v2-code.md)

articles/active-directory/develop/active-directory-certificate-credentials.md

@@ -1,7 +1,7 @@
 ---
-title: Azure AD certificate credentials
+title: Microsoft identity platform certificate credentials
 titleSuffix: Microsoft identity platform
-description: This article discusses the registration and use of certificate credentials for application authentication
+description: This article discusses the registration and use of certificate credentials for application authentication.
 services: active-directory
 author: rwike77
 manager: CelesteDG
@@ -11,21 +11,21 @@ ms.service: active-directory
 ms.subservice: develop
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 05/21/2019
+ms.date: 12/18/2019
 ms.author: ryanwi
 ms.reviewer: nacanuma, jmprieur
 ms.custom: aaddev
 ms.collection: M365-identity-device-management
 ---
 
-# Azure AD application authentication certificate credentials
+# Microsoft identity platform application authentication certificate credentials
 
-Azure Active Directory (Azure AD) allows an application to use its own credentials for authentication, for example, in the OAuth 2.0 Client Credentials Grant flow ([v1.0](v1-oauth2-client-creds-grant-flow.md), [v2.0](v2-oauth2-client-creds-grant-flow.md)) and the On-Behalf-Of flow ([v1.0](v1-oauth2-on-behalf-of-flow.md), [v2.0](v2-oauth2-on-behalf-of-flow.md)).
+Microsoft identity platform allows an application to use its own credentials for authentication, for example, in the [OAuth 2.0 Client Credentials Grant flowv2.0](v2-oauth2-client-creds-grant-flow.md) and the [On-Behalf-Of flow](v2-oauth2-on-behalf-of-flow.md)).
 
 One form of credential that an application can use for authentication is a JSON Web Token(JWT) assertion signed with a certificate that the application owns.
 
 ## Assertion format
-
+Microsoft identity platform
 To compute the assertion, you can use one of the many [JSON Web Token](https://jwt.ms/) libraries in the language of your choice. The information carried by the token are as follows:
 
 ### Header
@@ -85,9 +85,9 @@ The following string is an example of encoded assertion. If you look carefully,
 Gh95kHCOEGq5E_ArMBbDXhwKR577scxYaoJ1P{a lot of characters here}KKJDEg"
 ```
 
-## Register your certificate with Azure AD
+## Register your certificate with Microsoft identity platform
 
-You can associate the certificate credential with the client application in Azure AD through the Azure portal using any of the following methods:
+You can associate the certificate credential with the client application in Microsoft identity platform through the Azure portal using any of the following methods:
 
 ### Uploading the certificate file
 
@@ -121,7 +121,7 @@ In the Azure app registration for the client application:
        }
    ]
    ```
-3. Save the edits to the application manifest and then upload the manifest to Azure AD. 
+3. Save the edits to the application manifest and then upload the manifest to Microsoft identity platform. 
 
    The `keyCredentials` property is multi-valued, so you may upload multiple certificates for richer key management.
 
@@ -130,4 +130,4 @@ In the Azure app registration for the client application:
 > [!NOTE]
 > You must calculate the X5T header by using the certificate's hash and  converting it to a base64 string. In C# it would look something similar to that of : `System.Convert.ToBase64String(cert.GetCertHash());`
 
-The code sample on [Authenticating to Azure AD in daemon apps with certificates](https://github.com/Azure-Samples/active-directory-dotnet-daemon-certificate-credential) shows how an application uses its own credentials for authentication. It also shows how you can [create a self-signed certificate](https://github.com/Azure-Samples/active-directory-dotnet-daemon-certificate-credential#create-a-self-signed-certificate) using the `New-SelfSignedCertificate` Powershell command. You can also take advantage and use the [app creation scripts](https://github.com/Azure-Samples/active-directory-dotnet-daemon-certificate-credential/blob/master/AppCreationScripts/AppCreationScripts.md) to create the certificates, compute the thumbprint, and so on.
+The code sample on [Authenticating to Microsoft identity platform in daemon apps with certificates](https://github.com/Azure-Samples/active-directory-dotnet-daemon-certificate-credential) shows how an application uses its own credentials for authentication. It also shows how you can [create a self-signed certificate](https://github.com/Azure-Samples/active-directory-dotnet-daemon-certificate-credential#create-a-self-signed-certificate) using the `New-SelfSignedCertificate` Powershell command. You can also take advantage and use the [app creation scripts](https://github.com/Azure-Samples/active-directory-dotnet-daemon-certificate-credential/blob/master/AppCreationScripts/AppCreationScripts.md) to create the certificates, compute the thumbprint, and so on.

articles/active-directory/develop/authentication-scenarios.md

@@ -10,7 +10,7 @@ ms.service: active-directory
 ms.subservice: develop
 ms.topic: conceptual
 ms.workload: identity
-ms.date: 10/15/2019
+ms.date: 12/18/2019
 ms.author: ryanwi
 ms.reviewer: jmprieur, saeeda, sureshja, hirsin
 ms.custom: aaddev, identityplatformtop40, scenarios:getting-started
@@ -162,6 +162,7 @@ By default, MSAL uses the system browser except for .NET Framework desktop appli
 
 ## Next steps
 
-See the [Microsoft identity platform developer glossary](developer-glossary.md) to get familiar with common terms.
-See [Authentication flows and app scenarios](authentication-flows-app-scenarios.md) to learn more about other scenarios for authenticating users supported by the Microsoft identity platform.
-See [MSAL libraries](msal-overview.md) to learn about the Microsoft libraries that help you develop applications that work with Microsoft Accounts, Azure AD accounts, and Azure AD B2C users all in a single, streamlined programming model.
+- See the [Microsoft identity platform developer glossary](developer-glossary.md) to get familiar with common terms.
+- See [Authentication flows and app scenarios](authentication-flows-app-scenarios.md) to learn more about other scenarios for authenticating users supported by the Microsoft identity platform.
+- See [MSAL libraries](msal-overview.md) to learn about the Microsoft libraries that help you develop applications that work with Microsoft Accounts, Azure AD accounts, and Azure AD B2C users all in a single, streamlined programming model.
+- See [Integrate App Service with Microsfot identity platform](/azure/app-service/configure-authentication-provider-aad) to learn how to configure authentication for your App Service app.

articles/active-directory/develop/quickstart-v2-dotnet-native-aspnet.md

@@ -1,6 +1,6 @@
 ---
-title: Call Azure AD protected ASP.NET Web API - Microsoft identity platform
-description: In this quickstart, learn how to call an ASP.NET web API protected by Azure Active Directory from a Windows Desktop (WPF) application. The WPF client authenticates a user, requests an access token, and calls the web API.
+title: Call a ASP.NET Web API protected by Microsoft identity platform
+description: In this quickstart, learn how to call an ASP.NET web API protected by Microsoft identity platform from a Windows Desktop (WPF) application. The WPF client authenticates a user, requests an access token, and calls the web API.
 services: active-directory
 author: jmprieur
 manager: CelesteDG
@@ -16,9 +16,9 @@ ms.custom: aaddev, identityplatformtop40, scenarios:getting-started, languages:A
 ms.collection: M365-identity-device-management
 ---
 
-# Quickstart: Call an ASP.NET Web API protected by Azure AD
+# Quickstart: Call an ASP.NET Web API protected by Microsoft identity platform
 
-In this quickstart, you expose a Web API and protect it so that only authenticated user can access it. This sample shows how to expose a ASP.NET Web API so it can accept tokens issued by personal accounts (including outlook.com, live.com, and others) as well as work and school accounts from any company or organization that has integrated with Azure Active Directory.
+In this quickstart, you expose a Web API and protect it so that only authenticated user can access it. This sample shows how to expose a ASP.NET Web API so it can accept tokens issued by personal accounts (including outlook.com, live.com, and others) as well as work and school accounts from any company or organization that has integrated with Microsoft identity platform.
 
 The sample also includes a Windows Desktop application (WPF) client that demonstrates how you can request an access token to access a Web API.