MicrosoftDocs
diff --git a/‎.openpublishing.redirection.json
Lines changed: 552 additions & 102 deletions b/‎.openpublishing.redirection.json
Lines changed: 552 additions & 102 deletions
diff --git a/‎articles/active-directory-b2c/TOC.yml
Lines changed: 3 additions & 3 deletions b/‎articles/active-directory-b2c/TOC.yml
Lines changed: 3 additions & 3 deletions
diff --git a/‎articles/active-directory-b2c/contentdefinitions.md
Lines changed: 78 additions & 26 deletions b/‎articles/active-directory-b2c/contentdefinitions.md
Lines changed: 78 additions & 26 deletions
diff --git a/‎articles/active-directory-b2c/custom-policy-developer-notes.md
Lines changed: 3 additions & 3 deletions b/‎articles/active-directory-b2c/custom-policy-developer-notes.md
Lines changed: 3 additions & 3 deletions
diff --git a/‎articles/active-directory-b2c/javascript-samples.md
Lines changed: 15 additions & 24 deletions b/‎articles/active-directory-b2c/javascript-samples.md
Lines changed: 15 additions & 24 deletions
diff --git a/‎articles/active-directory-b2c/manage-user-accounts-graph-api.md
Lines changed: 2 additions & 2 deletions b/‎articles/active-directory-b2c/manage-user-accounts-graph-api.md
Lines changed: 2 additions & 2 deletions
@@ -182,8 +182,6 @@
       - name: Custom email
         href: custom-email.md
         displayName: verification
-      - name: Page layout
-        href: page-layout.md
       - name: Enable JavaScript
         href: javascript-samples.md
       - name: Password complexity
@@ -383,6 +381,8 @@
     href: custom-policy-developer-notes.md
   - name: Code samples
     href: https://azure.microsoft.com/resources/samples/?service=active-directory-b2c
+  - name: Page layout versions
+    href: page-layout.md
   - name: Cookie definitions
     href: cookie-definitions.md
     displayName: cookies, SameSite
@@ -421,4 +421,4 @@
     href: support-options.md
     displayName: technical
   - name: Videos
-    href: https://azure.microsoft.com/documentation/videos/index/?services=active-directory-b2c
+    href: https://azure.microsoft.com/documentation/videos/index/?services=active-directory-b2c
@@ -1,5 +1,6 @@
 ---
-title: ContentDefinitions - Azure Active Directory B2C | Microsoft Docs
+title: ContentDefinitions
+titleSuffix: Azure AD B2C
 description: Specify the ContentDefinitions element of a custom policy in Azure Active Directory B2C.
 services: active-directory-b2c
 author: mmacy
@@ -8,7 +9,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: reference
-ms.date: 09/10/2018
+ms.date: 02/11/2020
 ms.author: marsma
 ms.subservice: B2C
 ---
@@ -52,7 +53,6 @@ The metadata of the **LocalAccountSignUpWithLogonEmail** self-asserted technical
   ...
 ```
 
-
 ## ContentDefinition
 
 The **ContentDefinition** element contains the following attribute:
@@ -68,22 +68,82 @@ The **ContentDefinition** element contains the following elements:
 | LoadUri | 1:1 | A string that contains the URL of the HTML5 page for the content definition. |
 | RecoveryUri | 0:1 | A string that contains the URL of the HTML page for displaying an error relating to the content definition. |
 | DataUri | 1:1 | A string that contains the relative URL of an HTML file that provides the user experience to invoke for the step. |
-| Metadata | 1:1 | A collection of key/value pairs that contains the metadata utilized by the content definition. |
+| Metadata | 0:1 | A collection of key/value pairs that contains the metadata utilized by the content definition. |
 | LocalizedResourcesReferences | 0:1 | A collection of localized resources references. Use this element to customize the localization of a user interface and claims attribute. |
 
 ### DataUri
 
-The **DataUri** element is used to specify the page identifier. Azure AD B2C uses the page identifier to load and initiate UI elements and client side JavaScript. The format of the value is `urn:com:microsoft:aad:b2c:elements:page-name:version`.  The following table lists the values and descriptions of the page identifiers you can use.
+The **DataUri** element is used to specify the page identifier. Azure AD B2C uses the page identifier to load and initiate UI elements and client side JavaScript. The format of the value is `urn:com:microsoft:aad:b2c:elements:page-name:version`. The following table lists the page identifiers you can use.
 
-| Value |	Description |
+| Page identifier | Description |
 | ----- | ----------- |
-| `urn:com:microsoft:aad:b2c:elements:globalexception:1.1.0` | Displays an error page when an exception or an error is encountered. |
-| `urn:com:microsoft:aad:b2c:elements:idpselection:1.0.0` |	Lists the identity providers that users can choose from during sign-in. |
-| `urn:com:microsoft:aad:b2c:elements:unifiedssp:1.0.0`	| Displays a form for signing in with a local account that's based on an email address or a user name. This value also provides the “keep me sign-in functionality” and “Forgot your password?” link. |
-| `urn:com:microsoft:aad:b2c:elements:unifiedssd:1.0.0` | Displays a form for signing in with a local account that's based on an email address or a user name. |
-| `urn:com:microsoft:aad:b2c:elements:multifactor:1.1.0` | Verifies phone numbers by using text or voice during sign-up or sign-in. |
-| `urn:com:microsoft:aad:b2c:elements:selfasserted:1.1.0` |	Displays a form that enables users to create or update their profile. |
+| `globalexception` | Displays an error page when an exception or an error is encountered. |
+| `providerselection` |	Lists the identity providers that users can choose from during sign-in. |
+| `unifiedssp` | Displays a form for signing in with a local account that's based on an email address or a user name. This value also provides the “keep me sign-in functionality” and “Forgot your password?” link. |
+| `unifiedssd` | Displays a form for signing in with a local account that's based on an email address or a user name. |
+| `multifactor` | Verifies phone numbers by using text or voice during sign-up or sign-in. |
+| `selfasserted` | Displays a form that enables users to create or update their profile. |
+
+### Select a page layout
+
+You can enable [JavaScript client-side code](javascript-samples.md) by inserting `contract` between `elements` and the page type. For example, `urn:com:microsoft:aad:b2c:elements:contract:page-name:version`.
+
+[!INCLUDE [active-directory-b2c-public-preview](../../includes/active-directory-b2c-public-preview.md)]
+
+The [version](page-layout.md) part of the `DataUri` specifies the package of content containing HTML, CSS, and JavaScript for the user interface elements in your  policy. If you intend to enable JavaScript client-side code, the elements you base your JavaScript on must be immutable. If they're not immutable, any changes could cause unexpected behavior on your user pages. To prevent these issues, enforce the use of a page layout and specify a page layout version. Doing so ensures that all content definitions you’ve based your JavaScript on are immutable. Even if you don’t intend to enable JavaScript, you still need to specify the page layout version for your pages.
+
+The following example shows the **DataUri** of `selfasserted` version `1.2.0`:
+
+```xml
+<ContentDefinition Id="api.localaccountpasswordreset">
+<LoadUri>~/tenant/templates/AzureBlue/selfAsserted.cshtml</LoadUri>
+<RecoveryUri>~/common/default_page_error.html</RecoveryUri>
+<DataUri>urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0</DataUri>
+<Metadata>
+    <Item Key="DisplayName">Local account change password page</Item>
+</Metadata>
+</ContentDefinition>
+```
+
+#### Migrating to page layout
 
+The format of the value must contain the word `contract`: _urn:com:microsoft:aad:b2c:elements:**contract**:page-name:version_. To specify a page layout in your custom policies that use an old **DataUri** value, use following table to migrate to the new format.
+
+| Old DataUri value | New DataUri value |
+| ----------------- | ----------------- |
+| `urn:com:microsoft:aad:b2c:elements:globalexception:1.0.0` | `urn:com:microsoft:aad:b2c:elements:contract:globalexception:1.2.0` |
+| `urn:com:microsoft:aad:b2c:elements:globalexception:1.1.0` | `urn:com:microsoft:aad:b2c:elements:contract:globalexception:1.2.0` |
+| `urn:com:microsoft:aad:b2c:elements:idpselection:1.0.0` | `urn:com:microsoft:aad:b2c:elements:contract:providerselection:1.2.0` |
+| `urn:com:microsoft:aad:b2c:elements:multifactor:1.0.0` | `urn:com:microsoft:aad:b2c:elements:contract:multifactor:1.2.0` |
+| `urn:com:microsoft:aad:b2c:elements:multifactor:1.1.0` | `urn:com:microsoft:aad:b2c:elements:contract:multifactor:1.2.0` |
+| `urn:com:microsoft:aad:b2c:elements:selfasserted:1.0.0` | `urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0` |
+| `urn:com:microsoft:aad:b2c:elements:selfasserted:1.1.0` | `urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0` |
+| `urn:com:microsoft:aad:b2c:elements:unifiedssd:1.0.0` | `urn:com:microsoft:aad:b2c:elements:contract:unifiedssd:1.2.0` |
+| `urn:com:microsoft:aad:b2c:elements:unifiedssp:1.0.0` | `urn:com:microsoft:aad:b2c:elements:contract:unifiedssp:1.2.0` |
+| `urn:com:microsoft:aad:b2c:elements:unifiedssp:1.1.0` | `urn:com:microsoft:aad:b2c:elements:contract:unifiedssp:1.2.0` |
+
+
+### Metadata
+
+A **Metadata** element contains the following elements:
+
+| Element | Occurrences | Description |
+| ------- | ----------- | ----------- |
+| Item | 0:n | The metadata that relates to the content definition. |
+
+The **Item** element of the **Metadata** element contains the following attributes:
+
+| Attribute | Required | Description |
+| --------- | -------- | ----------- |
+| Key | Yes | The metadata key.  |
+
+#### Metadata keys
+
+Content definition supports following metadata items: 
+
+| Key | Required | Description |
+| --------- | -------- | ----------- |
+| DisplayName | No | A string that contains the name of the content definition. |
 
 ### LocalizedResourcesReferences
 
@@ -93,26 +153,13 @@ The **LocalizedResourcesReferences** element contains the following elements:
 | ------- | ----------- | ----------- |
 | LocalizedResourcesReference | 1:n | A list of localized resource references for the content definition. |
 
-The **LocalizedResourcesReferences** element contains the following attributes:
+The **LocalizedResourcesReference** element contains the following attributes:
 
 | Attribute | Required | Description |
 | --------- | -------- | ----------- |
 | Language | Yes | A string that contains a supported language for the policy per RFC 5646 - Tags for Identifying Languages. |
 | LocalizedResourcesReferenceId | Yes | The identifier of the **LocalizedResources** element. |
 
-The following example shows a sign-up or sign-in content definition:
-
-```XML
-<ContentDefinition Id="api.signuporsignin">
-  <LoadUri>~/tenant/default/unified.cshtml</LoadUri>
-  <RecoveryUri>~/common/default_page_error.html</RecoveryUri>
-  <DataUri>urn:com:microsoft:aad:b2c:elements:unifiedssp:1.0.0</DataUri>
-  <Metadata>
-    <Item Key="DisplayName">Signin and Signup</Item>
-  </Metadata>
-</ContentDefinition>
-```
-
 The following example shows a sign-up or sign-in content definition with a reference to localization for English, French and Spanish:
 
 ```XML
@@ -150,3 +197,8 @@ The ID attribute of the **ContentDefinition** element specifies the type of page
 | **api.selfasserted.profileupdate** | [updateprofile.cshtml](https://login.microsoftonline.com/static/tenant/default/updateProfile.cshtml) | **Profile update page** - Displays a form that users can access to update their profile. This page is similar to the social account sign up page, except for the password entry fields. |
 | **api.signuporsignin** | [unified.cshtml](https://login.microsoftonline.com/static/tenant/default/unified.cshtml) | **Unified sign-up or sign-in page** - Handles the user sign-up and sign-in process. Users can use enterprise identity providers, social identity providers such as Facebook or Google+, or local accounts. |
 
+## Next steps
+
+For an example of customizing the user interface by using content definitions, see:
+
+[Customize the user interface of your application using a custom policy](custom-policy-ui-customization.md)
@@ -9,7 +9,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 03/18/2019
+ms.date: 02/12/2020
 ms.author: marsma
 ms.subservice: B2C
 ---
@@ -68,7 +68,7 @@ Custom policy/Identity Experience Framework capabilities are under constant and
 | Relying Party OAUTH1 |  |  |  | Not supported. |
 | Relying Party OAUTH2 |  |  | X |  |
 | Relying Party OIDC |  |  | X |  |
-| Relying Party SAML | X |  |  |  |
+| Relying Party SAML |  |X  |  |  |
 | Relying Party WSFED | X |  |  |  |
 | REST API with basic and certificate auth |  |  | X | For example, Azure Logic Apps. |
 
@@ -81,7 +81,7 @@ Custom policy/Identity Experience Framework capabilities are under constant and
 | Azure Email subsystem for email verification |  |  | X |  |
 | Multi-language support|  |  | X |  |
 | Predicate Validations |  |  | X | For example, password complexity. |
-| Using third party email service providers | X |  |  |  |
+| Using third party email service providers |  |X  |  |  |
 
 ### Content Definition
 
 
@@ -1,5 +1,6 @@
 ---
-title: JavaScript samples - Azure Active Directory B2C | Microsoft Docs
+title: JavaScript samples
+titleSuffix: Azure AD B2C
 description: Learn about using JavaScript in Azure Active Directory B2C.
 services: active-directory-b2c
 author: mmacy
@@ -8,7 +9,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 04/25/2019
+ms.date: 02/10/2020
 ms.author: marsma
 ms.subservice: B2C
 ---
@@ -17,7 +18,15 @@ ms.subservice: B2C
 
 [!INCLUDE [active-directory-b2c-public-preview](../../includes/active-directory-b2c-public-preview.md)]
 
-You can add your own JavaScript client-side code to your Azure Active Directory B2C (Azure AD B2C) applications. To enable JavaScript for your applications, you must add an element to your [custom policy](custom-policy-overview.md), select a [page layout](page-layout.md), and use [b2clogin.com](b2clogin.md) in your requests. This article describes how you can change your custom policy to enable script execution.
+You can add your own JavaScript client-side code to your Azure Active Directory B2C (Azure AD B2C) applications.
+
+To enable JavaScript for your applications:
+
+* Add an element to your [custom policy](custom-policy-overview.md)
+* Select a [page layout](page-layout.md)
+* Use [b2clogin.com](b2clogin.md) in your requests
+
+This article describes how you can change your custom policy to enable script execution.
 
 > [!NOTE]
 > If you want to enable JavaScript for user flows, see [JavaScript and page layout versions in Azure Active Directory B2C](user-flow-javascript-overview.md).
@@ -26,9 +35,9 @@ You can add your own JavaScript client-side code to your Azure Active Directory
 
 ### Select a page layout
 
-* [Select a page layout](page-layout.md) for the user interface elements of your application.
+* Select a [page layout](contentdefinitions.md#select-a-page-layout) for the user interface elements of your application.
 
-    If you intend to use JavaScript, you need to [define a page layout version](page-layout.md#replace-datauri-values) for *all* of the content definitions in your custom policy.
+    If you intend to use JavaScript, you need to [define a page layout version](contentdefinitions.md#migrating-to-page-layout) with page `contract` version for *all* of the content definitions in your custom policy.
 
 ## Add the ScriptExecution element
 
@@ -48,25 +57,7 @@ You enable script execution by adding the **ScriptExecution** element to the [Re
     ```
 3. Save and upload the file.
 
-## Guidelines for using JavaScript
-
-Follow these guidelines when you customize the interface of your application using JavaScript:
-
-- Don't bind a click event on `<a>` HTML elements.
-- Don’t take a dependency on Azure AD B2C code or comments.
-- Don't change the order or hierarchy of Azure AD B2C HTML elements. Use an Azure AD B2C policy to control the order of the UI elements.
-- You can call any RESTful service with these considerations:
-    - You may need to set your RESTful service CORS to allow client-side HTTP calls.
-    - Make sure your RESTful service is secure and uses only the HTTPS protocol.
-    - Don't use JavaScript directly to call Azure AD B2C endpoints.
-- You can embed your JavaScript or you can link to external JavaScript files. When using an external JavaScript file, make sure to use the absolute URL and not a relative URL.
-- JavaScript frameworks:
-    - Azure AD B2C uses a specific version of jQuery. Don’t include another version of jQuery. Using more than one version on the same page causes issues.
-    - Using RequireJS isn't supported.
-    - Most JavaScript frameworks are not supported by Azure AD B2C.
-- Azure AD B2C settings can be read by calling `window.SETTINGS`, `window.CONTENT` objects, such as the current UI language. Don’t change the value of these objects.
-- To customize the Azure AD B2C error message, use localization in a policy.
-- If anything can be achieved by using a policy, generally it's the recommended way.
+[!INCLUDE [active-directory-b2c-javascript-guidelines](../../includes/active-directory-b2c-javascript-guidelines.md)]
 
 ## JavaScript samples
 
 
@@ -22,7 +22,7 @@ You might need to migrate an existing user store to a B2C tenant. You may want t
 For B2C tenants, there are two primary modes of communicating with the Graph API:
 
 * For **interactive**, run-once tasks, you should act as an administrator account in the B2C tenant when you perform the tasks. This mode requires an administrator to sign in with credentials before that admin can perform any calls to the Graph API.
-* For **automated**, continuous tasks, you should use some type of service account that you provide with the necessary privileges to perform management tasks. In Azure AD, you can do this by registering an application and authenticating to Azure AD. This is done by using an *Application ID* that uses the [OAuth 2.0 client credentials grant](../active-directory/develop/service-to-service.md). In this case, the application acts as itself, not as a user, to call the Graph API.
+* For **automated**, continuous tasks, you should use some type of service account that you provide with the necessary privileges to perform management tasks. In Azure AD, you can do this by registering an application and authenticating to Azure AD. This is done by using an *Application ID* that uses the [OAuth 2.0 client credentials grant](../active-directory/develop/v2-oauth2-client-creds-grant-flow.md). In this case, the application acts as itself, not as a user, to call the Graph API.
 
 In this article, you learn how to perform the automated use case. You'll build a .NET 4.5 `B2CGraphClient` that performs user create, read, update, and delete (CRUD) operations. The client will have a Windows command-line interface (CLI) that allows you to invoke various methods. However, the code is written to behave in a non-interactive, automated fashion.
 
@@ -69,7 +69,7 @@ Your Azure AD B2C application now has the additional permissions required to del
 
 ## Get the sample code
 
-The code sample is a .NET console application that uses the [Active Directory Authentication Library (ADAL)](../active-directory/develop/active-directory-authentication-libraries.md) to interact with Azure AD Graph API. Its code demonstrates how to call the API to programmatically manage users in an Azure AD B2C tenant.
+The code sample is a .NET console application that uses the [Active Directory Authentication Library (ADAL)](../active-directory/azuread-dev/active-directory-authentication-libraries.md) to interact with Azure AD Graph API. Its code demonstrates how to call the API to programmatically manage users in an Azure AD B2C tenant.
 
 You can [download the sample archive](https://github.com/AzureADQuickStarts/B2C-GraphAPI-DotNet/archive/master.zip) (\*.zip) or clone the GitHub repository: