Merge branch 'master' into patch-2

Author: shibayan

.openpublishing.publish.config.json

@@ -231,6 +231,12 @@
       "branch": "main",
       "branch_mapping": {}
     },
+    {
+      "path_to_root": "functions-openapi-turbine-repair",
+      "url": "https://github.com/Azure-Samples/functions-openapi-turbine-repair",
+      "branch": "main",
+      "branch_mapping": {}
+    },
     {
       "path_to_root": "azure-functions-templates-v3",
       "url": "https://github.com/Azure/azure-functions-templates",
@@ -248,7 +254,13 @@
       "url": "https://github.com/Azure-Samples/azure-search-dotnet-samples",
       "branch": "master",
       "branch_mapping": {}
-    },    
+    },
+    {
+      "path_to_root": "azure-search-python-samples",
+      "url": "https://github.com/Azure-Samples/azure-search-python-samples",
+      "branch": "master",
+      "branch_mapping": {}
+    },     
     {
       "path_to_root": "samples-personalizer",
       "url": "https://github.com/Azure-Samples/cognitive-services-personalizer-samples",
@@ -330,7 +342,7 @@
     {
       "path_to_root": "media-services-v3-dotnet-tutorials",
       "url": "https://github.com/Azure-Samples/media-services-v3-dotnet-tutorials",
-      "branch": "master",
+      "branch": "main",
       "branch_mapping": {}
     },
     {
@@ -755,4 +767,4 @@
     ".openpublishing.redirection.security-benchmark.json",
     ".openpublishing.redirection.media-services.json"
   ]
-}
+}

.openpublishing.redirection.json

@@ -614,6 +614,11 @@
             "source_path_from_root": "/articles/media-services/latest/encode-custom-preset-rest-how-to.md",
             "redirect_url": "transform-custom-preset-rest-how-to",
             "redirect_document_id": false
-        }
+        },
+        {
+          "source_path_from_root": "/articles/azure/media-services/video-indexer/index.yml",
+          "redirect_url": "/azure/azure-video-analyzer/video-analyzer-for-media-docs",
+          "redirect_document_id": false
+        }       
     ]
 }

.openpublishing.redirection.media-services.json

@@ -0,0 +1,23 @@
+{
+    "$schema": "https://whatsnewapi.azurewebsites.net/schema",
+    "docSetProductName": "Azure Defender for IoT",
+    "rootDirectory": "articles/defender-for-iot/",
+    "docLinkSettings": {
+        "linkFormat": "relative",
+        "relativeLinkPrefix": "/azure/defender-for-iot/"
+    },
+    "inclusionCriteria": {
+        "excludePullRequestTitles": true,
+        "minAdditionsToFile" : 20
+        "maxFilesChanged": 50,
+        "labels": [
+            "label:defender-for-iot/svc"
+        ]
+    },
+    "areas": [
+        {
+            "name": ".",
+            "heading": "Azure Defender for IoT"
+        },
+    ]
+}

.whatsnew/.defender-for-iot.json

@@ -0,0 +1,23 @@
+{
+    "$schema": "https://whatsnewapi.azurewebsites.net/schema",
+    "docSetProductName": "Azure Security Center",
+    "rootDirectory": "articles/security-center/",
+    "docLinkSettings": {
+        "linkFormat": "relative",
+        "relativeLinkPrefix": "/azure/security-center/"
+    },
+    "inclusionCriteria": {
+        "excludePullRequestTitles": true,
+        "minAdditionsToFile" : 20
+        "maxFilesChanged": 50,
+        "labels": [
+            "label:security-center/svc"
+        ]
+    },
+    "areas": [
+        {
+            "name": ".",
+            "heading": "Azure Security Center"
+        },
+    ]
+}

.whatsnew/.security-center.json

@@ -0,0 +1,23 @@
+{
+    "$schema": "https://whatsnewapi.azurewebsites.net/schema",
+    "docSetProductName": "Azure Sentinel",
+    "rootDirectory": "articles/sentinel/",
+    "docLinkSettings": {
+        "linkFormat": "relative",
+        "relativeLinkPrefix": "/azure/sentinel/"
+    },
+    "inclusionCriteria": {
+        "excludePullRequestTitles": true,
+        "minAdditionsToFile" : 20
+        "maxFilesChanged": 50,
+        "labels": [
+            "label:azure-sentinel/svc"
+        ]
+    },
+    "areas": [
+        {
+            "name": ".",
+            "heading": "Azure Sentinel"
+        },
+    ]
+}

.whatsnew/.sentinel.json

@@ -24,9 +24,9 @@
     href: tutorial-create-tenant.md
   - name: 2 - Register an application
     href: tutorial-register-applications.md
-  - name: 3 - Create user flows
+  - name: 3 - Create user flows and custom policies
     href: tutorial-create-user-flows.md
-  - name: 4 - Authenticate users
+  - name: Authenticate users
     items:
     - name: ASP.NET
       href: tutorial-web-app-dotnet.md
@@ -37,15 +37,15 @@
     - name: Python
       href: tutorial-web-app-python.md
       displayName: flask
-  - name: 5 - Grant API access
+  - name: Grant API access
     items:
     - name: ASP.NET
       href: tutorial-web-api-dotnet.md
     - name: Desktop
       href: tutorial-desktop-app-webapi.md
     - name: Single page
       href: tutorial-single-page-app-webapi.md
-  - name: 6 - Clean up and delete tenant
+  - name: Clean up and delete tenant
     href: tutorial-delete-tenant.md
 - name: Samples
   href: code-samples.md
@@ -105,8 +105,14 @@
     href: tenant-management.md
   - name: App integration
     items:
-    - name: Register a web application
-      href: tutorial-register-applications.md
+    - name: ASP.NET Core web app
+      items:
+      - name: Configure a sample web app
+        href: configure-authentication-sample-web-app.md
+      - name: Enable authentication in your app
+        href: enable-authentication-web-application.md
+      - name: Authentication options
+        href: enable-authentication-web-application-options.md
     - name: Register a single-page application (SPA)
       href: tutorial-register-spa.md
     - name: SAML application
@@ -158,7 +164,7 @@
     items:
     - name: Local account identity provider
       href: identity-provider-local.md
-      displayName: Username, Email, Phone authorization, Phone sing-in
+      displayName: Username, Email, Phone authorization, Phone sign-in
     - name: Add an identity provider
       href: add-identity-provider.md
     - name: AD FS
@@ -475,14 +481,16 @@
           href: id-token-hint.md
         - name: JWT token issuer
           href: jwt-issuer-technical-profile.md
-        - name: OAuth1
+        - name: OAuth1 identity provider
           href: oauth1-technical-profile.md
-        - name: OAuth2
+        - name: OAuth2 identity provider
           href: oauth2-technical-profile.md
+        - name: OAuth2 custom error
+          href: oauth2-error-technical-profile.md
         - name: One-time password
           href: one-time-password-technical-profile.md
           displayName: otp
-        - name: OpenID Connect
+        - name: OpenID Connect identity provider
           href: openid-connect-technical-profile.md
         - name: Phone factor
           href: phone-factor-technical-profile.md
@@ -551,7 +559,7 @@
   - name: Azure Roadmap
     href: https://azure.microsoft.com/roadmap/?category=security-identity
   - name: Frequently asked questions
-    href: faq.md
+    href: /azure/active-directory-b2c/faq
   - name: Getting help
     href: ../active-directory/develop/developer-support-help-options.md
   - name: Pricing

articles/active-directory-b2c/TOC.yml

@@ -8,7 +8,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 10/26/2020
+ms.date: 05/26/2021
 ms.custom: project-no-code
 ms.author: mimart
 ms.subservice: B2C
@@ -21,7 +21,7 @@ An *access token* contains claims that you can use in Azure Active Directory B2C
 This article shows you how to request an access token for a web application and web API. For more information about tokens in Azure AD B2C, see the [overview of tokens in Azure Active Directory B2C](tokens-overview.md).
 
 > [!NOTE]
-> **Web API chains (On-Behalf-Of) is not supported by Azure AD B2C.** - Many architectures include a web API that needs to call another downstream web API, both secured by Azure AD B2C. This scenario is common in clients that have a web API back end, which in turn calls a another service. This chained web API scenario can be supported by using the OAuth 2.0 JWT Bearer Credential grant, otherwise known as the On-Behalf-Of flow. However, the On-Behalf-Of flow is not currently implemented in Azure AD B2C.
+> **Web API chains (On-Behalf-Of) is not supported by Azure AD B2C.** - Many architectures include a web API that needs to call another downstream web API, both secured by Azure AD B2C. This scenario is common in clients that have a web API back end, which in turn calls a another service. This chained web API scenario can be supported by using the OAuth 2.0 JWT Bearer Credential grant, otherwise known as the On-Behalf-Of flow. However, the On-Behalf-Of flow is not currently implemented in Azure AD B2C. Although On-Behalf-Of works for applications registered in Azure AD, it does not work for applications registered in Azure AD B2C, regardless of the tenant (Azure AD or Azure AD B2C) that is issuing the tokens.
 
 ## Prerequisites
 

articles/active-directory-b2c/access-tokens.md

@@ -9,7 +9,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: how-to
-ms.date: 05/11/2021
+ms.date: 05/24/2021
 ms.custom: project-no-code
 ms.author: mimart
 ms.subservice: B2C
@@ -24,8 +24,13 @@ zone_pivot_groups: b2c-policy-type
 
 The [sign-up and sign-in journey](add-sign-up-and-sign-in-policy.md) allows users to reset their own password using the **Forgot your password?** link. The password reset flow involves the following steps:
 
-1. From the sign-up and sign-in page, the user clicks the **Forgot your password?** link. Azure AD B2C initiates the password reset flow. 
-2. The user provides and verifies their email address with a Timed One Time Passcode.
+1. From the sign-up and sign-in page, the user clicks the **Forgot your password?** link. Azure AD B2C initiates the password reset flow.
+2. The user provides their email address and selects **Send verification code**. Azure AD B2C will then send the user a verification code.
+
+* The user needs to open the mail box and copy the verification code. The user then enters the verification code in Azure AD B2C password reset page, and selects **Verify code**.
+
+> [!NOTE]
+> After the email is verified, the user can still select **Change e-mail**, type the other email, and repeat the email verification from the beginning.
 3. The user can then enter a new password.
 
 ![Password reset flow](./media/add-password-reset-policy/password-reset-flow.png)

articles/active-directory-b2c/add-password-reset-policy.md

@@ -8,7 +8,7 @@ manager: celestedg
 ms.service: active-directory
 ms.topic: reference
 ms.workload: identity
-ms.date: 02/01/2021
+ms.date: 05/24/2021
 ms.author: mimart
 ms.subservice: B2C
 ms.custom: fasttrack-edit
@@ -38,7 +38,8 @@ To take advantage of MAU billing, your Azure AD B2C tenant must be linked to an
 MAU billing went into effect for Azure AD B2C tenants on **November 1, 2019**. Any Azure AD B2C tenants that you created and linked to a subscription on or after that date have been billed on a per-MAU basis. If you have an Azure AD B2C tenant that hasn't been linked to a subscription, you'll need to do so now. If you have an existing Azure AD B2C tenant that was linked to a subscription before November 1, 2019, we recommend you upgrade to the monthly active users (MAU) billing model, or you can stay on the per-authentication billing model.
 
 Your Azure AD B2C tenant must also be linked to the appropriate Azure pricing tier based on the features you want to use. Premium features require Azure AD B2C [Premium P1 or P2 pricing](https://azure.microsoft.com/pricing/details/active-directory-b2c/). You might need to upgrade your pricing tier as you use new features. For example, Conditional Access, you’ll need to select the Azure AD B2C Premium P2 pricing tier for your tenant.
-
+> [!NOTE]
+>  Your first 50,000 MAUs per month are free for both Premium P1 and Premium P2 features. To determine the total number of MAUs, we combine MAUs from all your tenants (both Azure AD and Azure AD B2C) that are linked to the same subscription.
 ## Link an Azure AD B2C tenant to a subscription
 
 Usage charges for Azure Active Directory B2C (Azure AD B2C) are billed to an Azure subscription. You need to explicitly link an Azure AD B2C tenant to an Azure subscription by creating an Azure AD B2C *resource* within the target Azure subscription. Several Azure AD B2C resources can be created in a single Azure subscription, along with other Azure resources like virtual machines, Storage accounts, and Logic Apps. You can see all of the resources within a subscription by going to the Azure Active Directory (Azure AD) tenant that the subscription is associated with.