Merge branch 'master' of https://github.com/MicrosoftDocs/azure-docs-pr into naman-edit2

Author: Namandeep-MSFT

articles/active-directory/saas-apps/media/moveittransfer-tutorial/azure.png

@@ -1,5 +1,5 @@
 ---
-title: 'Tutorial: Azure Active Directory integration with MOVEit Transfer - Azure AD integration | Microsoft Docs'
+title: 'Tutorial: Azure AD SSO integration with MOVEit Transfer - Azure AD integration'
 description: Learn how to configure single sign-on between Azure Active Directory and MOVEit Transfer - Azure AD integration.
 services: active-directory
 author: jeevansd
@@ -9,10 +9,10 @@ ms.service: active-directory
 ms.subservice: saas-app-tutorial
 ms.workload: identity
 ms.topic: tutorial
-ms.date: 01/27/2021
+ms.date: 01/19/2022
 ms.author: jeedes
 ---
-# Tutorial: Azure Active Directory integration with MOVEit Transfer - Azure AD integration
+# Tutorial: Azure AD SSO integration with MOVEit Transfer - Azure AD integration
 
 In this tutorial, you'll learn how to integrate MOVEit Transfer - Azure AD integration with Azure Active Directory (Azure AD). When you integrate MOVEit Transfer - Azure AD integration with Azure AD, you can:
 
@@ -31,7 +31,7 @@ To get started, you need the following items:
 
 In this tutorial, you configure and test Azure AD single sign-on in a test environment.
 
-* MOVEit Transfer - Azure AD integration supports **SP** initiated SSO
+* MOVEit Transfer - Azure AD integration supports **SP** initiated SSO.
 
 ## Add MOVEit Transfer - Azure AD integration from the gallery
 
@@ -57,7 +57,7 @@ To configure and test Azure AD SSO with MOVEit Transfer - Azure AD integration,
     1. **[Create MOVEit Transfer - Azure AD integration test user](#create-moveit-transfer---azure-ad-integration-test-user)** - to have a counterpart of B.Simon in MOVEit Transfer - Azure AD integration that is linked to the Azure AD representation of user.
 1. **[Test SSO](#test-sso)** - to verify whether the configuration works.
 
-### Configure Azure AD SSO
+## Configure Azure AD SSO
 
 Follow these steps to enable Azure AD SSO in the Azure portal.
 
@@ -77,11 +77,9 @@ Follow these steps to enable Azure AD SSO in the Azure portal.
 
 	![choose metadata file](common/browse-upload-metadata.png)
 
-	c. After the metadata file is successfully uploaded, the **Identifier** and **Reply URL** value gets auto populated in **Basic SAML Configuration** section:
+	c. After the metadata file is successfully uploaded, the **Identifier** and **Reply URL** value gets auto populated in **Basic SAML Configuration** section.
 
-    ![MOVEit Transfer - Azure AD integration Domain and URLs single sign-on information](common/sp-identifier-reply.png)
-
-    In the **Sign-on URL** text box, type the URL:
+    d. In the **Sign-on URL** text box, type the URL:
     `https://contoso.com`
 
 	> [!NOTE]
@@ -119,42 +117,43 @@ In this section, you'll enable B.Simon to use Azure single sign-on by granting a
 1. If you are expecting a role to be assigned to the users, you can select it from the **Select a role** dropdown. If no role has been set up for this app, you see "Default Access" role selected.
 1. In the **Add Assignment** dialog, click the **Assign** button.
 
-### Configure MOVEit Transfer - Azure AD integration SSO
+## Configure MOVEit Transfer - Azure AD integration SSO
 
 1. Sign on to your MOVEit Transfer tenant as an administrator.
 
 2. On the left navigation pane, click **Settings**.
 
-	![Settings Section On App side](./media/moveittransfer-tutorial/settings.png)
+	![Settings Section On App side.](./media/moveittransfer-tutorial/settings.png)
 
 3. Click **Single Signon** link, which is under **Security Policies -> User Auth**.
 
-	![Security Policies On App side](./media/moveittransfer-tutorial/sso.png)
+	![Security Policies On App side.](./media/moveittransfer-tutorial/security.png)
 
 4. Click the Metadata URL link to download the metadata document.
 
-	![Service Provider Metadata URL](./media/moveittransfer-tutorial/metadata.png)
+	![Service Provider Metadata URL.](./media/moveittransfer-tutorial/metadata.png)
 
-   * Verify **entityID** matches **Identifier** in the **Basic SAML Configuration** section .
-   * Verify **AssertionConsumerService** Location URL matches **REPLY URL**  in the **Basic SAML Configuration** section.
+   a. Verify **entityID** matches **Identifier** in the **Basic SAML Configuration** section .
+
+   b. Verify **AssertionConsumerService** Location URL matches **REPLY URL**  in the **Basic SAML Configuration** section.
 
-     ![Configure Single Sign-On On App side](./media/moveittransfer-tutorial/xml.png)
+     :::image type="content" source="./media/moveittransfer-tutorial/file.png" alt-text="Screenshot of Configure Single Sign-On On App side." lightbox="./media/moveittransfer-tutorial/file.png":::
 
 5. Click **Add Identity Provider** button to add a new Federated Identity Provider.
 
-	![Add Identity Provider](./media/moveittransfer-tutorial/idp.png)
+	![Add Identity Provider.](./media/moveittransfer-tutorial/provider.png)
 
 6. Click **Browse...** to select the metadata file which you downloaded from Azure portal, then click **Add Identity Provider** to upload the downloaded file.
 
-	![SAML Identity Provider](./media/moveittransfer-tutorial/saml.png)
+	![SAML Identity Provider.](./media/moveittransfer-tutorial/azure.png)
 
 7. Select "**Yes**" as **Enabled** in the **Edit Federated Identity Provider Settings...** page and click **Save**.
 
-	![Federated Identity Provider Settings](./media/moveittransfer-tutorial/save.png)
+	![Federated Identity Provider Settings.](./media/moveittransfer-tutorial/save.png)
 
 8. In the **Edit Federated Identity Provider User Settings** page, perform the following actions:
 
-	![Edit Federated Identity Provider Settings](./media/moveittransfer-tutorial/attributes.png)
+	![Edit Federated Identity Provider Settings.](./media/moveittransfer-tutorial/attributes.png)
 
 	a. Select **SAML NameID** as **Login name**.
 
@@ -173,7 +172,7 @@ The objective of this section is to create a user called Britta Simon in MOVEit
 >[!NOTE]
 >If you need to create a user manually, you need to contact the [MOVEit Transfer - Azure AD integration Client support team](https://community.ipswitch.com/s/support).
 
-### Test SSO 
+## Test SSO 
 
 In this section, you test your Azure AD single sign-on configuration with following options. 
 
@@ -185,4 +184,4 @@ In this section, you test your Azure AD single sign-on configuration with follow
 
 ## Next steps
 
-Once you configure MOVEit Transfer - Azure AD integration you can enforce session control, which protects exfiltration and infiltration of your organization’s sensitive data in real time. Session control extends from Conditional Access. [Learn how to enforce session control with Microsoft Defender for Cloud Apps](/cloud-app-security/proxy-deployment-any-app).
+Once you configure MOVEit Transfer - Azure AD integration you can enforce session control, which protects exfiltration and infiltration of your organization’s sensitive data in real time. Session control extends from Conditional Access. [Learn how to enforce session control with Microsoft Defender for Cloud Apps](/cloud-app-security/proxy-deployment-any-app).

articles/active-directory/saas-apps/media/moveittransfer-tutorial/file.png

@@ -1,5 +1,5 @@
 ---
-title: 'Tutorial: Azure Active Directory single sign-on (SSO) integration with NAVEX One | Microsoft Docs'
+title: 'Tutorial: Azure AD SSO integration with NAVEX One'
 description: Learn how to configure single sign-on between Azure Active Directory and NAVEX One.
 services: active-directory
 author: jeevansd
@@ -9,12 +9,12 @@ ms.service: active-directory
 ms.subservice: saas-app-tutorial
 ms.workload: identity
 ms.topic: tutorial
-ms.date: 01/28/2021
+ms.date: 01/19/2022
 ms.author: jeedes
 
 ---
 
-# Tutorial: Azure Active Directory single sign-on (SSO) integration with NAVEX One
+# Tutorial: Azure AD SSO integration with NAVEX One
 
 In this tutorial, you'll learn how to integrate NAVEX One with Azure Active Directory (Azure AD). When you integrate NAVEX One with Azure AD, you can:
 
@@ -33,9 +33,12 @@ To get started, you need the following items:
 
 In this tutorial, you configure and test Azure AD SSO in a test environment.
 
-* NAVEX One supports **SP** initiated SSO
+* NAVEX One supports **SP** initiated SSO.
 
-## Adding NAVEX One from the gallery
+> [!NOTE]
+> Identifier of this application is a fixed string value so only one instance can be configured in one tenant.
+
+## Add NAVEX One from the gallery
 
 To configure the integration of NAVEX One into Azure AD, you need to add NAVEX One from the gallery to your list of managed SaaS apps.
 
@@ -46,7 +49,6 @@ To configure the integration of NAVEX One into Azure AD, you need to add NAVEX O
 1. In the **Add from the gallery** section, type **NAVEX One** in the search box.
 1. Select **NAVEX One** from results panel and then add the app. Wait a few seconds while the app is added to your tenant.
 
-
 ## Configure and test Azure AD SSO for NAVEX One
 
 Configure and test Azure AD SSO with NAVEX One using a test user called **B.Simon**. For SSO to work, you need to establish a link relationship between an Azure AD user and the related user in NAVEX One.
@@ -70,38 +72,39 @@ Follow these steps to enable Azure AD SSO in the Azure portal.
 
    ![Edit Basic SAML Configuration](common/edit-urls.png)
 
-1. On the **Basic SAML Configuration** section, enter the values for the following fields:
-
-    a. In the **Sign-on URL** text box, type a URL using one of the following patterns:
-
-    | Sign-on URL |
-    |--------------|
-    | `https://<CLIENT_KEY>.navexglobal.com` |
-    | `https://<CLIENT_KEY>.navexglobal.eu` |
-    |
+1. On the **Basic SAML Configuration** section, perform the following steps:
 
-    b. In the **Identifier** text box, type one of the following URLs:
+    a. In the **Identifier** text box, type one of the following URLs:
 
     | Identifier |
     |--------------|
     | `https://doorman.navexglobal.com/Shibboleth` |
     | `https://doorman.navexglobal.eu/Shibboleth` |
     |
 
-    c. In the **Reply URL** text box, type one of the following URLs:
+    b. In the **Reply URL** text box, type one of the following URLs:
 
     | Reply URL |
     |--------------|
     | `https://doorman.navexglobal.com/Shibboleth.sso/SAML2/POST` |
     | `https://doorman.navexglobal.eu/Shibboleth.sso/SAML2/POST` |
     |
 
+    c. In the **Sign-on URL** text box, type a URL using one of the following patterns:
+
+    | Sign-on URL |
+    |--------------|
+    | `https://<CLIENT_KEY>.navexglobal.com` |
+    | `https://<CLIENT_KEY>.navexglobal.eu` |
+    |
+
     > [!NOTE]
 	> The Sign-on URL value is not real. Update the value with the actual Sign-on URL. Contact [NAVEX One Client support team](mailto:[email protected]) to get the value. You can also refer to the patterns shown in the **Basic SAML Configuration** section in the Azure portal.
 
 1. On the **Set up single sign-on with SAML** page, In the **SAML Signing Certificate** section, click copy button to copy **App Federation Metadata Url** and save it on your computer.
 
 	![The Certificate download link](common/copy-metadataurl.png)
+
 ### Create an Azure AD test user
 
 In this section, you'll create a test user in the Azure portal called B.Simon.
@@ -146,4 +149,4 @@ In this section, you test your Azure AD single sign-on configuration with follow
 
 ## Next steps
 
-Once you configure NAVEX One you can enforce session control, which protects exfiltration and infiltration of your organization’s sensitive data in real time. Session control extends from Conditional Access. [Learn how to enforce session control with Microsoft Defender for Cloud Apps](/cloud-app-security/proxy-deployment-any-app).
+Once you configure NAVEX One you can enforce session control, which protects exfiltration and infiltration of your organization’s sensitive data in real time. Session control extends from Conditional Access. [Learn how to enforce session control with Microsoft Defender for Cloud Apps](/cloud-app-security/proxy-deployment-any-app).