Merge pull request #223268 from MicrosoftDocs/main

Publish to live, Sunday 4 AM PST, 1/8

Author: ttorble

.openpublishing.redirection.json

@@ -27844,6 +27844,11 @@
             "redirect_url": "/azure/virtual-machines/workloads/sap/deployment-checklist",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/virtual-machines/workloads/sap/sap-get-started-classic.md",
+            "redirect_url": "/azure/virtual-machines/workloads/sap/get-started",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/migrate/how-to-scale-assessment.md",
             "redirect_url": "scale-hyper-v-assessment",

articles/active-directory/authentication/concept-certificate-based-authentication-certificateuserids.md

@@ -19,7 +19,7 @@ ms.custom: has-adal-ref
 
 # Certificate user IDs 
 
-Azure AD has a multivalued attribute named **certificateUserIds** on the user object that can be used in Username bindings. The attribute allows up to four values, and each value can be of 120-character length. It can store any value, and doesn't require email ID format. It can store non-routable User Principal Names (UPNs) like _bob@woodgrove_ or _bob@local_.
+Users in Azure AD can have a multivalued attribute named **certificateUserIds**. The attribute allows up to four values, and each value can be of 120-character length. It can store any value, and doesn't require email ID format. It can store non-routable User Principal Names (UPNs) like _bob@woodgrove_ or _bob@local_.
 
 ## Supported patterns for certificate user IDs
 

articles/active-directory/azuread-dev/index.yml

@@ -4,11 +4,11 @@ title: Azure Active Directory for developers
 summary: |
   Azure Active Directory (Azure AD) is a cloud identity service that allows developers to build apps that sign in users with a Microsoft work or school account. Azure AD supports building single-tenant line-of-business (LOB) apps as well as multi-tenant apps.
 
-  IMPORTANT: This content is for the older Azure AD v1.0 endpoint, use the Microsoft identity platform for new projects.
+  IMPORTANT: This content is for the older Azure AD v1.0 endpoint, use the Microsoft identity platform (https://aka.ms/identityplatform) for new projects.
 
 metadata:
    ms.topic: landing-page
-   ms.date: 01/27/2020
+   ms.date: 01/06/2023
    author: CelesteDG
    ms.author: celested
    ms.service: active-directory

articles/active-directory/develop/TOC.yml

@@ -814,8 +814,10 @@
           href: reply-url.md
         - name: Validation differences by supported account types
           href: supported-accounts-validation.md
-        - name: Configured permissions limits troubleshooting
-          href: troubleshoot-required-resource-access-limits.md
+    - name: Claims mapping policy type
+      href: reference-claims-mapping-policy-type.md
+    - name: Configured permissions limits troubleshooting
+      href: troubleshoot-required-resource-access-limits.md
     - name: Microsoft auth libraries by app type
       displayName: MSAL, auth client library, SDK, token validation
       href: reference-v2-libraries.md

articles/active-directory/develop/access-tokens.md

@@ -9,9 +9,8 @@ ms.service: active-directory
 ms.subservice: develop
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 7/20/2022
+ms.date: 12/28/2022
 ms.author: davidmu
-ms.reviewer: marsma
 ms.custom: aaddev, identityplatformtop40, fasttrack-edit
 ---
 
@@ -319,7 +318,7 @@ A *non-password-based* login is one where the user didn't type in a password to
 - Voice
 - PIN
 
-Check out [Primary Refresh Tokens](../devices/concept-primary-refresh-token.md) for more details on primary refresh tokens.
+For more information, see [Primary Refresh Tokens](../devices/concept-primary-refresh-token.md).
 
 ## Next steps
 

articles/active-directory/develop/active-directory-claims-mapping.md

@@ -8,7 +8,7 @@ ms.subservice: develop
 ms.custom: aaddev, ignite-2022, engagement-fy23
 ms.workload: identity
 ms.topic: how-to
-ms.date: 10/21/2022
+ms.date: 01/06/2023
 ms.author: davidmu
 ms.reviewer: ludwignick
 ---
@@ -31,7 +31,7 @@ In this article, we walk through a few common scenarios that can help you unders
 
 In the following examples, you create, update, link, and delete policies for service principals. Claims-mapping policies can only be assigned to service principal objects. If you're new to Azure Active Directory (Azure AD), we recommend that you [learn about how to get an Azure AD tenant](quickstart-create-new-tenant.md) before you proceed with these examples.
 
-When creating a claims-mapping policy, you can also emit a claim from a directory extension attribute in tokens. Use _ExtensionID_ for the extension attribute instead of _ID_ in the `ClaimsSchema` element. For more info on extension attributes, see [Using directory extension attributes](active-directory-schema-extensions.md).
+When creating a claims-mapping policy, you can also emit a claim from a directory extension attribute in tokens. Use _ExtensionID_ for the extension attribute instead of _ID_ in the `ClaimsSchema` element. For more information about using extension attributes, see [Using directory extension attributes](active-directory-schema-extensions.md).
 
 The [Azure AD PowerShell Module public preview release](https://www.powershellgallery.com/packages/AzureADPreview) is required to configure claims-mapping policies. The PowerShell module is in preview, while the claims mapping and token creation runtime in Azure is generally available. Updates to the preview PowerShell module could require you to update or change your configuration scripts.
 

articles/active-directory/develop/active-directory-optional-claims.md

@@ -3,15 +3,14 @@ title: Provide optional claims to Azure AD apps
 description: How to add custom or additional claims to the SAML 2.0 and JSON Web Tokens (JWT) tokens issued by Microsoft identity platform.
 author: davidmu1
 manager: CelesteDG
-
 ms.service: active-directory
 ms.subservice: develop
 ms.topic: how-to
 ms.workload: identity
-ms.date: 04/04/2022
+ms.date: 12/28/2022
 ms.author: davidmu
-ms.reviewer: paulgarn, ludwignick
 ms.custom: aaddev
+ms.reviewer: ludwignick
 ---
 
 # Provide optional claims to your app
@@ -366,7 +365,7 @@ This section covers the configuration options under optional claims for changing
         ]
     }
     ```
-3) Emit group names in the format of samAccountName for on-prem synced groups and display name for cloud groups in SAML and OIDC ID Tokens for the groups assigned to the application:
+3) Emit group names in the format of samAccountName for on-premises synced groups and display name for cloud groups in SAML and OIDC ID Tokens for the groups assigned to the application:
 
     **Application manifest entry:**
 

articles/active-directory/develop/active-directory-schema-extensions.md

@@ -9,9 +9,9 @@ ms.subservice: develop
 ms.custom: aaddev
 ms.workload: identity
 ms.topic: how-to
-ms.date: 07/29/2020
+ms.date: 01/06/2023
 ms.author: davidmu
-ms.reviewer: paulgarn, ludwignick, jeedes, luleon
+ms.reviewer: ludwignick, luleon
 ---
 # Using directory extension attributes in claims
 

articles/active-directory/develop/authorization-basics.md

@@ -4,16 +4,14 @@ description: Learn about the basics of authorization in the Microsoft identity p
 services: active-directory
 author: davidmu1
 manager: CelesteDG
- 
 ms.service: active-directory
 ms.subservice: develop
 ms.topic: conceptual
 ms.workload: identity 
-ms.date: 06/16/2022
+ms.date: 01/06/2023
 ms.custom: template-concept
 ms.author: davidmu
-ms.reviewer: johngarland, mamarxen, ianbe, marsma
-
+ms.reviewer: johngarland, mamarxen, ianbe
 #Customer intent: As an application developer, I want to understand the basic concepts of authorization in the Microsoft identity platform.
 ---
 

articles/active-directory/develop/custom-rbac-for-developers.md

@@ -4,21 +4,20 @@ description: Learn about what custom RBAC is and why it's important to implement
 services: active-directory
 author: davidmu1
 manager: CelesteDG
- 
 ms.service: active-directory
 ms.subservice: develop
 ms.topic: conceptual
 ms.workload: identity 
-ms.date: 08/19/2022
+ms.date: 01/06/2023
 ms.custom: template-concept, ignite-2022
 ms.author: davidmu
-ms.reviewer: john.garland, maggie.marxen, ian.bennett, marsma
+ms.reviewer: john.garland, maggie.marxen, ian.bennett
 #Customer intent: As a developer, I want to learn about custom RBAC and why I need to use it in my application.
 ---
 
 # Role-based access control for application developers
 
-Role-based access control (RBAC) allows certain users or groups to have specific permissions to access and manage resources. Application RBAC differs from [Azure role-based access control](../../role-based-access-control/overview.md) and [Azure AD role-based access control](../roles/custom-overview.md#understand-azure-ad-role-based-access-control). Azure custom roles and built-in roles are both part of Azure RBAC, which is used to help manage Azure resources. Azure AD RBAC is used to manage Azure AD resources. This article explains application-specific RBAC.
+Role-based access control (RBAC) allows certain users or groups to have specific permissions to access and manage resources. Application RBAC differs from [Azure role-based access control](../../role-based-access-control/overview.md) and [Azure AD role-based access control](../roles/custom-overview.md#understand-azure-ad-role-based-access-control). Azure custom roles and built-in roles are both part of Azure RBAC, which is used to help manage Azure resources. Azure AD RBAC is used to manage Azure AD resources. This article explains application-specific RBAC. For information about implementing application-specific RBAC, see [How to add app roles to your application and receive them in the token](./howto-add-app-roles-in-azure-ad-apps.md).
 
 ## Roles definitions
 
@@ -80,5 +79,4 @@ Although either app roles or groups can be used for authorization, key differenc
 
 ## Next steps
 
-- [How to add app roles to your application and receive them in the token](./howto-add-app-roles-in-azure-ad-apps.md)
 - [Azure Identity Management and access control security best practices](../../security/fundamentals/identity-management-best-practices.md)