MicrosoftDocs
diff --git a/‎.acrolinx-config.edn
Lines changed: 1 addition & 28 deletions b/‎.acrolinx-config.edn
Lines changed: 1 addition & 28 deletions
diff --git a/‎.openpublishing.publish.config.json
Lines changed: 30 additions & 0 deletions b/‎.openpublishing.publish.config.json
Lines changed: 30 additions & 0 deletions
diff --git a/‎.openpublishing.redirection.json
Lines changed: 70 additions & 9 deletions b/‎.openpublishing.redirection.json
Lines changed: 70 additions & 9 deletions
diff --git a/‎articles/active-directory-b2c/active-directory-b2c-configure-signup-self-asserted-custom.md
Lines changed: 5 additions & 5 deletions b/‎articles/active-directory-b2c/active-directory-b2c-configure-signup-self-asserted-custom.md
Lines changed: 5 additions & 5 deletions
diff --git a/‎articles/active-directory-b2c/active-directory-b2c-custom-setup-adfs2016-idp.md
Lines changed: 5 additions & 5 deletions b/‎articles/active-directory-b2c/active-directory-b2c-custom-setup-adfs2016-idp.md
Lines changed: 5 additions & 5 deletions
diff --git a/‎articles/active-directory-b2c/active-directory-b2c-devquickstarts-graph-dotnet.md
Lines changed: 4 additions & 4 deletions b/‎articles/active-directory-b2c/active-directory-b2c-devquickstarts-graph-dotnet.md
Lines changed: 4 additions & 4 deletions
diff --git a/‎articles/active-directory-b2c/active-directory-b2c-reference-oauth-code.md
Lines changed: 1 addition & 3 deletions b/‎articles/active-directory-b2c/active-directory-b2c-reference-oauth-code.md
Lines changed: 1 addition & 3 deletions
@@ -1,29 +1,2 @@
 {:allowed-branchname-matches ["^master$" "^release..*"]
- :allowed-filename-matches ["articles" "includes"]
-
- :template-header
-   "
-## Acrolinx Scorecards
-
-**A minimum Acrolinx score of 80 is required.** 
- 
- Click the scorecard links for each article to review the Acrolinx feedback on grammar, spelling, punctuation, writing style, and terminology:
-
-| Article | Score | Issues | Scorecard |
-| ------- | ----- | ------ | --------- |
-"
-
-   ;; do not remove the spaces at the end of lines! That is markdown for
-   ;; linebreak
-   :template-change
-   "| **${github/filename}** | ${acrolinx/qualityscore} | ${acrolinx/flags/issues} | [link](${acrolinx/scorecard}) |
-"
-
- :template-footer
-"
-**More info about Acrolinx**
-
-- [Install Acrolinx locally for VSCode](https://review.docs.microsoft.com/en-us/help/contribute/contribute-acrolinx-vscode)
-- [Report false positives or issues](https://aka.ms/acrolinxbug)
-
-"}
+ :allowed-filename-matches ["articles" "includes"]}
@@ -247,6 +247,36 @@
       "url": "https://github.com/Azure-Samples/cognitive-services-qnamaker-python",
       "branch": "master",
       "branch_mapping": {}
+    },
+    {
+      "path_to_root": "cognitive-services-dotnet-sdk-samples",
+      "url": "https://github.com/Azure-Samples/cognitive-services-dotnet-sdk-samples",
+      "branch": "master",
+      "branch_mapping": {}
+    },
+    {
+      "path_to_root": "cognitive-services-java-sdk-samples",
+      "url": "https://github.com/Azure-Samples/cognitive-services-java-sdk-samples",
+      "branch": "master",
+      "branch_mapping": {}
+    },
+    {
+      "path_to_root": "aml-sdk-samples",
+      "url": "https://github.com/Azure/MachineLearningNotebooks",
+      "branch": "sdk-codetest",
+      "branch_mapping": {}
+    },
+    {
+      "path_to_root": "cognitive-services-vision-csharp-sdk-quickstarts",
+      "url": "https://github.com/Azure-Samples/cognitive-services-vision-csharp-sdk-quickstarts",
+      "branch": "master",
+      "branch_mapping": {}
+    },
+    {
+      "path_to_root": "cognitive-face-csharp-sample",
+      "url": "https://github.com/Azure-Samples/Cognitive-Face-CSharp-sample",
+      "branch": "master",
+      "branch_mapping": {}
     }
   ],
   "branch_target_mapping": {
 
@@ -1,5 +1,10 @@
 {
     "redirections": [
+        {
+            "source_path": "articles/machine-learning/service/how-to-choose-a-dev-environment.md",
+            "redirect_url": "/azure/machine-learning/service/how-to-configure-environment",
+            "redirect_document_id": false
+        },
         {
             "source_path": "articles/frontdoor/front-door-powershell-reference.md",
             "redirect_url": "/powershell/module/azurerm.frontdoor",
@@ -150,6 +155,21 @@
             "redirect_url": "/azure/active-directory/users-groups-roles/users-sharing-accounts",
             "redirect_document_id": true
         },
+        {
+            "source_path": "articles/active-directory/fundamentals/active-directory-administer.md",
+            "redirect_url": "/azure/active-directory/fundamentals/active-directory-whatis",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/fundamentals/identity-fundamentals.md",
+            "redirect_url": "/azure/active-directory/fundamentals/active-directory-whatis",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/fundamentals/understand-azure-identity-solutions.md",
+            "redirect_url": "/azure/active-directory/fundamentals/active-directory-whatis",
+            "redirect_document_id": false
+        },
         {
             "source_path": "articles/active-directory/fundamentals/active-directory-groups-restore-azure-portal.md",
             "redirect_url": "/azure/active-directory/users-groups-roles/groups-restore-deleted",
@@ -356,6 +376,16 @@
             "redirect_url": "/azure/cosmos-db/conflict-resolution-policies",
             "redirect_document_id": true
         },
+        {
+            "source_path": "articles/cosmos-db/manage-account.md",
+            "redirect_url": "/azure/cosmos-db/how-to-manage-database-account",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/cosmos-db/indexing-policies.md",
+            "redirect_url": "/azure/cosmos-db/indexing-policy",
+            "redirect_document_id": true
+        },
         {
             "source_path": "articles/cosmos-db/distribute-data-globally-benefits.md",
             "redirect_url": "/azure/cosmos-db/distribute-data-globally",
@@ -7844,6 +7874,11 @@
             "redirect_url": "/azure/cosmos-db/enable-multi-master",
             "redirect_document_id": false
         },
+        {
+            "source_path": "articles/cosmos-db/sql-api-resources.md",
+            "redirect_url": "/azure/cosmos-db/databases-containers-items",
+            "redirect_document_id": false
+        },
         {
             "source_path": "articles/cosmos-db/multi-master-oss-nosql.md",
             "redirect_url": "/azure/cosmos-db/consistency-levels-across-apis",
@@ -9266,7 +9301,7 @@
         },
         {
             "source_path": "articles/documentdb/documentdb-indexing-policies.md",
-            "redirect_url": "https://docs.microsoft.com/azure/cosmos-db/indexing-policies",
+            "redirect_url": "/azure/cosmos-db/indexing-policy",
             "redirect_document_id": false
         },
         {
@@ -9999,6 +10034,11 @@
             "redirect_url": "/azure/log-analytics/log-analytics-data-security",
             "redirect_document_id": false
         },
+        {
+            "source_path": "articles/log-analytics/log-analytics-concept-hybrid.md",
+            "redirect_url": "/azure/log-analytics/log-analytics-agent-overview",
+            "redirect_document_id": false
+        },
         {
             "source_path": "articles/log-analytics/log-analytics-change-tracking.md",
             "redirect_url": "/azure/automation/automation-change-tracking",
@@ -11069,6 +11109,11 @@
             "redirect_url": "/azure/monitoring-and-diagnostics/alert-log",
             "redirect_document_id": false
         },
+        {
+            "source_path": "articles/monitoring-and-diagnostics/monitoring-overview-unified-alerts.md",
+            "redirect_url": "/azure/monitoring-and-diagnostics/monitoring-overview-alerts",
+            "redirect_document_id": false
+        },
         {
             "source_path": "articles/monitoring-and-diagnostics/monitoring-create-activity-log-alerts-with-resource-manager-template.md",
             "redirect_url": "/azure/monitoring-and-diagnostics/alert-activity-log",
@@ -27052,11 +27097,6 @@
             "redirect_url": "/azure/cloud-shell/overview",
             "redirect_document_id": false
         },
-        {
-            "source_path": "articles/dms/index.md",
-            "redirect_url": "/azure/dms/dms-overview",
-            "redirect_document_id": false
-        },
         {
             "source_path": "articles/guides/developer/index.md",
             "redirect_url": "/azure/guides/developer/azure-developer-guide",
@@ -27244,7 +27284,7 @@
         },
         {
             "source_path": "articles/active-directory/application-proxy-sso-overview.md",
-            "redirect_url": "/azure/active-directory/manage-apps/application-proxy-single-sign-on",
+            "redirect_url": "/azure/active-directory/manage-apps/what-is-single-sign-on",
             "redirect_document_id": false
         },
         {
@@ -28410,8 +28450,8 @@
         },
         {
             "source_path": "articles/active-directory/application-config-sso-how-to-choose-sign-on-method.md",
-            "redirect_url": "/azure/active-directory/manage-apps/single-sign-on-modes",
-            "redirect_document_id": true
+            "redirect_url": "/azure/active-directory/manage-apps/what-is-single-sign-on",
+            "redirect_document_id": false
         },
         {
             "source_path": "articles/active-directory/application-config-sso-how-to-configure-federated-sso-gallery.md",
@@ -28638,6 +28678,16 @@
             "redirect_url": "/azure/active-directory/manage-apps/developer-guidance-for-integrating-applications",
             "redirect_document_id": true
         },
+        {
+            "source_path": "articles/active-directory/manage-apps/application-proxy-single-sign-on.md",
+            "redirect_url": "/azure/active-directory/manage-apps/what-is-single-sign-on",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/active-directory/manage-apps/single-sign-on-modes.md",
+            "redirect_url": "/azure/active-directory/manage-apps/what-is-single-sign-on",
+            "redirect_document_id": false
+        },
         {
             "source_path": "articles/virtual-machines/linux/classic/cli-use-docker.md",
             "redirect_url": "/azure/virtual-machines/linux/dockerextension",
@@ -30515,6 +30565,17 @@
             "source_path": "articles/iot-central/howto-create-application.md",
             "redirect_url": "/azure/iot-central/quick-deploy-iot-central",
             "redirect_document_id" : false
+        },
+        {
+            "source_path": "articles/media-services/latest/create-account-cli-quickstart.md",
+            "redirect_url": "/azure/media-services/latest/create-account-cli-how-to",
+            "redirect_document_id" : false
+        },
+	    {  
+            "source_path": "articles/backup/backup-mabs-upgrade-to-v2.md",
+            "redirect_url": "/azure/backup/backup-mabs-whats-new-mabs",
+            "redirect_document_id" : false
         }
+
     ]
 }
@@ -273,8 +273,8 @@ Verified email is enabled by default in the `<TechnicalProfile Id="LocalAccountS
 
 ## Next steps
 
-Add the new claim to the flows for social account logins by changing the TechnicalProfiles listed below. These are used by social/federated account logins to write and read the user data using the alternativeSecurityId as the locator.
-```xml
-<TechnicalProfile Id="AAD-UserWriteUsingAlternativeSecurityId">
-<TechnicalProfile Id="AAD-UserReadUsingAlternativeSecurityId">
-```
+If your policy supports social accounts, add the new claim to the flows for social account logins by changing the technical profiles listed below. These claims are used by social account logins to collect and write data from the user.
+
+1. Locate the technical profile **SelfAsserted-Social** and add the output claim. The order of the claims in **OutputClaims** controls the order that Azure AD B2C renders the claims on the screen. For example, `<OutputClaim ClaimTypeReferenceId="city" />`.
+2. Locate the technical profile **AAD-UserWriteUsingAlternativeSecurityId** and add the persist claim. For example, `<PersistedClaim ClaimTypeReferenceId="city" />`.
+3. Locate the technical profile **AAD-UserReadUsingAlternativeSecurityId** and add the output claim. For example, `<OutputClaim ClaimTypeReferenceId="city" />`.
@@ -8,7 +8,7 @@ manager: mtillman
 ms.service: active-directory
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 11/05/2018
+ms.date: 11/07/2018
 ms.author: davidmu
 ms.component: B2C
 ---
@@ -17,24 +17,24 @@ ms.component: B2C
 
 [!INCLUDE [active-directory-b2c-advanced-audience-warning](../../includes/active-directory-b2c-advanced-audience-warning.md)]
 
-This article shows you how to enable sign-in for an ADFS user account by using [custom policies](active-directory-b2c-overview-custom.md) in Azure Active Directory (Azure AD) B2C.
+This article shows you how to enable sign-in for an ADFS user account by using [custom policies](active-directory-b2c-overview-custom.md) in Azure Active Directory (Azure AD) B2C. You enable sign-in by adding a [SAML technical profile](saml-technical-profile.md) to a custom policy.
 
 ## Prerequisites
 
 - Complete the steps in [Get started with custom policies in Azure Active Directory B2C](active-directory-b2c-get-started-custom.md).
-- Make sure that you have access to the certificate .pfx file with the private key that was issued by ADFS.
+- Make sure that you have access to a certificate .pfx file with a private key. You can generate your own signed certificate and upload it to Azure AD B2C. Azure AD B2C uses this certificate to sign the SAML request sent to your SAML identity provider.
 
 ## Create a policy key
 
-You need to store your ADFS certificate in your Azure AD B2C tenant.
+You need to store your certificate in your Azure AD B2C tenant.
 
 1. Sign in to the [Azure portal](https://portal.azure.com/).
 2. Make sure you're using the directory that contains your Azure AD B2C tenant by clicking the **Directory and subscription filter** in the top menu and choosing the directory that contains your tenant.
 3. Choose **All services** in the top-left corner of the Azure portal, and then search for and select **Azure AD B2C**.
 4. On the Overview page, select **Identity Experience Framework - PREVIEW**.
 5. Select **Policy Keys** and then select **Add**.
 6. For **Options**, choose `Upload`.
-7. Enter a **Name** for the policy key. For example, `ADFSSamlCert`. The prefix `B2C_1A_` is added automatically to the name of your key.
+7. Enter a **Name** for the policy key. For example, `SamlCert`. The prefix `B2C_1A_` is added automatically to the name of your key.
 8. Browse to and select your certificate .pfx file with the private key.
 9. Click **Create**.
 
 
@@ -62,8 +62,8 @@ You now have an application that has permission to create, read and update users
 > 
 > 
 
-## Configure delete permissions for your application
-Currently, the *Read and write directory data* permission does **NOT** include the ability to do any deletions such as deleting users. If you want to give your application the ability to delete users, you'll need to do these extra steps that involve PowerShell, otherwise, you can skip to the next section.
+## Configure delete or update password permissions for your application
+Currently, the *Read and write directory data* permission does **NOT** include the ability to delete users or update user passwords. If you want to give your application the ability to delete users or update passwords, you'll need to do these extra steps that involve PowerShell, otherwise, you can skip to the next section.
 
 First, if you don't already have it installed, install the [Azure AD PowerShell v1 module (MSOnline)](https://docs.microsoft.com/powershell/azure/active-directory/install-msonlinev1?view=azureadps-1.0):
 
@@ -80,15 +80,15 @@ After you install the PowerShell module connect to your Azure AD B2C tenant.
 Connect-MsolService
 ```
 
-Now we'll use the **Application ID** in the script below to assign the application the user account administrator role which will allow it to delete users. These roles have well-known identifiers, so all you need to do is input your **Application ID** in the script below.
+Now we'll use the **Application ID** in the script below to assign the application the user account administrator role. These roles have well-known identifiers, so all you need to do is input your **Application ID** in the script below.
 
 ```powershell
 $applicationId = "<YOUR_APPLICATION_ID>"
 $sp = Get-MsolServicePrincipal -AppPrincipalId $applicationId
 Add-MsolRoleMember -RoleObjectId fe930be7-5e62-47db-91af-98c3a49a38b1 -RoleMemberObjectId $sp.ObjectId -RoleMemberType servicePrincipal
 ```
 
-Your application now also has permissions to delete users from your B2C tenant.
+Your application now also has permissions to delete users or update passwords from your B2C tenant.
 
 ## Download, configure, and build the sample code
 First, download the sample code and get it running. Then we will take a closer look at it.  You can [download the sample code as a .zip file](https://github.com/AzureADQuickStarts/B2C-GraphAPI-DotNet/archive/master.zip). You can also clone it into a directory of your choice:
 
@@ -17,8 +17,6 @@ ms.component: B2C
 You can use the OAuth 2.0 authorization code grant in apps installed on a device to gain access to protected resources, such as web APIs. By using the Azure Active Directory B2C (Azure AD B2C) implementation of OAuth 2.0, you can add sign-up, sign-in,
 and other identity management tasks to your mobile and desktop apps. This article is language-independent. In the article, we describe how to send and receive HTTP messages without using any open-source libraries.
 
-<!-- TODO: Need link to libraries -->
-
 The OAuth 2.0 authorization code flow is described in [section 4.1 of the OAuth 2.0 specification](http://tools.ietf.org/html/rfc6749). You can use it for authentication and authorization in most [application types](active-directory-b2c-apps.md), including web applications and natively installed applications. You can use the OAuth 2.0 authorization code flow to securely acquire access tokens and refresh tokens for your applications, which can be used to access resources that are secured by an [authorization server](active-directory-b2c-reference-protocols.md).  The refresh token allows the client to acquire new access (and refresh) tokens once the access token expires, typically after one hour.
 
 This article focuses on the **public clients** OAuth 2.0 authorization code flow. A public client is any client application that cannot be trusted to securely maintain the integrity of a secret password. This includes mobile apps, desktop applications, and essentially any application that runs on a device and needs to get access tokens. 
@@ -77,7 +75,7 @@ client_id=90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6
 | redirect_uri |Required |The redirect URI of your app, where authentication responses are sent and received by your app. It must exactly match one of the redirect URIs that you registered in the portal, except that it must be URL-encoded. |
 | scope |Required |A space-separated list of scopes. A single scope value indicates to Azure Active Directory (Azure AD) both of the permissions that are being requested. Using the client ID as the scope indicates that your app needs an access token that can be used against your own service or web API, represented by the same client ID.  The `offline_access` scope indicates that your app needs a refresh token for long-lived access to resources. You also can use the `openid` scope to request an ID token from Azure AD B2C. |
 | response_mode |Recommended |The method that you use to send the resulting authorization code back to your app. It can be `query`, `form_post`, or `fragment`. |
-| state |Recommended |A value included in the request that is returned in the token response. It can be a string of any content that you want to use. Usually, a randomly generated unique value is  used, to prevent cross-site request forgery attacks. The state also is used to encode information about the user's state in the app before the authentication request occurred. For example, the page the user was on, or the policy that was being executed. |
+| state |Recommended |A value included in the request that can be a string of any content that you want to use. Usually, a randomly generated unique value is  used, to prevent cross-site request forgery attacks. The state also is used to encode information about the user's state in the app before the authentication request occurred. For example, the page the user was on, or the policy that was being executed. |
 | p |Required |The policy that is executed. It's the name of a policy that is created in your Azure AD B2C directory. The policy name value should begin with **b2c\_1\_**. To learn more about policies, see [Azure AD B2C built-in policies](active-directory-b2c-reference-policies.md). |
 | prompt |Optional |The type of user interaction that is required. Currently, the only valid value is `login`, which forces the user to enter their credentials on that request. Single sign-on will not take effect. |