updating the redirection file to solve merge conflicts

Author: Khairunj

.openpublishing.redirection.json

@@ -43641,6 +43641,18 @@
     {
       "source_path": "articles/load-balancer/load-balancer-get-started-internet-classic-cli.md",
       "redirect_url": "/previous-versions/azure/load-balancer/load-balancer-get-started-internet-classic-cli",
+      "source_path": "articles/cognitive-services/translator/how-to-install-containers.md",
+      "redirect_url": "/azure/cognitive-services/translator/translator-info-overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/cognitive-services/translator/translator-text-container-config.md",
+      "redirect_url": "/azure/cognitive-services/translator/translator-info-overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/aks/virtual-kubelet.md",
+      "redirect_url": "/azure/aks/concepts-scale#burst-to-azure-container-instances",
       "redirect_document_id": false
     }
   ]

articles/active-directory-b2c/TOC.yml

@@ -320,6 +320,9 @@
       href: active-directory-b2c-devquickstarts-graph-dotnet.md
   - name: Audit logs
     href: active-directory-b2c-reference-audit-logs.md
+  - name: Manage users - Azure portal
+    href: manage-users-portal.md
+    displayName: create users, add users, delete users
   - name: Secure API Management API
     href: secure-api-management.md
     displayName: apim, api management, migrate, b2clogin.com

articles/active-directory-b2c/manage-users-portal.md

@@ -0,0 +1,60 @@
+---
+title: Create & delete Azure AD B2C consumer user accounts in the Azure portal
+description: Learn how to use the Azure portal to create and delete consumer users in your Azure AD B2C directory.
+services: active-directory-b2c
+author: mmacy
+manager: celestedg
+
+ms.service: active-directory
+ms.workload: identity
+ms.topic: conceptual
+ms.date: 11/09/2019
+ms.author: marsma
+ms.subservice: B2C
+---
+
+# Use the Azure portal to create and delete consumer users in Azure AD B2C
+
+There might be scenarios in which you want to manually create consumer accounts in your Azure Active Directory B2C (Azure AD B2C) directory. Although consumer accounts in an Azure AD B2C directory are most commonly created when users sign up to use one of your applications, you can create them programmatically and by using the Azure portal. This article focuses on the Azure portal method of user creation and deletion.
+
+To add or delete users, your account must be assigned the *User administrator* or *Global administrator* role.
+
+[!INCLUDE [active-directory-b2c-public-preview](../../includes/active-directory-b2c-public-preview.md)]
+
+## Types of user accounts
+
+As described in [Overview of user accounts in Azure AD B2C](user-overview.md), there are three types of user accounts that can be created in an Azure AD B2C directory:
+
+* Work
+* Guest
+* Consumer
+
+This article focuses on working with **consumer accounts** in the Azure portal. For information about creating and deleting Work and Guest accounts, see [Add or delete users using Azure Active Directory](../active-directory/fundamentals/add-users-azure-active-directory.md).
+
+## Create a consumer user
+
+1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Select the **Directory + subscription** filter in the top menu, and then select the directory that contains your Azure AD B2C tenant.
+1. In the left menu, select **Azure AD B2C**. Or, select **All services** and search for and select **Azure AD B2C**.
+1. Under **Manage**, select **Users**.
+1. Select **New user**.
+1. Select **Create Azure AD B2C user**.
+1. Choose a **Sign in method** and enter either an **Email** address or a **Username** for the new user. The sign in method you select here must match the setting you've specified for your Azure AD B2C tenant's *Local account* identity provider (see **Manage** > **Identity providers** in your Azure AD B2C tenant).
+1. Enter a **Name** for the user. This is typically the full name (given and surname) of the user.
+1. (Optional) You can **Block sign in** if you wish to delay the ability for the user to sign in. You can enable sign in later by editing the user's **Profile** in the Azure portal.
+1. Choose **Auto-generate password** or **Let me create password**.
+1. Specify the user's **First name** and **Last name**.
+1. Select **Create**.
+
+Unless you've selected **Block sign in**, the user can now sign in using the sign in method (email or username) that you specified.
+
+## Delete a consumer user
+
+1. In your Azure AD B2C directory, select **Users**, and then select the user you want to delete.
+1. Select **Delete**, and then **Yes** to confirm the deletion.
+
+For details about restoring a user within the first 30 days after deletion, or for permanently deleting a user, see [Restore or remove a recently deleted user using Azure Active Directory](../active-directory/fundamentals/active-directory-users-restore.md).
+
+## Next steps
+
+For automated user management scenarios, for example migrating users from another identity provider to your Azure AD B2C directory, see [Azure AD B2C: User migration](active-directory-b2c-user-migration.md).

articles/active-directory/b2b/add-users-administrator.md

@@ -7,7 +7,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: B2B
 ms.topic: conceptual
-ms.date: 04/11/2019
+ms.date: 11/12/2019
 
 ms.author: mimart
 author: msmimart
@@ -44,14 +44,18 @@ To add B2B collaboration users to the directory, follow these steps:
    > [!NOTE]
    > The **New guest user** option is also available on the **Organizational relationships** page. In **Azure Active Directory**, under **Manage**, select **Organizational relationships**.
 
-5. Under **User name**, enter the email address of the external user. Optionally, include a welcome message. For example:
-
-   ![Shows where New guest user is in the UI](./media/add-users-administrator/InviteGuest.png) 
+5. On the **New user** page, select **Invite user** and then add the guest user's information. 
 
     > [!NOTE]
     > Group email addresses aren’t supported; enter the email address for an individual. Also, some email providers allow users to add a plus symbol (+) and additional text to their email addresses to help with things like inbox filtering. However, Azure AD doesn’t currently support plus symbols in email addresses. To avoid delivery issues, omit the plus symbol and any characters following it up to the @ symbol.
 
-6. Select **Invite** to automatically send the invitation to the guest user. 
+   - **Name.** The first and last name of the guest user.
+   - **Email address (required)**. The email address of the guest user.
+   - **Personal message (optional)** Include a personal welcome message to the guest user.
+   - **Groups**: You can add the guest user to one or more existing groups, or you can do it later.
+   - **Directory role**: If you require Azure AD administrative permissions for the user, you can add them to an Azure AD role. 
+
+7. Select **Invite** to automatically send the invitation to the guest user. 
 
 After you send the invitation, the user account is automatically added to the directory as a guest.
 

articles/active-directory/b2b/b2b-quickstart-add-guest-users-portal.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: B2B
 ms.topic: quickstart
-ms.date: 07/02/2018
+ms.date: 11/12/2019
 
 ms.author: mimart
 author: msmimart
@@ -44,9 +44,13 @@ To complete the scenario in this tutorial, you need:
 
     ![Screenshot showing where to select the New guest user option](media/quickstart-add-users-portal/quickstart-users-portal-user-3.png)
 
-5.	Under **User name**, enter the email address of the external user. Under **Include a personal message with the invitation**, type a welcome message. 
+5. On the **New user** page, select **Invite user** and then add the guest user's information. 
 
-    ![Screenshot showing where to enter the guest user invitation message](media/quickstart-add-users-portal/quickstart-users-portal-user-4.png)
+   - **Name.** The first and last name of the guest user.
+   - **Email address (required)**. The email address of the guest user.
+   - **Personal message (optional)** Include a personal welcome message to the guest user.
+   - **Groups**: You can add the guest user to one or more existing groups, or you can do it later.
+   - **Directory role**: If you require Azure AD administrative permissions for the user, you can add them to an Azure AD role. 
 
 6. Select **Invite** to automatically send the invitation to the guest user. A notification appears in the upper right with the message **Successfully invited user**. 
 7.	After you send the invitation, the user account is automatically added to the directory as a guest.

articles/active-directory/develop/access-tokens.md

@@ -260,9 +260,9 @@ Refresh tokens can be invalidated or revoked at any time, for different reasons.
 | [Single sign-out](v1-protocols-openid-connect-code.md#single-sign-out) on web | Revoked | Stays alive | Revoked | Stays alive | Stays alive |
 
 > [!NOTE]
-> A "Non-password based" login is one where the user didn't type in a password to get it. For example, using your face with Windows Hello, a FIDO key, or a PIN.
+> A "Non-password based" login is one where the user didn't type in a password to get it. For example, using your face with Windows Hello, a FIDO2 key, or a PIN.
 >
-> A known issue exists with the Windows Primary Refresh Token. If the PRT is obtained via a password, and then the user logs in via Hello, this does not change the origination of the PRT, and it will be revoked if the user changes their password.
+> Primary Refresh Tokens (PRT) on Windows 10 are segregated based on the credential. For example, Windows Hello and password have their respective PRTs, isolated from one another. When a user signs-in with a Hello credential (PIN or biometrics) and then changes the password, the password based PRT obtained previously will be revoked. Signing back in with a password invalidates the old PRT and requests a new one.
 >
 > Refresh tokens aren't invalidated or revoked when used to fetch a new access token and refresh token.  
 

articles/active-directory/develop/howto-configure-publisher-domain.md

@@ -21,7 +21,7 @@ ms.custom: aaddev
 ms.collection: M365-identity-device-management
 ---
 
-# How to: Configure an application's publisher domain (Preview)
+# How to: Configure an application's publisher domain
 
 An application’s publisher domain is displayed to users on the [application’s consent prompt](application-consent-experience.md) to let users know where their information is being sent. Multi-tenant applications that are registered after May 21, 2019 that don't have a publisher domain show up as **unverified**. Multi-tenant applications are applications that support accounts outside of a single organizational directory; for example, support all Azure AD accounts, or support all Azure AD accounts and personal Microsoft accounts.
 

articles/active-directory/develop/scenario-web-api-call-api-app-configuration.md

@@ -138,6 +138,8 @@ private void AddAccountToCacheFromJwt(IEnumerable<string> scopes, JwtSecurityTok
 }
 ```
 
+You can also see an example of on behalf of flow implementation in [NodeJS and Azure Functions](https://github.com/Azure-Samples/ms-identity-nodejs-webapi-onbehalfof-azurefunctions/blob/master/MiddleTierAPI/MyHttpTrigger/index.js#L61).
+
 ## Protocol
 
 For more information about the on-behalf-of protocol, see [Microsoft identity platform and OAuth 2.0 On-Behalf-Of flow](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-on-behalf-of-flow).

articles/active-directory/develop/tutorial-v2-ios.md

@@ -138,7 +138,7 @@ let kScopes: [String] = ["https://graph.microsoft.com/user.read"] // request per
 let kAuthority = "https://login.microsoftonline.com/common" // this authority allows a personal Microsoft account and a work or school account in any organization’s Azure AD tenant to sign in
 var accessToken = String()
 var applicationContext : MSALPublicClientApplication?
-var webViewParamaters : MSALWebviewParameters?
+var webViewParameters : MSALWebviewParameters?
 ```
 
 The only value you need to modify above is the value assigned to `kClientID`to be your [Application ID](https://docs.microsoft.com/azure/active-directory/develop/developer-glossary#application-id-client-id). This value is part of the MSAL Configuration data that you saved during the step at the beginning of this tutorial to register the application in the Azure portal.
@@ -318,16 +318,16 @@ Add the following after `initMSAL` method to the `ViewController` class.
 
 ```swift
 func initWebViewParams() {
-        self.webViewParamaters = MSALWebviewParameters(parentViewController: self)
+        self.webViewParameters = MSALWebviewParameters(parentViewController: self)
     }
 ```
 
 ### macOS code:
 
 ```swift
 func initWebViewParams() {
-        self.webViewParamaters = MSALWebviewParameters()
-        self.webViewParamaters?.webviewType = .wkWebView
+        self.webViewParameters = MSALWebviewParameters()
+        self.webViewParameters?.webviewType = .wkWebView
     }
 ```
 
@@ -421,7 +421,7 @@ Add the following code to the `ViewController` class.
 func acquireTokenInteractively() {
 
     guard let applicationContext = self.applicationContext else { return }
-    guard let webViewParameters = self.webViewParamaters else { return }
+    guard let webViewParameters = self.webViewParameters else { return }
 
     // #1
     let parameters = MSALInteractiveTokenParameters(scopes: kScopes, webviewParameters: webViewParameters)

articles/active-directory/develop/v2-supported-account-types.md

@@ -37,7 +37,7 @@ In the Microsoft Azure public Cloud, most types of apps can sign in users with a
   - With their work or school or personal Microsoft account.
   - With only personal Microsoft account.
     > [!NOTE]
-    > Currently the Microsoft identity platform supports personal Microsoft accounts only by registering an app for **work or school or Microsoft personal accounts**, and then, restrict sign-in in the code for the application by specifying an Azure AD authority, when building the application, such as `https://login.onmicrosoftonline.com/consumers`.
+    > Currently the Microsoft identity platform supports personal Microsoft accounts only by registering an app for **work or school or Microsoft personal accounts**, and then, restrict sign-in in the code for the application by specifying an Azure AD authority, when building the application, such as `https://login.microsoftonline.com/consumers`.
 
 - If you're writing a business to consumers application, you can also sign in users with their social identities, using Azure AD B2C.
 
@@ -57,4 +57,4 @@ Some account types can't be used with certain authentication flows. For instance
 ## Next steps
 
 - Learn more about [Tenancy in Azure Active Directory](./single-and-multi-tenant-apps.md)
-- Learn more about [National Clouds](./authentication-national-cloud.md)
+- Learn more about [National Clouds](./authentication-national-cloud.md)