Merging changes synced from https://github.com/MicrosoftDocs/azure-docs-pr (branch live)

Author: Learn Build Service GitHub App

.openpublishing.redirection.healthcare-apis.json

@@ -479,9 +479,14 @@
       },
       {
           "source_path_from_root": "/articles/healthcare-apis/data-transformation/convert-data.md",
-          "redirect_url": "/azure/healthcare-apis/fhir/convert-data",
-          "redirect_document_id": true
+          "redirect_url": "/azure/healthcare-apis/fhir/overview-of-convert-data",
+          "redirect_document_id": false
       },
+      {
+          "source_path_from_root": "/articles/healthcare-apis/fhir/convert-data.md",
+          "redirect_url": "/azure/healthcare-apis/fhir/overview-of-convert-data",
+          "redirect_document_id": true
+      },    
       {
           "source_path_from_root": "/articles/healthcare-apis/fhir/bulk-importing-fhir-data.md",
           "redirect_url": "/azure/healthcare-apis/fhir/configure-import-data",

articles/active-directory-b2c/media/publish-app-to-azure-ad-app-gallery/app-gallery-sign-in-flow.png

@@ -66,63 +66,7 @@ Use Azure AD B2C to facilitate identity verification and proofing by collecting
 
 :::image type="content" source="./media/overview/scenario-idproofing.png" alt-text="A diagram showing the user flow for third-party identity proofing.":::
 
-You have learned some of the things you can do with Azure AD B2C as your business-to-customer identity platform. The following sections of this overview walk you through a demo application that uses Azure AD B2C. You're also welcome to move on directly to a more in-depth [technical overview of Azure AD B2C](technical-overview.md).
-
-## Example: WoodGrove Groceries
-
-[WoodGrove Groceries][woodgrove] is a live web application created by Microsoft to demonstrate several Azure AD B2C features. The next few sections review some of the authentication options provided by Azure AD B2C to the WoodGrove website.
-
-### Business overview
-
-WoodGrove is an online grocery store that sells groceries to both individual consumers and business customers. Their business customers buy groceries on behalf of their company, or businesses that they manage.
-
-### Sign-in options
-
-WoodGrove Groceries offers several sign-in options based on the relationship their customers have with the store:
-
-* **Individual** customers can sign-up or sign in with individual accounts, such as with a social identity provider or an email address and password.
-* **Business** customers can sign-up or sign in with their enterprise credentials.
-* **Partners** and suppliers are individuals who supply the grocery store with products to sell. Partner identity is provided by [Azure Active Directory B2B](../active-directory/external-identities/what-is-b2b.md).
-
-![Individual (B2C), business (B2C), and partner (B2B) sign-in pages](./media/overview/woodgrove-overview.png)
-
-### Authenticate individual customers
-
-When a customer selects **Sign in with your personal account**, they're redirected to a customized sign-in page hosted by Azure AD B2C. You can see in the following image that we've customized the user interface (UI) to look and feel just like the WoodGrove Groceries website. WoodGrove's customers should be unaware that the authentication experience is hosted and secured by Azure AD B2C.
-
-![Custom WoodGrove sign-in page hosted by Azure AD B2C](./media/overview/sign-in.png)
-
-WoodGrove allows their customers to sign-up and sign in by using their Google, Facebook, or Microsoft accounts as their identity provider. Or, they can sign-up by using their email address and a password to create what's called a *local account*.
-
-When a customer selects **Sign-up with your personal account** and then **Sign-up now**, they're presented with a custom sign-up page.
-
-![Custom WoodGrove sign-up page hosted by Azure AD B2C](./media/overview/sign-up.png)
-
-After entering an email address and selecting **Send verification code**, Azure AD B2C sends them the code. Once they enter their code, select **Verify code**, and then enter the other information on the form, they must also agree to the terms of service.
-
-Clicking the **Create** button causes Azure AD B2C to redirect the user back to the WoodGrove Groceries website. When it redirects, Azure AD B2C passes an OpenID Connect authentication token to the WoodGrove web application. The user is now signed-in and ready to go, their display name shown in the top-right corner to indicate they're signed in.
-
-![WoodGrove Groceries website header showing user is signed in](./media/overview/signed-in-individual.png)
-
-### Authenticate business customers
-
-When a customer selects one of the options under **Business customers**, the WoodGrove Groceries website invokes a different Azure AD *B2C policy* than it does for individual customers. You learn what a *B2C policy* is in [technical overview of Azure AD B2C](technical-overview.md)
-
-This policy presents the user with an option to use their corporate credentials for sign-up and sign-in. In the WoodGrove example, users are prompted to sign in with any work or school account. This policy uses a [multi-tenant Azure AD application](../active-directory/develop/howto-convert-app-to-be-multi-tenant.md) and the `/common` Azure AD endpoint to federate Azure AD B2C with any Microsoft 365 customer in the world.
-
-### Authenticate partners
-
-The **Sign in with your supplier account** link uses Azure Active Directory B2B's collaboration functionality. Azure AD B2B is a family of features in Azure Active Directory to manage partner identities. Those identities can be federated from Azure Active Directory for access into Azure AD B2C-protected applications.
-
-Learn more about Azure AD B2B in [What is guest user access in Azure Active Directory B2B?](../active-directory/external-identities/what-is-b2b.md).
-
-<!-- UNCOMMENT WHEN REPO IS UPDATED WITH LATEST DEMO CODE
-### Sample code
-
-If you'd like to jump right into the code to see how the WoodGrove Groceries application is built, you can find the repository on GitHub:
-
-[Azure-Samples/active-directory-external-identities-woodgrove-demo][woodgrove-repo] (GitHub)
--->
+You have learned some of the things you can do with Azure AD B2C as your business-to-customer identity platform. You may now move on directly to a more in-depth [technical overview of Azure AD B2C](technical-overview.md).
 
 ## Next steps
 
@@ -131,6 +75,4 @@ Now that you have an idea of what Azure AD B2C is and some of the scenarios it c
 > [!div class="nextstepaction"]
 > [Azure AD B2C technical overview >](technical-overview.md)
 
-<!-- LINKS - External -->
-[woodgrove]: https://aka.ms/ciamdemo
-[woodgrove-repo]: https://github.com/Azure-Samples/active-directory-external-identities-woodgrove-demo
+

articles/active-directory-b2c/media/technical-overview/custom-domain.png

@@ -71,7 +71,7 @@ To allow employees and consumers from any Azure AD tenant to sign in by using Az
 
 In your app, copy the URL of the sign-in endpoint. If you use the [web application sample](configure-authentication-sample-web-app.md), the sign-in URL is `https://localhost:5001/MicrosoftIdentity/Account/SignIn?`. This URL is where the Azure AD app gallery takes users to sign in to your app.
 
-In production environments, the app registration redirect URI is ordinarily a publicly accessible endpoint where your app is running, such as `https://woodgrovedemo.com/Account/SignIn`. The reply URL must begin with `https`.
+In production environments, the app registration redirect URI is ordinarily a publicly accessible endpoint where your app is running. The reply URL must begin with `https`.
 
 ## Step 4: Publish your Azure AD B2C app
 

articles/active-directory-b2c/media/technical-overview/seamless-ux.png

@@ -117,8 +117,6 @@ In Azure AD B2C, you can craft your users' identity experiences so that the page
 > [!NOTE]
 > Customizing the pages rendered by third parties when using social accounts is limited to the options provided by that identity provider, and are outside the control of Azure AD B2C.
 
-:::image type="content" source="media/technical-overview/seamless-ux.png" alt-text="Screenshots of brand-customized sign-up sign-in page.":::
-
 For information on UI customization, see:
 
 * [Customize the user interface](customize-ui.md)
@@ -127,11 +125,7 @@ For information on UI customization, see:
 
 ## Custom domain
 
-You can customize your Azure AD B2C domain in the redirect URIs for your application. Custom domain allows you to create a seamless experience so that the pages that are shown blend seamlessly with the domain name of your application.
-
-:::image type="content" source="media/technical-overview/custom-domain.png" alt-text="Screenshot of the sign in page of the WoodGrove sample app with a red box highlighting the custom domain in the address bar.":::
-
-From the user's perspective, they remain in your domain during the sign-in process rather than redirecting to the Azure AD B2C default domain .b2clogin.com. 
+You can customize your Azure AD B2C domain in the redirect URIs for your application. Custom domain allows you to create a seamless experience so that the pages that are shown blend seamlessly with the domain name of your application. From the user's perspective, they remain in your domain during the sign-in process rather than redirecting to the Azure AD B2C default domain .b2clogin.com. 
 
 For more information, see [Enable custom domains](custom-domain.md).
 

articles/active-directory-b2c/overview.md

@@ -15,6 +15,28 @@ manager: CelesteDG
 
 Welcome to what's new in Azure Active Directory B2C documentation. This article lists new docs that have been added and those that have had significant updates in the last three months. To learn what's new with the B2C service, see [What's new in Azure Active Directory](../active-directory/fundamentals/whats-new.md) and [Azure AD B2C developer release notes](custom-policy-developer-notes.md)
 
+## June 2023
+
+### New articles
+
+- [Microsoft Azure Active Directory B2C external identity video series](external-identities-videos.md)
+- [Manage directory size quota of your Azure Active Directory B2C tenant](tenant-management-directory-quota.md)
+
+### Updated articles
+
+- [Tutorial: Create an Azure Active Directory B2C tenant](tutorial-create-tenant.md) - [Azure AD B2C] Azure AD B2C Go-Local opt-in feature
+- [Tutorial: Configure security analytics for Azure Active Directory B2C data with Microsoft Sentinel](configure-security-analytics-sentinel.md) - Removing product name from filename and links. Exempt from Acrolinx by prior arrangement
+- [Tutorial: Configure Azure Active Directory B2C with Azure Web Application Firewall](partner-web-application-firewall.md) - Removing product name from filename and links. Exempt from Acrolinx by prior arrangement
+- [Title not found in: #240919](azure-ad-external-identities-videos.md) - Delete azure-ad-external-identities-videos.md
+- [Build a global identity solution with funnel-based approach](b2c-global-identity-funnel-based-design.md) - Removing product name from filename and links. Exempt from Acrolinx by prior arrangement
+- [Azure Active Directory B2C global identity framework proof of concept for funnel-based configuration](b2c-global-identity-proof-of-concept-funnel.md) - Removing product name from filename and links. Exempt from Acrolinx by prior arrangement
+- [Azure Active Directory B2C global identity framework proof of concept for region-based configuration](b2c-global-identity-proof-of-concept-regional.md) - Removing product name from filename and links. Exempt from Acrolinx by prior arrangement
+- [Build a global identity solution with region-based approach](b2c-global-identity-region-based-design.md) - Removing product name from filename and links. Exempt from Acrolinx by prior arrangement
+- [Azure Active Directory B2C global identity framework](b2c-global-identity-solutions.md) - Removing product name from filename and links. Exempt from Acrolinx by prior arrangement
+- [Azure Active Directory B2C: What's new](whats-new-docs.md) - [Azure AD B2C] What is new May 2023
+- [Use the Azure portal to create and delete consumer users in Azure AD B2C](manage-users-portal.md) - [Azure AD B2C] Revoke user's session
+- [Monitor Azure AD B2C with Azure Monitor](azure-monitor.md) - Added steps to disable Azure monitor
+
 ## May 2023
 
 ### New articles
@@ -37,34 +59,3 @@ Welcome to what's new in Azure Active Directory B2C documentation. This article
 - [Configure Transmit Security with Azure Active Directory B2C for passwordless authentication](partner-bindid.md) - Update partner-bindid.md
 - [Tutorial: Enable secure hybrid access for applications with Azure Active Directory B2C and F5 BIG-IP](partner-f5.md) - Update partner-f5.md
 
-## March 2023
-
-### Updated articles
-
-- [Configure SAML identity provider options with Azure Active Directory B2C](identity-provider-generic-saml-options.md)
-- [Tutorial: Configure BioCatch with Azure Active Directory B2C](partner-biocatch.md)
-- [Tutorial: Configure Nok Nok Passport with Azure Active Directory B2C for passwordless FIDO2 authentication](partner-nok-nok.md)
-- [Pass an identity provider access token to your application in Azure Active Directory B2C](idp-pass-through-user-flow.md)
-- [Tutorial: Configure Haventec Authenticate with Azure Active Directory B2C for single-step, multi-factor passwordless authentication](partner-haventec.md)
-- [Configure Trusona Authentication Cloud with Azure Active Directory B2C](partner-trusona.md)
-- [Tutorial: Configure IDEMIA Mobile ID with Azure Active Directory B2C](partner-idemia.md)
-- [Configure Azure Active Directory B2C with Bluink eID-Me for identity verification](partner-eid-me.md)
-- [Tutorial: Configure Azure Active Directory B2C with BlokSec for passwordless authentication](partner-bloksec.md)
-- [Tutorial: Configure Azure Active Directory B2C with Azure Web Application Firewall](partner-web-application-firewall.md)
-- [Tutorial to configure Saviynt with Azure Active Directory B2C](partner-saviynt.md)
-- [Tutorial: Configure Keyless with Azure Active Directory B2C](partner-keyless.md)
-- [Tutorial: Configure security analytics for Azure Active Directory B2C data with Microsoft Sentinel](configure-security-analytics-sentinel.md)
-- [Configure authentication in a sample Python web app by using Azure AD B2C](configure-authentication-sample-python-web-app.md)
-- [Billing model for Azure Active Directory B2C](billing.md)
-- [Azure Active Directory B2C: Region availability & data residency](data-residency.md)
-- ['Azure AD B2C: Frequently asked questions (FAQ)'](faq.yml)
-- [Tutorial: Create an Azure Active Directory B2C tenant](tutorial-create-tenant.md)
- 
-## February 2023
-
-### Updated articles
-
-- [Azure Active Directory B2C code samples](integrate-with-app-code-samples.md)
-- [JSON claims transformations](json-transformations.md)
-- [Set up sign-in for a specific Azure Active Directory organization in Azure Active Directory B2C](identity-provider-azure-ad-single-tenant.md)
-- [Page layout versions](page-layout.md)

articles/active-directory-b2c/publish-app-to-azure-ad-app-gallery.md

@@ -35,6 +35,8 @@ items:
         href: on-premises-web-services-connector.md
       - name: Provisioning with custom connectors
         href: on-premises-custom-connector.md
+      - name: Provisioning to SAP ECC 7.0
+        href: on-premises-sap-connector-configure.md
     - name: Customize attribute mappings
       href: customize-application-attributes.md
   - name: Concepts

articles/active-directory-b2c/technical-overview.md

@@ -6,7 +6,7 @@ services: multi-factor-authentication
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 05/01/2023
+ms.date: 06/29/2023
 
 ms.author: justinha
 author: justinha
@@ -217,7 +217,13 @@ The **Settings** option allows you to change the settings for the migration proc
 
 :::image type="content" border="true" source="./media/how-to-mfa-server-migration-utility/settings.png" alt-text="Screenshot of settings.":::
 
-- Migrate – This setting allows you to specify which method(s) should be migrated for the selection of users
+- Migrate – there are three options for migrating the user's default authentication method:
+  - Always migrate
+  - Only migrate if not already set in Azure AD
+  - Set to the most secure method available if not already set in Azure AD
+  
+  These options provide flexibility when you migrate the default method. In addition, the Authentication methods policy is checked during migration. If the default method being migrated isn't allowed by policy, it's set to the most secure method available instead.
+
 - User Match – Allows you to specify a different on-premises Active Directory attribute for matching Azure AD UPN instead of the default match to userPrincipalName:
   - The migration utility tries direct matching to UPN before using the on-premises Active Directory attribute.  
   - If no match is found, it calls a Windows API to find the Azure AD UPN and get the SID, which it uses to search the MFA Server user list.