Merge branch 'MicrosoftDocs:main' into revert-248908-allchiang-msft-patch-rooms-captions-public-preview

Author: allchiang-msft

.openpublishing.redirection.json

@@ -23347,6 +23347,56 @@
             "redirect_url": "/azure/active-directory/develop/quickstart-register-app",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/migrate-adal-msal-java.md",
+            "redirect_url": "/entra/msal/java/advanced/support-for-adfs",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-logging-java.md",
+            "redirect_url": "/entra/msal/java/advanced/msal-logging-java",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-error-handling-java.md",
+            "redirect_url": "/entra/msal/java/advanced/msal-error-handling-java",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-java-token-cache-serialization.md",
+            "redirect_url": "/entra/msal/java/advanced/msal-java-token-cache-serialization",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-java-adfs-support.md",
+            "redirect_url": "/entra/msal/java/advanced/msal-java-adfs-support",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-java-get-remove-accounts-token-cache.md",
+            "redirect_url": "/entra/msal/java/advanced/msal-java-get-remove-accounts-token-cache",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/migrate-python-adal-msal.md",
+            "redirect_url": "/entra/msal/python/advanced/migrate-python-adal-msal",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-logging-python.md",
+            "redirect_url": "/entra/msal/python/advanced/msal-logging-python",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-error-handling-python.md",
+            "redirect_url": "/entra/msal/python/advanced/msal-error-handling-python",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/active-directory/develop/msal-python-token-cache-serialization.md",
+            "redirect_url": "/entra/msal/python/advanced/msal-python-token-cache-serialization",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/networking/azure-orbital-overview.md",
             "redirect_url": "/azure/orbital/overview",

articles/active-directory/architecture/resilience-client-app.md

@@ -37,8 +37,8 @@ Learn more:
 
 * [Token cache serialization](https://github.com/AzureAD/microsoft-identity-web/wiki/token-cache-serialization)
 * [Token cache serialization in MSAL.NET](../develop/msal-net-token-cache-serialization.md)
-* [Custom token cache serialization in MSAL for Java](../develop/msal-java-token-cache-serialization.md)
-* [Custom token cache serialization in MSAL for Python](../develop/msal-python-token-cache-serialization.md).
+* [Custom token cache serialization in MSAL for Java](/entra/msal/java/advanced/msal-java-token-cache-serialization)
+* [Custom token cache serialization in MSAL for Python](/entra/msal/python/advanced/msal-python-token-cache-serialization).
 
    ![Diagram of a device and and application using MSAL to call Microsoft Identity](media/resilience-client-app/resilience-with-microsoft-authentication-library.png)
 

articles/active-directory/cloud-infrastructure-entitlement-management/faqs.md

@@ -139,7 +139,7 @@ Customers can also remove, export or modify specific data if a Global Administra
 
 If you're an enterprise customer, you can contact your Microsoft representative, account team, or tenant admin to file a high-priority IcM support ticket requesting a Data Subject Request. Do not include details or any personally identifiable information in the IcM request. We'll reach out to you for these details only after an IcM is filed.
 
-If you're a self-service customer (you set up a trial or paid license in the Microsoft 365 admin center) you can contact the Permissions Management privacy team by selecting your profile drop-down menu, then **Account Settings** in Permissions Management. Follow the instructions to make a Data Subject Access Request.
+If you're a self-service customer (you set up a trial or paid license in the Microsoft 365 admin center) you can contact the Permissions Management privacy team by selecting your profile drop-down menu, then **Account Settings** in Permissions Management. Follow the instructions to make a Data Subject Request.
 
 Learn more about [Azure Data Subject Requests](https://go.microsoft.com/fwlink/?linkid=2245178).
 

articles/active-directory/cloud-infrastructure-entitlement-management/onboard-enable-controller-after-onboarding.md

@@ -8,17 +8,17 @@ ms.service: active-directory
 ms.subservice: ciem
 ms.workload: identity
 ms.topic: how-to
-ms.date: 06/16/2023
+ms.date: 08/24/2023
 ms.author: jfields
 ---
 
 # Enable or disable the controller after onboarding is complete
 
-With the controller, you determine what level of access to provide Permissions Management.
+With the controller, you can decide what level of access to grant in Permissions Management.
 
-* Enable to grant read and write access to your environment(s). You can manage permissions and remediate through Permissions Management.
+* Enable to grant read and write access to your environments. You can right-size permissions and remediate through Permissions Management.
 
-* Disable to grant read-only access to your environment(s).
+* Disable to grant read-only access to your environments.
 
 
 This article describes how to enable the controller in Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP) after onboarding is complete.
@@ -30,7 +30,7 @@ This article also describes how to disable the controller in Microsoft Azure and
 ## Enable the controller in AWS
 
 > [!NOTE]
->  You can enable the controller in AWS if you disabled it during onboarding. Once you enable the controller, you can’t disable it at this time.
+>  You can enable the controller in AWS if you disabled it during onboarding. Once you enable the controller in AWS, you can’t disable it.
 
 1. Sign in to the AWS console of the member account in a separate browser window.
 1. Go to the Permissions Management home page, select **Settings** (the gear icon), and then select the **Data Collectors** subtab.

articles/active-directory/develop/TOC.yml

@@ -708,20 +708,7 @@
             - name: Migrate to MSAL.iOS / macOS
               href: migrate-objc-adal-msal.md
         - name: MSAL Java
-          items:
-            - name: Custom token cache serialization
-              href: msal-java-token-cache-serialization.md
-            - name: Get and remove accounts from the token cache
-              href: msal-java-get-remove-accounts-token-cache.md
-            - name: Migrate to MSAL for Java
-              href: migrate-adal-msal-java.md
-            - name: AD FS support in MSAL for Java
-              href: msal-java-adfs-support.md
-            - name: Handle errors and exceptions in MSAL for Java
-              displayName: handling, catch
-              href: msal-error-handling-java.md
-            - name: Logging in MSAL for Java
-              href: msal-logging-java.md
+          href: /entra/msal/java
         - name: MSAL.js
           displayName: Angular, JavaScript, Node.js, React
           items:
@@ -830,18 +817,7 @@
               displayName: persistent, serialize, deserialize
               href: msal-node-extensions.md
         - name: MSAL Python
-          items:
-            - name: Custom token cache serialization
-              href: msal-python-token-cache-serialization.md
-            - name: Migrate to MSAL Python
-              href: migrate-python-adal-msal.md
-            - name: AD FS support in MSAL Python
-              href: msal-python-adfs-support.md
-            - name: Handle errors and exceptions in MSAL for Python
-              displayName: handling, catch
-              href: msal-error-handling-python.md
-            - name: Logging in MSAL for Python
-              href: msal-logging-python.md
+          href: /entra/msal/python/
     - name: Protocol reference (OAuth, OIDC, SAML)
       items:
         - name: OAuth 2.0 and OpenID Connect (OIDC)

articles/active-directory/develop/includes/adal-msal-migration.md

@@ -19,17 +19,17 @@ ms.author: henrymbugua
    :::column-end:::
    :::column span="":::
       **Web API**
-        - [ADAL Java to MSAL Java](../migrate-adal-msal-java.md)
-        - [ADAL Python to MSAL Python](../migrate-python-adal-msal.md)
+        - [ADAL Java to MSAL Java](/entra/msal/java/advanced/migrate-adal-msal-java)
+        - [ADAL Python to MSAL Python](/entra/msal/python/advanced/migrate-python-adal-msal)
         - [ADAL.NET to MSAL.NET](../msal-net-migration.md)
    :::column-end:::
 :::row-end:::
 
 :::row:::
    :::column span="":::
       **Desktop app**
-        - [ADAL Java to MSAL Java](../migrate-adal-msal-java.md)
-        - [ADAL Python to MSAL Python](../migrate-python-adal-msal.md)
+        - [ADAL Java to MSAL Java](/entra/msal/java/advanced/migrate-adal-msal-java)
+        - [ADAL Python to MSAL Python](/entra/msal/python/advanced/migrate-python-adal-msal)
         - [ADAL.NET to MSAL.NET](../msal-net-migration.md)
    :::column-end:::
    :::column span="":::
@@ -41,9 +41,9 @@ ms.author: henrymbugua
    :::column-end:::
    :::column span="":::
       **Service / daemon app**
-        - [ADAL Python to MSAL Python](../migrate-python-adal-msal.md)
+        - [ADAL Python to MSAL Python](/entra/msal/python/advanced/migrate-python-adal-msal)
         - [ADAL.NET to MSAL.NET](../msal-net-migration.md) 
         - [ADAL Node to MSAL Node](../msal-node-migration.md)
-        - [ADAL Java to MSAL Java](../migrate-adal-msal-java.md)
+        - [ADAL Java to MSAL Java](/entra/msal/java/advanced/migrate-adal-msal-java)
    :::column-end:::
 :::row-end:::

articles/active-directory/develop/includes/scenarios/scenarios-production.md

@@ -30,8 +30,8 @@ To help in debugging and authentication failure troubleshooting scenarios, the M
     :::column-end:::
     :::column:::
         - [Logging in MSAL for iOS/macOS](../../msal-logging-ios.md)
-        - [Logging in MSAL for Java](../../msal-logging-java.md)
-        - [Logging in MSAL for Python](../../msal-logging-python.md)
+        - [Logging in MSAL for Java](/entra/msal/java/advanced/msal-logging-java)
+        - [Logging in MSAL for Python](/entra/msal/python/advanced/msal-logging-python)
     :::column-end:::
 :::row-end:::
 

articles/active-directory/develop/includes/web-app-client-credentials.md

@@ -39,7 +39,7 @@ In the following example, the `GraphBeta` section specifies these settings.
  },
  "GraphBeta": {
     "BaseUrl": "https://graph.microsoft.com/beta",
-    "Scopes": "user.read"
+    "Scopes": ["user.read"]
     }
 }
 ```
@@ -67,7 +67,7 @@ Instead of a client secret, you can provide a client certificate. The following
   },
   "GraphBeta": {
     "BaseUrl": "https://graph.microsoft.com/beta",
-    "Scopes": "user.read"
+    "Scopes": ["user.read"]
   }
 }
 ```
@@ -76,4 +76,4 @@ Instead of a client secret, you can provide a client certificate. The following
 >
 > If you forget to change the `Scopes` to an array, when you try to use the `IDownstreamApi` the scopes will appear null, and `IDownstreamApi` will attempt an anonymous (unauthenticated) call to the downstream API, which will result in a `401/unauthenticated`.
 
-*Microsoft.Identity.Web* provides several ways to describe certificates, both by configuration or by code. For details, see [Microsoft.Identity.Web - Using certificates](https://github.com/AzureAD/microsoft-identity-web/wiki/Using-certificates) on GitHub.
+*Microsoft.Identity.Web* provides several ways to describe certificates, both by configuration or by code. For details, see [Microsoft.Identity.Web - Using certificates](https://github.com/AzureAD/microsoft-identity-web/wiki/Using-certificates) on GitHub.