Merge branch 'master' of https://github.com/MicrosoftDocs/azure-docs-pr into async

Author: anaharris-ms

.gitignore

@@ -25,4 +25,4 @@ AzureMigration.ps1
 **/.vscode/settings.json
 !/.vscode/settings.json
 
-desktop.ini
+desktop.ini

.openpublishing.redirection.json

@@ -605,6 +605,11 @@
             "redirect_url": "transform-custom-preset-cli-how-to",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/media-services/video-indexer/observed-people-tracing.md",
+            "redirect_url": "../../media-services/",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/media-services/latest/encode-custom-preset-rest-how-to.md",
             "redirect_url": "transform-custom-preset-rest-how-to",

.openpublishing.redirection.media-services.json

@@ -0,0 +1,24 @@
+{
+    "$schema": "https://whatsnewapi.azurewebsites.net/schema",
+    "docSetProductName": "Azure Active Directory application proxy",
+    "rootDirectory": "articles/active-directory/app-proxy/",
+    "docLinkSettings": {
+        "linkFormat": "relative",
+        "relativeLinkPrefix": "/azure/active-directory/app-proxy"
+    },
+    "inclusionCriteria": {
+        "excludePullRequestTitles": true,
+        "minAdditionsToFile" : 2,
+        "maxFilesChanged": 50,
+        "labels": [
+            "label:active-directory/svc",
+            "label:app-proxy/subsvc"
+        ]
+    },
+    "areas": [
+        {
+            "name": ".",
+            "heading": "Azure Active Directory application proxy"
+        }
+    ]
+}

.whatsnew/.application-proxy.json

@@ -68,9 +68,8 @@ articles/best-practices-availability-paired-regions.md @martinekuan @syntaxc4 @s
 # Governance
 articles/governance/ @DCtheGeek
 
-# Security baselines
-articles/**/*security-baseline.md @msmbaldwin @mgblythe
-articles/security/benchmarks/ @msmbaldwin @mgblythe
+# Security
+articles/security/fundamentals/feature-availability.md @msmbaldwin @terrylanfear
 
 # Azure Security Center
 articles/security-center/ @memildin
@@ -83,6 +82,9 @@ articles/ddos-protection @aletheatoh @anupamvi
 # Lighthouse
 articles/lighthouse/ @JnHs
 
+# Healthcare APIs
+articles/healthcare-apis/ @ginalee-dotcom
+
 # Configuration
 *.json @SyntaxC4 @snoviking @martinekuan
 .acrolinx-config.edn @MonicaRush @martinekuan

CODEOWNERS

@@ -274,12 +274,26 @@
       href: configure-tokens.md
   - name: Define custom attributes
     href: user-flow-custom-attributes.md
-  - name: Risk-based authentication
+  - name: Security and threat management
     items:
     - name: Investigate risk with Identity Protection
       href: identity-protection-investigate-risk.md
     - name: Configure Conditional Access
       href: conditional-access-user-flow.md
+    - name: Mitigate credential attacks
+      displayName: smart lockout, account lockout, password attack
+      href: threat-management.md
+    - name: Fraud protection partners
+      items: 
+      - name: Arkose Labs
+        href: partner-arkose-labs.md
+        displayName: fraud protection, fraud, Azure AD b2c, protection, B2Cprotection
+      - name: BioCatch
+        href: partner-biocatch.md
+        displayName: fraud protection, fraud, Azure AD b2c, protection, B2Cprotection, user behavior
+      - name: Microsoft Dynamics 365 Fraud Protection
+        href: partner-dynamics-365-fraud-protection.md
+        displayName: m365 dynamics, dynamics fraud protection, fraud, 365 protection
   - name: Configure age gating
     href: age-gating.md
   - name: API connectors
@@ -322,17 +336,6 @@
       href: partner-lexisnexis.md
     - name: Onfido
       href: partner-onfido.md
-  - name: Fraud protection partners
-    items: 
-    - name: Arkose Labs
-      href: partner-arkose-labs.md
-      displayName: fraud protection, fraud, Azure AD b2c, protection, B2Cprotection
-    - name: BioCatch
-      href: partner-biocatch.md
-      displayName: fraud protection, fraud, Azure AD b2c, protection, B2Cprotection, user behavior
-    - name: Microsoft Dynamics 365 Fraud Protection
-      href: partner-dynamics-365-fraud-protection.md
-      displayName: m365 dynamics, dynamics fraud protection, fraud, 365 protection
   - name: Secure access to legacy and on-premises apps
     items:
     - name: Ping Identity
@@ -538,8 +541,6 @@
       href: ../active-directory/fundamentals/resilience-b2c-developer-best-practices.md?bc=%2fazure%2factive-directory-b2c%2fbread%2ftoc.json&toc=%2fazure%2factive-directory-b2c%2fTOC.json
     - name: Monitoring and analytics
       href: ../active-directory/fundamentals/resilience-with-monitoring-alerting.md?bc=%2fazure%2factive-directory-b2c%2fbread%2ftoc.json&toc=%2fazure%2factive-directory-b2c%2fTOC.json
-  - name: Threat management
-    href: threat-management.md
     displayName: security
   - name: User flow versions
     href: user-flow-versions.md

articles/active-directory-b2c/TOC.yml

@@ -9,7 +9,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: how-to
-ms.date: 03/22/2021
+ms.date: 05/11/2021
 ms.custom: project-no-code
 ms.author: mimart
 ms.subservice: B2C
@@ -57,10 +57,10 @@ To enable self-service password reset for the sign-up or sign-in user flow:
 1. Select **User flows**.
 1. Select a sign-up or sign-in user flow (of type **Recommended**) that you want to customize.
 1. Under **Settings** in the left menu, select **Properties**.
-1. Under **Password complexity**, select **Self-service password reset**.
+1. Under **Password configuration**, select **Self-service password reset**.
 1. Select **Save**.
 1. Under **Customize** in the left menu, select **Page layouts**.
-1. In the **Page Layout Version**, choose **2.1.2 - Current** or above.
+1. In the **Page Layout Version**, choose **2.1.3** or above.
 1. Select **Save**.
 
 ::: zone-end

articles/active-directory-b2c/add-password-reset-policy.md

@@ -34,7 +34,7 @@ In this article, you learn how to transfer the logs to an Azure Log Analytics wo
 
 ## Deployment overview
 
-Azure AD B2C leverages [Azure Active Directory monitoring](../active-directory/reports-monitoring/overview-monitoring.md). To enable *Diagnostic settings* in Azure Active Directory within your Azure AD B2C tenant, you use [Azure Lighthouse](../lighthouse/concepts/azure-delegated-resource-management.md) to [delegate a resource](../lighthouse/concepts/azure-delegated-resource-management.md), which allows your Azure AD B2C (the **Service Provider**) to manage an Azure AD (the **Customer**) resource. After you complete the steps in this article, you'll have access to the *azure-ad-b2c-monitor* resource group that contains the [Log Analytics workspace](../azure-monitor/logs/quick-create-workspace.md) in your **Azure AD B2C** portal. You'll also be able to transfer the logs from Azure AD B2C to your Log Analytics workspace.
+Azure AD B2C leverages [Azure Active Directory monitoring](../active-directory/reports-monitoring/overview-monitoring.md). To enable *Diagnostic settings* in Azure Active Directory within your Azure AD B2C tenant, you use [Azure Lighthouse](../lighthouse/overview.md) to [delegate a resource](../lighthouse/concepts/architecture.md), which allows your Azure AD B2C (the **Service Provider**) to manage an Azure AD (the **Customer**) resource. After you complete the steps in this article, you'll have access to the *azure-ad-b2c-monitor* resource group that contains the [Log Analytics workspace](../azure-monitor/logs/quick-create-workspace.md) in your **Azure AD B2C** portal. You'll also be able to transfer the logs from Azure AD B2C to your Log Analytics workspace.
 
 During this deployment, you'll authorize a user or group in your Azure AD B2C directory to configure the Log Analytics workspace instance within the tenant that contains your Azure subscription. To create the authorization, you deploy an [Azure Resource Manager](../azure-resource-manager/index.yml) template to your Azure AD tenant containing the subscription.
 
@@ -255,7 +255,7 @@ The workbook will display reports in the form of a dashboard.
 
 ## Create alerts
 
-Alerts are created by alert rules in Azure Monitor and can automatically run saved queries or custom log searches at regular intervals. You can create alerts based on specific performance metrics or when certain events are created, absence of an event, or a number of events are created within a particular time window. For example, alerts can be used to notify you when average number of sign-in exceeds a certain threshold. For more information, see [Create alerts](../azure-monitor/alerts/tutorial-response.md).
+Alerts are created by alert rules in Azure Monitor and can automatically run saved queries or custom log searches at regular intervals. You can create alerts based on specific performance metrics or when certain events are created, absence of an event, or a number of events are created within a particular time window. For example, alerts can be used to notify you when average number of sign-in exceeds a certain threshold. For more information, see [Create alerts](../azure-monitor/alerts/alerts-log.md).
 
 
 Use the following instructions to create a new Azure Alert, which will send an [email notification](../azure-monitor/alerts/action-groups.md#configure-notifications) whenever there is a 25% drop in the **Total Requests** compare to previous period. Alert will run every 5 minutes and look for the drop within last 24 hours windows. The alerts are created using Kusto query language.

articles/active-directory-b2c/azure-monitor.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: conditional-access
 ms.topic: overview
-ms.date: 03/03/2021
+ms.date: 05/13/2021
 
 ms.author: mimart
 author: msmimart
@@ -16,8 +16,6 @@ ms.collection: M365-identity-device-management
 ---
 # Identity Protection and Conditional Access for Azure AD B2C
 
-[!INCLUDE [b2c-public-preview-feature](../../includes/active-directory-b2c-public-preview.md)]
-
 Enhance the security of Azure Active Directory B2C (Azure AD B2C) with Azure AD Identity Protection and Conditional Access. The Identity Protection risk-detection features, including risky users and risky sign-ins, are automatically detected and displayed in your Azure AD B2C tenant. You can create Conditional Access policies that use these risk detections to determine actions and enforce organizational policies. Together, these capabilities give Azure AD B2C application owners greater control over risky authentications and access policies.
 
 If you're already familiar with [Identity Protection](../active-directory/identity-protection/overview-identity-protection.md) and [Conditional Access](../active-directory/conditional-access/overview.md) in Azure AD, using these capabilities with Azure AD B2C will be a familiar experience, with the minor differences discussed in this article.

articles/active-directory-b2c/conditional-access-identity-protection-overview.md

@@ -9,7 +9,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: reference
-ms.date: 04/19/2021
+ms.date: 05/13/2021
 ms.author: mimart
 ms.subservice: B2C
 ---
@@ -20,8 +20,6 @@ ms.subservice: B2C
 
 Azure Active Directory (Azure AD) Conditional Access is the tool used by Azure AD B2C to bring signals together, make decisions, and enforce organizational policies. Automating risk assessment with policy conditions means risky sign-ins are at once identified and remediated or blocked.
 
-[!INCLUDE [b2c-public-preview-feature](../../includes/active-directory-b2c-public-preview.md)]
-
 ## Protocol
 
 The **Name** attribute of the **Protocol** element needs to be set to `Proprietary`. The **handler** attribute must contain the fully qualified name of the protocol handler assembly that is used by Azure AD B2C: