Merge branch 'main' into sign-in-updates-1

Author: garrodonnell

.openpublishing.redirection.json

@@ -13437,6 +13437,21 @@
           "redirect_url": "/azure/governance/policy/samples/rbi-itf-nbfc-2017",
           "redirect_document_id": false
         },
+        {
+          "source_path_from_root": "/articles/governance/policy/samples/gov-dod-impact-level-4.md",
+          "redirect_url": "/azure/governance/policy/samples",
+          "redirect_document_id": false
+        },
+        {
+          "source_path_from_root": "/articles/governance/policy/samples/gov-dod-impact-level-5.md",
+          "redirect_url": "/azure/governance/policy/samples",
+          "redirect_document_id": false
+        },
+        {
+          "source_path_from_root": "/articles/governance/policy/samples/swift-cscf-v2021.md",
+          "redirect_url": "/azure/governance/policy/samples/swift-csp-cscf-2021",
+          "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/azure-policy/create-manage-policy.md",
             "redirect_url": "/azure/governance/policy/tutorials/create-and-manage",
@@ -24342,6 +24357,26 @@
             "redirect_url": "/azure/networking/manage-apps/connectivity-interoperability-data-plane",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/networking/manage-apps/connectivty-interoperability-preface.md",
+            "redirect_url": "/azure/networking/connectivity-interoperability-preface",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/networking/manage-apps/connectivty-interoperability-configuration.md",
+            "redirect_url": "/azure/networking/connectivity-interoperability-configuration",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/networking/manage-apps/connectivty-interoperability-control-plane.md",
+            "redirect_url": "/azure/networking/connectivity-interoperability-control-plane",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/networking/manage-apps/connectivty-interoperability-data-plane.md",
+            "redirect_url": "/azure/networking/connectivity-interoperability-data-plane",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/operator-nexus/howto-hybrid-aks.md",
             "redirect_url": "/azure/operator-nexus/howto-kubernetes-cluster-agent-pools",

articles/active-directory-b2c/deploy-custom-policies-github-action.md

@@ -48,7 +48,7 @@ For the GitHub Action to access data in Microsoft Graph, grant the registered ap
 
 GitHub secrets are encrypted environment variables that you create in an organization, repository, or repository environment. In this step, you store the application secret for the application you registered earlier in the [Register an MS Graph application](#register-a-microsoft-graph-application) step.
 
-The GitHub Action for deploying Azure AD B2C custom policies uses the secret to acquire an access token that is used to interact with the Microsoft Graph API. For more information, see [Creating encrypted secrets for a repository](https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#creating-encrypted-secrets-for-a-repository).
+The GitHub Action for deploying Azure AD B2C custom policies uses the secret to acquire an access token that is used to interact with the Microsoft Graph API. For more information, see [Creating encrypted secrets for a repository](https://docs.github.com/actions/security-guides/using-secrets-in-github-actions#creating-encrypted-secrets-for-a-repository).
 
 To create a GitHub secret, follow these steps:
 
@@ -141,9 +141,9 @@ To test the workflow you created, **Push** the changes of your custom policy. On
 
 ## Optional: Schedule your workflow
 
-The workflow you created is triggered by the [push](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#push) event. If you prefer, you can choose another event to trigger the workflow, for example a [pull request](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request).
+The workflow you created is triggered by the [push](https://docs.github.com/actions/using-workflows/events-that-trigger-workflows#push) event. If you prefer, you can choose another event to trigger the workflow, for example a [pull request](https://docs.github.com/actions/using-workflows/events-that-trigger-workflows#pull_request).
 
-You can also schedule a workflow to run at specific UTC times using [POSIX cron syntax](https://pubs.opengroup.org/onlinepubs/9699919799/utilities/crontab.html#tag_20_25_07). The schedule event allows you to trigger a workflow at a scheduled time. For more information, see [Scheduled events](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#scheduled-events).
+You can also schedule a workflow to run at specific UTC times using [POSIX cron syntax](https://pubs.opengroup.org/onlinepubs/9699919799/utilities/crontab.html#tag_20_25_07). The schedule event allows you to trigger a workflow at a scheduled time. For more information, see [Scheduled events](https://docs.github.com/actions/using-workflows/events-that-trigger-workflows#scheduled-events).
 
 The following example triggers the workflow every day at 5:30 and 17:30 UTC:
 
@@ -170,4 +170,4 @@ To edit your workflow:
 
 ## Next steps
 
-- Learn how to configure [Events that trigger workflows](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows)
+- Learn how to configure [Events that trigger workflows](https://docs.github.com/actions/using-workflows/events-that-trigger-workflows)

articles/active-directory-b2c/index.yml

@@ -217,10 +217,10 @@ conceptualContent:
             url: custom-domain.md
             itemType: how-to-guide  
           - text: Customize user experiences using custom policies
-            url: add-sign-up-and-sign-in-policy.md?pivots=b2c-custom-policy            
+            url: add-sign-up-and-sign-in-policy.md?pivots=b2c-custom-policy
             itemType: how-to-guide 
           - text: Custom policy how-to guide series
-            url: custom-policies-series-overview.md            
+            url: custom-policies-series-overview.md
             itemType: how-to-guide
           # - text: Use API connectors 
             # url: add-api-connector.md?pivots=b2c-user-flow

articles/active-directory/app-provisioning/inbound-provisioning-api-postman.md

@@ -31,7 +31,7 @@ In this step, you'll configure the Postman app and invoke the API using the conf
 1. From the **Workspaces** menu, select **Create Workspace** to create a new Workspace called **Microsoft Entra ID Provisioning API**. 
 1. Download the following Postman collections and save it in your local directory.
     - [Entra ID Inbound Provisioning.postman_collection.json](https://github.com/AzureAD/entra-id-inbound-provisioning/blob/main/Postman/Entra%20ID%20Inbound%20Provisioning.postman_collection.json) (Request collection)
-    - [Test-API2AAD.postman_environment.json](https://github.com/AzureAD/entra-id-inbound-provisioning/blob/main/Postman/Test-API2AAD.postman_environment.json) (Environment collection for API-driven provisioning to on-premises AD)- 
+    - [Test-API2AAD.postman_environment.json](https://github.com/AzureAD/entra-id-inbound-provisioning/blob/main/Postman/Test-API2AAD.postman_environment.json) (Environment collection for API-driven provisioning to Azure AD)- 
     - [Test-API2AD.postman_environment.json](https://github.com/AzureAD/entra-id-inbound-provisioning/blob/main/Postman/Test-API2AD.postman_environment.json) (Environment collection for API-driven provisioning to on-premises AD) 
 1. Use the **Import** option in Postman to import both of these files into your Workspace.  
      :::image type="content" source="media/inbound-provisioning-api-postman/postman-import-elements.png" alt-text="Screenshot of Postman Import elements." lightbox="media/inbound-provisioning-api-postman/postman-import-elements.png":::

articles/active-directory/app-provisioning/index.yml

@@ -29,11 +29,11 @@ landingContent:
       - linkListType: tutorial
         links:
           - text: SAP Cloud Platform Identity Authentication provisioning
-            url: ../saas-apps/sap-cloud-platform-identity-authentication-provisioning-tutorial.md?context=%2fazure%2factive-directory%2fapp-provisioning%2fcontext%2fapp-provisioning-context
+            url: ../saas-apps/sap-cloud-platform-identity-authentication-provisioning-tutorial.md?context=/azure/active-directory/app-provisioning/context/app-provisioning-context
           - text: Oracle Fusion ERP provisioning
-            url: ../saas-apps/oracle-fusion-erp-provisioning-tutorial.md?context=%2fazure%2factive-directory%2fapp-provisioning%2fcontext%2fapp-provisioning-context
+            url: ../saas-apps/oracle-fusion-erp-provisioning-tutorial.md?context=/azure/active-directory/app-provisioning/context/app-provisioning-context
           - text: Atlassian Cloud provisioning
-            url: ../saas-apps/atlassian-cloud-provisioning-tutorial.md?context=%2fazure%2factive-directory%2fapp-provisioning%2fcontext%2fapp-provisioning-context
+            url: ../saas-apps/atlassian-cloud-provisioning-tutorial.md?context=/azure/active-directory/app-provisioning/context/app-provisioning-context
       - linkListType: how-to-guide
         links:
           - text: Adding a gallery app? Configure provisioning to the app
@@ -47,7 +47,7 @@ landingContent:
       - linkListType: overview
         links:
           - text: Provisioning with SCIM (Identity Standards Blog)
-            url: https://techcommunity.microsoft.com/t5/identity-standards-blog/provisioning-with-scim-getting-started/ba-p/880010
+            url: https://techcommunity.microsoft.com/t5/security-compliance-and-identity/provisioning-with-scim-getting-started/ba-p/880010
       - linkListType: how-to-guide
         links:
           - text: Developing an app? Use SCIM for automatic provisioning
@@ -61,7 +61,6 @@ landingContent:
       - linkListType: tutorial
         links:
           - text: Workday provisioning
-            url: ../saas-apps/workday-inbound-tutorial.md?context=%2fazure%2factive-directory%2fapp-provisioning%2fcontext%2fapp-provisioning-context
+            url: ../saas-apps/workday-inbound-tutorial.md?context=/azure/active-directory/app-provisioning/context/app-provisioning-context
           - text: SAP SuccessFactors provisioning
-            url: ../saas-apps/sap-successfactors-inbound-provisioning-cloud-only-tutorial.md?context=%2fazure%2factive-directory%2fapp-provisioning%2fcontext%2fapp-provisioning-context
-      
+            url: ../saas-apps/sap-successfactors-inbound-provisioning-cloud-only-tutorial.md?context=/azure/active-directory/app-provisioning/context/app-provisioning-context

articles/active-directory/app-provisioning/insufficient-access-rights-error-troubleshooting.md

@@ -110,4 +110,3 @@ You can set the registry option to [skip GMSA configuration](https://go.microsof
 ## Next steps
 
 * [Learn more about the Inbound Provisioning API](inbound-provisioning-api-concepts.md)
-

articles/active-directory/app-provisioning/scim-validator-tutorial.md

@@ -82,7 +82,7 @@ The endpoints are in the `{host}/scim/` directory, and you can use standard HTTP
 > [!NOTE]
 > You can only use HTTP endpoints for local tests. The Azure AD provisioning service requires that your endpoint support HTTPS.
 
-1. Download [Postman](https://www.getpostman.com/downloads/) and start the application.
+1. Download [Postman](https://www.postman.com/downloads/) and start the application.
 1. Copy and paste this link into Postman to import the test collection: `https://aka.ms/ProvisioningPostman`.
 
     ![Screenshot that shows importing the test collection in Postman.](media/scim-validator-tutorial/postman-collection.png)

articles/active-directory/app-provisioning/toc.yml

@@ -102,7 +102,7 @@ items:
       - name: Export and import your configuration
         href: export-import-provisioning-configuration.md  
       - name: Provisioning reports
-        href: ../reports-monitoring/concept-provisioning-logs.md?context=%2fazure%2factive-directory%2fapp-provisioning%2fcontext%2fapp-provisioning-context
+        href: ../reports-monitoring/concept-provisioning-logs.md?context=/azure/active-directory/app-provisioning/context/app-provisioning-context
       - name: Provisioning insights workbook
         href: provisioning-workbook.md  
     - name: Workday provisioning scenarios
@@ -124,7 +124,7 @@ items:
       - name: Troubleshooting on-premises provisioning
         href: on-premises-ecma-troubleshoot.md
       - name: Provisioning logs
-        href: ../reports-monitoring/concept-provisioning-logs.md?context=%2fazure%2factive-directory%2fapp-provisioning%2fcontext%2fapp-provisioning-context
+        href: ../reports-monitoring/concept-provisioning-logs.md?context=/azure/active-directory/app-provisioning/context/app-provisioning-context
     - name: Troubleshoot HR provisioning
       items:
       - name: Attribute retrieval issues

articles/active-directory/app-provisioning/use-scim-to-provision-users-and-groups.md

@@ -1377,7 +1377,7 @@ The SCIM spec doesn't define a SCIM-specific scheme for authentication and autho
 
 |Authorization method|Pros|Cons|Support|
 |--|--|--|--|
-|Username and password (not recommended or supported by Azure AD)|Easy to implement|Insecure - [Your Pa$$word doesn't matter](https://techcommunity.microsoft.com/t5/azure-active-directory-identity/your-pa-word-doesn-t-matter/ba-p/731984)|Not supported for new gallery or non-gallery apps.|
+|Username and password (not recommended or supported by Azure AD)|Easy to implement|Insecure - [Your Pa$$word doesn't matter](https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/your-pa-word-doesn-t-matter/ba-p/731984)|Not supported for new gallery or non-gallery apps.|
 |Long-lived bearer token|Long-lived tokens don't require a user to be present. They're easy for admins to use when setting up provisioning.|Long-lived tokens can be hard to share with an admin without using insecure methods such as email. |Supported for gallery and non-gallery apps. |
 |OAuth authorization code grant|Access tokens have a shorter life than passwords, and have an automated refresh mechanism that long-lived bearer tokens don't have.  A real user must be present during initial authorization, adding a level of accountability. |Requires a user to be present. If the user leaves the organization, the token is invalid, and authorization needs to be completed again.|Supported for gallery apps, but not non-gallery apps. However, you can provide an access token in the UI as the secret token for short term testing purposes. Support for OAuth code grant on non-gallery is in our backlog, in addition to support for configurable auth / token URLs on the gallery app.|
 |OAuth client credentials grant|Access tokens have a shorter life than passwords, and have an automated refresh mechanism that long-lived bearer tokens don't have. Both the authorization code grant and the client credentials grant create the same type of access token, so moving between these methods is transparent to the API.  Provisioning can be automated, and new tokens can be silently requested without user interaction. ||Supported for gallery apps, but not non-gallery apps. However, you can provide an access token in the UI as the secret token for short term testing purposes. Support for OAuth client credentials grant on non-gallery is in our backlog.|
@@ -1433,8 +1433,8 @@ To help drive awareness and demand of our joint integration, we recommend you up
 > * Ensure your sales and customer support teams are aware, ready, and can speak to the integration capabilities. Brief your teams, provide them with FAQs and include the integration into your sales materials. 
 > * Craft a blog post or press release that describes the joint integration, the benefits and how to get started. [Example: Imprivata and Azure AD Press Release](https://www.imprivata.com/company/press/imprivata-introduces-iam-cloud-platform-healthcare-supported-microsoft) 
 > * Leverage your social media like Twitter, Facebook or LinkedIn to promote the integration to your customers. Be sure to include @AzureAD so we can retweet your post. [Example: Imprivata Twitter Post](https://twitter.com/azuread/status/1123964502909779968)
-> * Create or update your marketing pages/website (e.g. integration page, partner page, pricing page, etc.) to include the availability of the joint integration. [Example: Pingboard integration Page](https://pingboard.com/org-chart-for), [Smartsheet integration page](https://www.smartsheet.com/marketplace/apps/microsoft-azure-ad), [Monday.com pricing page](https://monday.com/pricing/) 
-> * Create a help center article or technical documentation on how customers can get started. [Example: Envoy + Microsoft Azure AD integration.](https://envoy.help/en/articles/3453335-microsoft-azure-active-directory-integration/) 
+> * Create or update your marketing pages/website (e.g. integration page, partner page, pricing page, etc.) to include the availability of the joint integration. [Example: Pingboard integration Page](https://pingboard.com/org-chart-for), [Smartsheet integration page](https://www.smartsheet.com/marketplace/apps/directory-integrations), [Monday.com pricing page](https://monday.com/pricing/) 
+> * Create a help center article or technical documentation on how customers can get started. [Example: Envoy + Microsoft Azure AD integration.](https://envoy.help/en/articles/3453335-microsoft-azure-active-directory-integration) 
 > * Alert customers of the new integration through your customer communication (monthly newsletters, email campaigns, product release notes). 
 
 ## Next steps

articles/active-directory/app-provisioning/user-provisioning.md

@@ -76,7 +76,7 @@ Azure AD user provisioning can help address these challenges. To learn more abou
 
 ## What applications and systems can I use with Azure AD automatic user provisioning?
 
-Azure AD features preintegrated support for many popular SaaS apps and human resources systems, and generic support for apps that implement specific parts of the [SCIM 2.0 standard](https://techcommunity.microsoft.com/t5/Identity-Standards-Blog/Provisioning-with-SCIM-getting-started/ba-p/880010).
+Azure AD features preintegrated support for many popular SaaS apps and human resources systems, and generic support for apps that implement specific parts of the [SCIM 2.0 standard](https://techcommunity.microsoft.com/t5/security-compliance-and-identity/provisioning-with-scim-getting-started/ba-p/880010).
 
 * **Preintegrated applications (gallery SaaS apps)**: You can find all applications for which Azure AD supports a preintegrated provisioning connector in [Tutorials for integrating SaaS applications with Azure Active Directory](../saas-apps/tutorial-list.md). The preintegrated applications listed in the gallery generally use SCIM 2.0-based user management APIs for provisioning.