Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into shgwaad

Author: dlepow

.openpublishing.publish.config.json

@@ -997,7 +997,13 @@
       "url": "https://github.com/MicrosoftGraph/microsoft-graph-docs",
       "branch": "main",
       "branch_mapping": {}
-    }
+    },
+    {
+      "path_to_root": "azure-actions-workflow-samples",
+      "url": "https://github.com/Azure/actions-workflow-samples",
+      "branch": "main",
+      "branch_mapping": {}
+    }  
   ],
   "branch_target_mapping": {
     "live": ["Publish", "PDF"],

.openpublishing.redirection.json

@@ -1,5 +1,10 @@
 {
     "redirections": [
+        {
+            "source_path": "articles/nat-gateway/tutorial-protect-nat-gateway-ddos.md",
+            "redirect_url": "/azure/ddos-protection/ddos-protection-sku-comparison#limitations",
+            "redirect_document_id": false
+        },
         {
             "source_path": "articles/route-server/routing-preference.md",
             "redirect_url": "/azure/route-server/overview",
@@ -22753,6 +22758,26 @@
             "source_path_from_root": "/articles/azure-functions/functions-create-function-linux-custom-image.md",
             "redirect_url": "/azure/azure-functions/functions-how-to-custom-container",
             "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/sentinel/data-connectors/windows-firewall-events-via-ama.md",
+            "redirect_url": "/azure/sentinel/data-connectors-reference",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/sentinel/data-connectors/cisco-meraki.md",
+            "redirect_url": "/azure/sentinel/data-connectors-reference",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/sentinel/data-connectors/cisco-asa-ftd-via-ama.md",
+            "redirect_url": "/azure/sentinel/data-connectors-reference",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/sentinel/data-connectors/threat-intelligence-upload-indicators-api.md",
+            "redirect_url": "/azure/sentinel/data-connectors-reference",
+            "redirect_document_id": false
         }
     ]
 }

articles/active-directory-b2c/azure-ad-b2c-global-identity-funnel-based-design.md

@@ -37,7 +37,7 @@ This use case demonstrates how a user from their home country/region performs a
 
 ![Screenshot shows the Local user sign-up flow.](media/azure-ad-b2c-global-identity-design-considerations/local-user-account-signup.png)
 
-1. A user from Europe, Middle East, and Africa (EMEA) attempts to sign up at **myapp.fr**. If the user isn't being sent to their local appication instance, the traffic manager will enforce a redirect.
+1. A user from Europe, Middle East, and Africa (EMEA) attempts to sign up at **myapp.fr**. If the user isn't being sent to their local application instance, the traffic manager will enforce a redirect.
 
 1. The user reaches the Global Funnel Azure AD B2C tenant. This tenant is configured to redirect to a regional Azure AD B2C tenant based on defined criteria using OpenId federation. This can be a lookup based on Application clientId.
 
@@ -55,7 +55,7 @@ This use case demonstrates how a user re-registering the same email from their o
 
 ![Screenshot shows the existing account sign-up flow.](media/azure-ad-b2c-global-identity-design-considerations/local-existing-account-signup.png)
 
-1. A user from EMEA attempts to sign up at **myapp.fr**. If the user isn't being sent to their local appication instance, the traffic manager will enforce a redirect.
+1. A user from EMEA attempts to sign up at **myapp.fr**. If the user isn't being sent to their local application instance, the traffic manager will enforce a redirect.
 
 1. The user reaches the Global Funnel Azure AD B2C tenant. This tenant is configured to redirect to a regional Azure AD B2C tenant based on some criteria using OpenId federation. This can be a lookup based on Application clientId.
 
@@ -71,7 +71,7 @@ This use case demonstrates how a user from their home country/region performs a
 
 ![Screenshot shows the local user sign-in flow.](media/azure-ad-b2c-global-identity-design-considerations/local-user-account-signin.png)
 
-1. A user from EMEA attempts to sign in at **myapp.fr**. If the user isn't being sent to their local appication instance, the traffic manager will enforce a redirect.
+1. A user from EMEA attempts to sign in at **myapp.fr**. If the user isn't being sent to their local application instance, the traffic manager will enforce a redirect.
 
 1. The user reaches the global funnel Azure AD B2C tenant. This tenant is configured to redirect to a regional Azure AD B2C tenant based on some criteria using OpenId federation. This can be a lookup based on application clientId.
 
@@ -87,7 +87,7 @@ This use case demonstrates how a user can travel across regions and maintain the
 
 ![Screenshot shows the traveling user sign-in flow.](media/azure-ad-b2c-global-identity-design-considerations/traveling-user-account-signin.png)
 
-1. A user from North America (NOAM) attempts to sign in at **myapp.fr** while they are on holiday in France. If the user isn't being sent to their local appication instance, the traffic manager will enforce a redirect.
+1. A user from North America (NOAM) attempts to sign in at **myapp.fr** while they are on holiday in France. If the user isn't being sent to their local application instance, the traffic manager will enforce a redirect.
 
 1. The user reaches the global funnel Azure AD B2C tenant. This tenant is configured to redirect to a regional Azure AD B2C tenant based on some criteria using OpenId federation. This can be a lookup based on Application clientId.
 
@@ -111,7 +111,7 @@ This use case demonstrates how a user can reset their password when they are wit
 
 ![Screenshot shows the local user forgot password flow.](media/azure-ad-b2c-global-identity-design-considerations/local-user-forgot-password.png)
 
-1. A user from EMEA attempts to sign in at **myapp.fr**. If the user isn't being sent to their local appication instance, the traffic manager will enforce a redirect.
+1. A user from EMEA attempts to sign in at **myapp.fr**. If the user isn't being sent to their local application instance, the traffic manager will enforce a redirect.
 
 1. The user reaches the global funnel Azure AD B2C tenant. This tenant is configured to redirect to a regional Azure AD B2C tenant based on some criteria using OpenId federation. This can be a lookup based on application clientId.
 
@@ -133,7 +133,7 @@ This use case demonstrates how a user can reset their password when they're trav
 
 ![Screenshot shows the traveling user forgot password flow.](media/azure-ad-b2c-global-identity-design-considerations/traveling-user-forgot-password.png)
 
-1. A user from NOAM attempts to sign in at **myapp.fr** since they are on holiday in France. If the user isn't being sent to their local appication instance, the traffic manager will enforce a redirect.
+1. A user from NOAM attempts to sign in at **myapp.fr** since they are on holiday in France. If the user isn't being sent to their local application instance, the traffic manager will enforce a redirect.
 
 1. The user reaches the global funnel Azure AD B2C tenant. This tenant is configured to redirect to a regional Azure AD B2C tenant based on some criteria using OpenId federation. This can be a lookup based on application clientId.
 
@@ -197,7 +197,7 @@ This use case demonstrates how a user can sign up to the service from their loca
 
 ![Screenshot shows the flow for federated ID sign-up.](media/azure-ad-b2c-global-identity-design-considerations/local-federated-id-signup.png)
 
-1. A user from EMEA attempts to sign up at **myapp.fr**. If the user isn't being sent to their local appication instance, the traffic manager will enforce a redirect.
+1. A user from EMEA attempts to sign up at **myapp.fr**. If the user isn't being sent to their local application instance, the traffic manager will enforce a redirect.
 
 1. The user reaches the global funnel Azure AD B2C tenant. This tenant is configured to redirect to a regional Azure AD B2C tenant based on some criteria using OpenId federation. This can be a lookup based on application clientId.
 
@@ -220,7 +220,7 @@ This use case demonstrates how a user from their local region signs into the ser
 
 ![Screenshot shows the flow for local federated user sign-in.](media/azure-ad-b2c-global-identity-design-considerations/local-federated-signin.png)
 
-1. A user from EMEA attempts to sign in at **myapp.fr**. If the user isn't being sent to their local appication instance, the traffic manager will enforce a redirect.
+1. A user from EMEA attempts to sign in at **myapp.fr**. If the user isn't being sent to their local application instance, the traffic manager will enforce a redirect.
 
 2. The user reaches the global funnel Azure AD B2C tenant. This tenant is configured to redirect to a regional Azure AD B2C tenant based on some criteria using OpenId federation. This can be a lookup based on Application clientId.
 
@@ -238,7 +238,7 @@ This use case demonstrates how a user can sign into their account with a federat
 
 ![Screenshot shows the flow for traveling federated user sign-in.](media/azure-ad-b2c-global-identity-design-considerations/traveling-federated-user-signin.png)
 
-1. A user from NOAM attempts to sign in at **myapp.fr**. If the user isn't being sent to their local appication instance, the traffic manager will enforce a redirect.
+1. A user from NOAM attempts to sign in at **myapp.fr**. If the user isn't being sent to their local application instance, the traffic manager will enforce a redirect.
 
 1. The user reaches the global funnel Azure AD B2C tenant. This tenant is configured to redirect to a regional Azure AD B2C tenant based on some criteria using OpenId federation. This can be a lookup based on Application clientId.
 
@@ -261,7 +261,7 @@ This use case demonstrates how users are able to perform account linking when ma
 
 ![Screenshot shows the flow to merge a federated account.](media/azure-ad-b2c-global-identity-design-considerations/local-federated-account-merge.png)
 
-1. A user from EMEA attempts to sign in at **myapp.fr**. If the user isn't being sent to their local appication instance, the traffic manager will enforce a redirect.
+1. A user from EMEA attempts to sign in at **myapp.fr**. If the user isn't being sent to their local application instance, the traffic manager will enforce a redirect.
 
 1. The user reaches the global funnel Azure AD B2C tenant. This tenant is configured to redirect to a regional Azure AD B2C tenant based on some criteria using OpenId federation. This can be a lookup based on Application clientId.
 
@@ -285,7 +285,7 @@ This use case demonstrates how non-local users are able to perform account linki
 
 ![Screenshot shows the flow to merge traveling federated user.](media/azure-ad-b2c-global-identity-design-considerations/traveling-federated-user-merge-account.png)
 
-1. A user from NOAM attempts to sign in at **myapp.fr**. If the user isn't being sent to their local appication instance, the traffic manager will enforce a redirect.
+1. A user from NOAM attempts to sign in at **myapp.fr**. If the user isn't being sent to their local application instance, the traffic manager will enforce a redirect.
 
 1. The user reaches the Global Funnel Azure AD B2C tenant. This tenant is configured to redirect to a regional Azure AD B2C tenant based on some criteria using OpenId federation. This can be a lookup based on Application clientId.
 

articles/active-directory-b2c/azure-ad-b2c-global-identity-proof-of-concept-funnel.md

@@ -108,7 +108,7 @@ The following block diagram shows the proof of concept. The guidance will show h
 
       ```xml
       <TechnicalProfile Id="REST-login-NonInteractive-APAC">
-        <DisplayName>non interactive authetnication to APAC</DisplayName>
+        <DisplayName>non interactive authentication to APAC</DisplayName>
         <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.RestfulProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
         <Metadata>
           <Item Key="ServiceUrl">https://login.microsoftonline.com/b2capac.onmicrosoft.com/oauth2/v2.0/token</Item>

articles/active-directory-b2c/azure-ad-b2c-global-identity-solutions.md

@@ -122,13 +122,13 @@ The approach you choose will be based on the number of applications you host and
 
 The performance advantage of using multiple tenants, in either the regional or funnel-based configuration, will be an improvement over using a single Azure AD B2C tenant for globally operating businesses.
 
-When using the funnel-based approach, the funnel tenant will be located in one specific region and serve users globally. Since the funnel tenants operation utilizes a global component of the Azure AD B2C service, it will maintain a consistant level of performance regardless of where users login from.
+When using the funnel-based approach, the funnel tenant will be located in one specific region and serve users globally. Since the funnel tenants operation utilizes a global component of the Azure AD B2C service, it will maintain a consistent level of performance regardless of where users login from.
 
 ![Screenshot shows the Azure AD B2C architecture.](./media/azure-ad-b2c-global-identity-solutions/azure-ad-b2c-architecture.png)
 
 As shown in the diagram above, the Azure AD B2C tenant in the funnel-based approach will only utilize the Policy Engine to perform the redirection to regional Azure AD B2C tenants. The Azure AD B2C Policy Engine component is globally distributed. Therefore, the funnel isn't constrained from a performance perspective, regardless of where the Azure AD B2C funnel tenant is provisioned. A performance loss is encountered due to the extra redirect between funnel and regional tenants in the funnel-based approach.
 
-In the regional-based approach, since each user is directed to their most local Azure AD B2C, performance is consistant for all users logging in.
+In the regional-based approach, since each user is directed to their most local Azure AD B2C, performance is consistent for all users logging in.
 
 The regional tenants will perform directory calls into the Directory Store, which is the only regionalized component in both the funnel-based and regional-based architectures.
 

articles/active-directory-b2c/configure-authentication-in-azure-static-app.md

@@ -89,7 +89,7 @@ Add the following keys to the app settings:
 
 ### 3.1 Add an OpenID Connect identity provider
 
-Once you've added the app ID and secrete, use the following steps to add the Azure AD B2C as OpenId Connect identity provider.
+Once you've added the app ID and secret, use the following steps to add the Azure AD B2C as OpenId Connect identity provider.
 
 1. Add an `auth` section of the [configuration file](../static-web-apps/configuration.md) with a configuration block for the OIDC providers, and your provider definition.
 

articles/active-directory-b2c/error-codes.md

@@ -43,7 +43,7 @@ The following errors can be returned by the Azure Active Directory B2C service.
 | `AADB2C90031` | Policy '{0}' does not specify a default user journey. Ensure that the policy or it's parents specify a default user journey as part of a relying party section. | [Default user journey](relyingparty.md#defaultuserjourney) |
 | `AADB2C90035` | The service is temporarily unavailable. Please retry after a few minutes. |  |
 | `AADB2C90036` | The request does not contain a URI to redirect the user to post logout. Specify a URI in the post_logout_redirect_uri parameter field. | [Send a sign-out request](openid-connect.md#send-a-sign-out-request) |
-| `AADB2C90037` | An error occurred while processing the request. Please locate the `CorellationId` from the response. | [Submit a new support request](find-help-open-support-ticket.md), and include the `CorrelationId`. |
+| `AADB2C90037` | An error occurred while processing the request. Please locate the `CorrelationId` from the response. | [Submit a new support request](find-help-open-support-ticket.md), and include the `CorrelationId`. |
 | `AADB2C90039` | The request contains a client assertion, but the provided policy '{0}' in tenant '{1}' is missing a client_secret in RelyingPartyPolicy. | deprecated | 
 | `AADB2C90040` | User journey '{0}' does not contain a send claims step. | [User journey orchestration steps](userjourneys.md#orchestrationsteps) |
 | `AADB2C90043` | The prompt included in the request contains invalid values. Expected 'none', 'login', 'consent' or 'select_account'. |  |

articles/active-directory-b2c/faq.yml

@@ -8,7 +8,7 @@ metadata:
   ms.service: active-directory
   ms.workload: identity
   ms.topic: faq
-  ms.date: 03/15/2023
+  ms.date: 05/23/2023
   ms.author: godonnell
   ms.subservice: B2C
   ms.custom: "b2c-support"
@@ -17,6 +17,20 @@ summary: This page answers frequently asked questions about the Azure Active Dir
 
 
 sections:
+  - name: Microsoft Entra External ID preview
+    questions:
+      - question: |
+          What is Microsoft Entra External ID?
+        answer: |
+          We announced early preview of our next generation Microsoft Entra External ID solution. This early preview represents an evolutionary step in unifying secure and engaging experiences across all external identities including partners, customers, citizens, patients, and others within a single, integrated platform. For more information about the preview, see [What is Microsoft Entra External ID for customers?](../active-directory/external-identities/customers/overview-customers-ciam.md). 
+      - question: |
+          How does this preview affect me?
+        answer: |
+          No action is required on your part at this time. The next generation platform is currently in early preview only. We remain fully committed to support of your current Azure AD B2C solution. There are no requirements for Azure AD B2C customers to migrate at this time and no plans to discontinue the current Azure AD B2C service. As the next generation platform approaches GA, details will be made available to all our valued B2C customers on available options including migration to the new platform.
+      - question: |
+          How do I participate in the preview?
+        answer: |
+          As the next generation platform represents our future for customer identity and access management (CIAM), we welcome and encourage your participation and feedback during early preview. If you're interested in joining the early preview, contact your sales team for details. 
   - name: General
     questions:
       - question: |
@@ -164,7 +178,7 @@ sections:
           If the TOTP authenticator app codes aren't working with your Android or iPhone mobile phone or device, your device's clock time might be incorrect. In your device's settings, select the option to use the network-provided time or to set the time automatically.
           
       - question: |
-          How do I know that the Go-Local add-on available in my country/region? 
+          How do I know that the Go-Local add-on is available in my country/region? 
         answer: |
           While [creating your Azure AD B2C tenant](tutorial-create-tenant.md), if the Go-Local add-on is available in your country, you're asked to enable it if you need it. 
       

articles/active-directory-b2c/language-customization.md

@@ -221,7 +221,7 @@ Open the extensions file of your policy. For example, <em>`SocialAndLocalAccount
 
 ## Provide language-specific labels
 
-The [LocalizedResources](localization.md#localizedresources) of the `Localization` element contains the list of localized strings. The localized resources element has an identifier that is used to uniquely identify localized resources. This identifer is used later in the [content definition](contentdefinitions.md) element.
+The [LocalizedResources](localization.md#localizedresources) of the `Localization` element contains the list of localized strings. The localized resources element has an identifier that is used to uniquely identify localized resources. This identifier is used later in the [content definition](contentdefinitions.md) element.
 
 You configure localized resources elements for the content definition and any language you want to support. To customize the unified sign-up or sign-in pages for English and Spanish, you add the following `LocalizedResources` elements after the close of the `</SupportedLanguages>` element.