Merge branch 'main' into release-ga-apim-authorizations

Author: v-alje

.openpublishing.redirection.azure-monitor.json

@@ -45,6 +45,26 @@
             "redirect_url": "/azure/azure-monitor/app/app-insights-overview",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/azure-monitor/app/tutorial-runtime-exceptions.md",
+            "redirect_url": "/previous-versions/azure/azure-monitor/app/tutorial-runtime-exceptions",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/azure-monitor/app/tutorial-performance.md",
+            "redirect_url": "/previous-versions/azure/azure-monitor/app/tutorial-performance",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/azure-monitor/app/tutorial-users.md",
+            "redirect_url": "/previous-versions/azure/azure-monitor/app/tutorial-users",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/azure-monitor/app/custom-data-correlation.md",
+            "redirect_url": "/previous-versions/azure/azure-monitor/app/custom-data-correlation",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/azure-monitor/app/correlation.md",
             "redirect_url": "/previous-versions/azure/azure-monitor/app/distributed-tracing-telemetry-correlation",

.openpublishing.redirection.healthcare-apis.json

@@ -586,15 +586,19 @@
           "redirect_document_id": false
       },
       {   "source_path_from_root": "/articles/healthcare-apis/iot/iot-data-flow.md",
-          "redirect_url": "/azure/healthcare-apis/iot/understand-service",
+          "redirect_url": "/azure/healthcare-apis/iot/overview-of-device-data-processing-stages",
           "redirect_document_id": false
       },
       {   "source_path_from_root": "/articles/healthcare-apis/iot/data-flow.md",
-          "redirect_url": "/azure/healthcare-apis/iot/overview-of-device-message-processing-stages",
+          "redirect_url": "/azure/healthcare-apis/iot/overview-of-device-data-processing-stages",
           "redirect_document_id": false
       },
       {   "source_path_from_root": "/articles/healthcare-apis/iot/understand-service.md",
-          "redirect_url": "/azure/healthcare-apis/iot/overview-of-device-message-processing-stages",
+          "redirect_url": "/azure/healthcare-apis/iot/overview-of-device-data-processing-stages",
+          "redirect_document_id": false
+      },
+      {   "source_path_from_root": "/articles/healthcare-apis/iot/overview-of-device-message-processing-stages.md",
+          "redirect_url": "/azure/healthcare-apis/iot/overview-of-device-data-processing-stages",
           "redirect_document_id": false
       },
       {   "source_path_from_root": "/articles/healthcare-apis/iot/how-to-use-device-mappings.md",
@@ -654,7 +658,11 @@
           "redirect_document_id": false
       },
       {   "source_path_from_root": "/articles/healthcare-apis/iot/how-to-use-iot-jsonpath-content-mappings.md",
-          "redirect_url": "/azure/healthcare-apis/iot/how-to-use-iotjsonpathcontenttemplate-mappings",
+          "redirect_url": "/azure/healthcare-apis/iot/how-to-use-iotjsonpathcontent-mappings",
+          "redirect_document_id": false
+      },
+      {   "source_path_from_root": "/articles/healthcare-apis/iot/how-to-use-iotjsonpathcontenttemplate-mappings.md",
+          "redirect_url": "/azure/healthcare-apis/iot/how-to-use-iotjsonpathcontent-mappings",
           "redirect_document_id": false
       },
       {   "source_path_from_root": "/articles/healthcare-apis/iot/deploy-new-button.md",

articles/active-directory-b2c/custom-policies-series-call-rest-api.md

@@ -31,7 +31,7 @@ In this article, you'll learn how to:
 
 ## Scenario overview 
 
-In [Create branching in user journey by using Azure AD B2C custom policies](custom-policies-series-branch-user-journey.md), users who select *Personal Account* need to provide a valid invitation access code to proceed. We use a static access code, but real world apps don't work this way. If the service that issues the access codes is external to your custom policy, you must make a call to that service, and pass the access code input by the user for validation. If the access code is valid, the service returns an HTTP 200 (OK) response, and Azure AD B2C issues JWT token. Otherwise, the service returns an HTTP 409 (Conflict) response, and the use must re-enter an access code. 
+In [Create branching in user journey by using Azure AD B2C custom policies](custom-policies-series-branch-user-journey.md), users who select *Personal Account* need to provide a valid invitation access code to proceed. We use a static access code, but real world apps don't work this way. If the service that issues the access codes is external to your custom policy, you must make a call to that service, and pass the access code input by the user for validation. If the access code is valid, the service returns an HTTP 200 (OK) response, and Azure AD B2C issues JWT token. Otherwise, the service returns an HTTP 409 (Conflict) response, and the user must re-enter an access code. 
 
 :::image type="content" source="media/custom-policies-series-call-rest-api/screenshot-of-call-rest-api-call.png" alt-text="A flowchart of calling a R E S T  A P I.":::
 
@@ -88,7 +88,7 @@ You need to deploy an app, which will serve as your external app. Your custom po
                     "code" : "errorCode",
                     "requestId": "requestId",
                     "userMessage" : "The access code you entered is incorrect. Please try again.",
-                    "developerMessage" : `The The provided code ${req.body.accessCode} does not match the expected code for user.`,
+                    "developerMessage" : `The provided code ${req.body.accessCode} does not match the expected code for user.`,
                     "moreInfo" :"https://docs.microsoft.com/en-us/azure/active-directory-b2c/string-transformations"
                 };
                 res.status(409).send(errorResponse);                
@@ -133,7 +133,7 @@ You need to deploy an app, which will serve as your external app. Your custom po
             "code": "errorCode",
             "requestId": "requestId",
             "userMessage": "The access code you entered is incorrect. Please try again.",
-            "developerMessage": "The The provided code 54321 does not match the expected code for user.",
+            "developerMessage": "The provided code 54321 does not match the expected code for user.",
             "moreInfo": "https://docs.microsoft.com/en-us/azure/active-directory-b2c/string-transformations"
         }
     ```
@@ -316,4 +316,4 @@ Next, learn:
  
 - About [RESTful technical profile](restful-technical-profile.md).
 
--  How to [Create and read a user account by using Azure Active Directory B2C custom policy](custom-policies-series-store-user.md)
+-  How to [Create and read a user account by using Azure Active Directory B2C custom policy](custom-policies-series-store-user.md)

articles/active-directory-b2c/index.yml

@@ -7,8 +7,8 @@ summary: >
 brand: azure
 
 metadata:
-  title: Azure Active Directory B2C documentation # Required; page title displayed in search results. Include the brand. < 60 chars.
-  description: Learn how to use Azure Active Directory B2C to customize and control how customers sign up, sign in, and manage their profiles when using your applications. # Required; article description that is displayed in search results. < 160 chars.
+  title: Azure Active Directory B2C documentation
+  description: Learn how to use Azure Active Directory B2C to customize and control how customers sign up, sign in, and manage their profiles when using your applications.
   services: active-directory-b2c
   ms.service: active-directory
   ms.subservice: B2C

articles/active-directory/app-provisioning/how-provisioning-works.md

@@ -88,7 +88,7 @@ originalUserPrincipalName = alias_theirdomain#EXT#@yourdomain
 
 ## Provisioning cycles: Initial and incremental
 
-When Azure AD is the source system, the provisioning service uses the [Use delta query to track changes in Microsoft Graph data](/graph/delta-query-overview) to monitor users and groups. The provisioning service runs an initial cycle against the source system and target system, followed by periodic incremental cycles.
+When Azure AD is the source system, the provisioning service uses the [delta query to track changes in Microsoft Graph data](/graph/delta-query-overview) to monitor users and groups. The provisioning service runs an initial cycle against the source system and target system, followed by periodic incremental cycles.
 
 ### Initial cycle
 

articles/active-directory/app-provisioning/plan-auto-user-provisioning.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: app-provisioning
 ms.topic: conceptual
 ms.workload: identity
-ms.date: 04/12/2023
+ms.date: 04/13/2023
 ms.author: kenwith
 ms.reviewer: arvinh
 ---
@@ -152,9 +152,9 @@ The actual steps required to enable and configure automatic provisioning vary de
 
 If not, follow the steps:
 
-1. [Create a request](../manage-apps/v2-howto-app-gallery-listing.md) for a pre-integrated user provisioning connector. Our team will work with you and the application developer to onboard your application to our platform if it supports SCIM.
+1. [Create a request](../manage-apps/v2-howto-app-gallery-listing.md) for a pre-integrated user provisioning connector. Our team works with you and the application developer to onboard your application to our platform if it supports SCIM.
 
-1. Use the [BYOA SCIM](../app-provisioning/use-scim-to-provision-users-and-groups.md) generic user provisioning support for the app. This is a requirement for Azure AD to provision users to the app without a pre-integrated provisioning connector.
+1. Use the [BYOA SCIM](../app-provisioning/use-scim-to-provision-users-and-groups.md) generic user provisioning support for the app. Using SCIM is a requirement for Azure AD to provision users to the app without a pre-integrated provisioning connector.
 
 1. If the application is able to utilize the BYOA SCIM connector, then refer to [BYOA SCIM integration tutorial](../app-provisioning/use-scim-to-provision-users-and-groups.md) to configure the BYOA SCIM connector for the application.
 
@@ -194,13 +194,13 @@ Before implementing automatic user provisioning, you must determine the users an
 
 * Use [scoping filters](../app-provisioning/define-conditional-rules-for-provisioning-user-accounts.md) to define attribute-based rules that determine which users are provisioned to an application.
 
-* Next, use [user and group assignments](../manage-apps/assign-user-or-group-access-portal.md) as needed for additional filtering.
+* Next, use [user and group assignments](../manage-apps/assign-user-or-group-access-portal.md) as needed for more filtering.
 
 ### Define user and group attribute mapping
 
 To implement automatic user provisioning, you need to define the user and group attributes that are needed for the application. There's a pre-configured set of attributes and [attribute-mappings](../app-provisioning/configure-automatic-user-provisioning-portal.md) between Azure AD user objects, and each SaaS application’s user objects. Not all SaaS apps enable group attributes.
 
-Azure AD supports by direct attribute-to-attribute mapping, providing constant values, or [writing expressions for attribute mappings](../app-provisioning/functions-for-customizing-application-data.md). This flexibility gives you fine control of what will be populated in the targeted system's attribute. You can use [Microsoft Graph API](../app-provisioning/export-import-provisioning-configuration.md) and Graph Explorer to export your user provisioning attribute mappings and schema to a JSON file and import it back into Azure AD.
+Azure AD supports by direct attribute-to-attribute mapping, providing constant values, or [writing expressions for attribute mappings](../app-provisioning/functions-for-customizing-application-data.md). This flexibility gives you fine control over what is populated in the targeted system's attribute. You can use [Microsoft Graph API](../app-provisioning/export-import-provisioning-configuration.md) and Graph Explorer to export your user provisioning attribute mappings and schema to a JSON file and import it back into Azure AD.
 
 For more information, see [Customizing User Provisioning Attribute-Mappings for SaaS Applications in Azure Active Directory](../app-provisioning/customize-application-attributes.md).
 
@@ -220,7 +220,7 @@ At each stage of your deployment ensure that you’re testing that results are a
 
 ### Plan testing
 
-Once you have configured automatic user provisioning for the application, you'll run test cases to verify this solution meets your organization’s requirements.
+First, configure automatic user provisioning for the application. Then run test cases to verify the solution meets your organization’s requirements.
 
 | Scenarios| Expected results |
 | - | - |
@@ -273,7 +273,7 @@ After a successful [initial cycle](../app-provisioning/user-provisioning.md), th
 
 * A new initial cycle is triggered by a change in attribute mappings or scoping filters.
 
-* The provisioning process goes into quarantine due to a high error rate and stays in quarantine for more than four weeks when it will be automatically disabled.
+* The provisioning process goes into quarantine due to a high error rate and stays in quarantine for more than four weeks then it is automatically disabled.
 
 To review these events, and all other activities performed by the provisioning service, refer to Azure AD [provisioning logs](../reports-monitoring/concept-provisioning-logs.md?context=azure/active-directory/manage-apps/context/manage-apps-context).
 

articles/active-directory/authentication/concept-authentication-phone-options.md

@@ -30,7 +30,7 @@ To work properly, phone numbers must be in the format *+CountryCode PhoneNumber*
 > [!NOTE]
 > There needs to be a space between the country/region code and the phone number.
 >
-> Password reset and Azure AD Multi-Factor Authentication don't support phone extensions. Even in the *+1 4251234567X12345* format, extensions are removed before the call is placed.
+> Password reset and Azure AD Multi-Factor Authentication support phone extensions only in office phone.
 
 ## Mobile phone verification
 

articles/active-directory/authentication/concept-mfa-licensing.md

@@ -98,7 +98,7 @@ After you have purchased the required Azure AD tier, [plan and deploy Azure AD M
 
 ### Azure AD Free tier
 
-All users in an Azure AD Free tenant can use Azure AD Multi-Factor Authentication by using security defaults. The mobile authentication app is the only method that can be used for Azure AD Multi-Factor Authentication when using Azure AD Free security defaults.
+All users in an Azure AD Free tenant can use Azure AD Multi-Factor Authentication by using security defaults. The mobile authentication app and SMS methods can be used for Azure AD Multi-Factor Authentication when using Azure AD Free security defaults.
 
 * [Learn more about Azure AD security defaults](../fundamentals/concept-fundamentals-security-defaults.md)
 * [Enable security defaults for users in Azure AD Free](../fundamentals/concept-fundamentals-security-defaults.md#enabling-security-defaults)

articles/active-directory/authentication/feature-availability.md

@@ -6,7 +6,7 @@ services: multi-factor-authentication
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 01/29/2023
+ms.date: 04/13/2023
 
 
 ms.author: justinha
@@ -44,7 +44,6 @@ This following tables list Azure AD feature availability in Azure Government.
 || Session lifetime management | ✅ | 
 || Identity Protection (vulnerabilities and risky accounts) | See [Identity protection](#identity-protection) below. | 
 || Identity Protection (risk events investigation, SIEM connectivity) | See [Identity protection](#identity-protection) below. | 
-|| Entra permissions management | ❌ | 
 |**Administration and hybrid identity**|User and group management | ✅ | 
 || Advanced group management (Dynamic groups, naming policies, expiration, default classification) | ✅ | 
 || Directory synchronization—Azure AD Connect (sync and cloud sync) | ✅ | 
@@ -53,7 +52,6 @@ This following tables list Azure AD feature availability in Azure Government.
 || Global password protection and management – cloud-only users | ✅ | 
 || Global password protection and management – custom banned passwords, users synchronized from on-premises Active Directory | ✅ | 
 || Microsoft Identity Manager user client access license (CAL) | ✅ | 
-|| Entra workload identities | ❌ | 
 |**End-user self-service**|Application launch portal (My Apps) | ✅ | 
 || User application collections in My Apps | ✅ |
 || Self-service account management portal (My Account) | ✅ |
@@ -69,7 +67,6 @@ This following tables list Azure AD feature availability in Azure Government.
 || Access certifications and reviews | ✅ |
 || Entitlement management | ✅ |
 || Privileged Identity Management (PIM), just-in-time access |  ✅ |
-|| Entra governance | ❌ |
 |**Event logging and reporting**|Basic security and usage reports | ✅ |
 || Advanced security and usage reports | ✅ |
 || Identity Protection: vulnerabilities and risky accounts | ✅ |

articles/active-directory/authentication/how-to-authentication-methods-manage.md

@@ -53,7 +53,7 @@ For each method, note whether or not it's enabled for the tenant. The following
 
 ### Review the legacy SSPR policy
 
-To get the authentication methods available in the legacy SSPR policy, go to **Azure Active Directory** > **Password reset** > **Authentication methods**. The following table lists the available methods in the legacy SSPR policy and corresponding methods in the Authentication method policy. 
+To get the authentication methods available in the legacy SSPR policy, go to **Azure Active Directory** > **Users** > **Password reset** > **Authentication methods**. The following table lists the available methods in the legacy SSPR policy and corresponding methods in the Authentication method policy. 
 
 :::image type="content" border="false" source="media/how-to-authentication-methods-manage/legacy-sspr-policy.png" alt-text="Screenshot that shows the legacy Azure AD SSPR policy." lightbox="media/how-to-authentication-methods-manage/legacy-sspr-policy.png":::