Merge branch 'master' into master

Author: mayurigupta13

.openpublishing.publish.config.json

@@ -146,6 +146,12 @@
       "url": "https://github.com/Azure/azure-functions-durable-extension",
       "branch": "master"
     },
+    {
+      "path_to_root": "functions-python-tensorflow-tutorial",
+      "url": "https://github.com/Azure-Samples/functions-python-tensorflow-tutorial",
+      "branch": "master",
+      "branch_mapping": {}
+    },    
     {
       "path_to_root": "samples-personalizer",
       "url": "https://github.com/Azure-Samples/cognitive-services-personalizer-samples",

.openpublishing.redirection.json

@@ -76,7 +76,7 @@
   items:
   - name: App integration
     items:
-    - name: Register an OIDC application
+    - name: Register an application
       href: tutorial-register-applications.md
     - name: Register a SAML service provider
       href: connect-with-saml-service-providers.md
@@ -282,6 +282,11 @@
           items:
           - name: Localization string IDs
             href: localization-string-ids.md
+        - name: DisplayControls
+          href: display-controls.md
+          items:
+          - name: Verification
+            href: display-control-verification.md
       - name: ClaimsProviders
         href: claimsproviders.md
         items:
@@ -320,11 +325,6 @@
             href: active-directory-b2c-reference-sso-custom.md
           - name: Validation
             href: validation-technical-profile.md
-      - name: DisplayControls
-        href: display-controls.md
-        items:
-        - name: Verification
-          href: display-control-verification.md
       - name: UserJourneys
         href: userjourneys.md
       - name: RelyingParty

articles/active-directory-b2c/TOC.yml

@@ -298,17 +298,19 @@ After your RESTful service is protected by the client ID (username) and secret,
 
 ## Step 5: Upload the policy to your tenant
 
-1. In the [Azure portal](https://portal.azure.com), switch to the [context of your Azure AD B2C tenant](active-directory-b2c-navigate-to-b2c-context.md), and then open **Azure AD B2C**.
+1. In the [Azure portal](https://portal.azure.com), select the **Directory + Subscription** icon in the portal toolbar, and then select the directory that contains your Azure AD B2C tenant.
 
-2. Select **Identity Experience Framework**.
+1. In the Azure portal, search for and select **Azure AD B2C**.
 
-3. Open **All Policies**.
+1. Select **Identity Experience Framework**.
 
-4. Select **Upload Policy**.
+1. Open **All Policies**.
 
-5. Select the **Overwrite the policy if it exists** check box.
+1. Select **Upload Policy**.
 
-6. Upload the *TrustFrameworkExtensions.xml* file, and then ensure that it passes validation.
+1. Select the **Overwrite the policy if it exists** check box.
+
+1. Upload the *TrustFrameworkExtensions.xml* file, and then ensure that it passes validation.
 
 ## Step 6: Test the custom policy by using Run Now
 

articles/active-directory-b2c/active-directory-b2c-custom-rest-api-netfw-secure-basic.md

@@ -96,17 +96,19 @@ To support client certificate authentication in your custom policy, change the t
 
 ## Step 4: Upload the policy to your tenant
 
-1. In the [Azure portal](https://portal.azure.com), switch to the [context of your Azure AD B2C tenant](active-directory-b2c-navigate-to-b2c-context.md), and then select **Azure AD B2C**.
+1. In the [Azure portal](https://portal.azure.com), select the **Directory + Subscription** icon in the portal toolbar, and then select the directory that contains your Azure AD B2C tenant.
 
-2. Select **Identity Experience Framework**.
+1. In the Azure portal, search for and select **Azure AD B2C**.
 
-3. Select **All Policies**.
+1. Select **Identity Experience Framework**.
 
-4. Select **Upload Policy**.
+1. Select **All Policies**.
 
-5. Select the **Overwrite the policy if it exists** check box.
+1. Select **Upload Policy**.
 
-6. Upload the *TrustFrameworkExtensions.xml* file, and then ensure that it passes validation.
+1. Select the **Overwrite the policy if it exists** check box.
+
+1. Upload the *TrustFrameworkExtensions.xml* file, and then ensure that it passes validation.
 
 ## Step 5: Test the custom policy by using Run Now
 1. Open **Azure AD B2C Settings**, and then select **Identity Experience Framework**.

articles/active-directory-b2c/active-directory-b2c-custom-rest-api-netfw-secure-cert.md

@@ -333,7 +333,9 @@ After you add the new claim, the relying party code looks like this:
 
 ## Step 7: Upload the policy to your tenant
 
-1. In the [Azure portal](https://portal.azure.com), switch to the [context of your Azure AD B2C tenant](active-directory-b2c-navigate-to-b2c-context.md), and then open **Azure AD B2C**.
+1. In the [Azure portal](https://portal.azure.com), Select the **Directory + Subscription** icon in the portal toolbar, and then select the directory that contains your Azure AD B2C tenant.
+
+1. In the Azure portal, search for and select **Azure AD B2C**.
 
 1. Select **Identity Experience Framework**.
 

articles/active-directory-b2c/active-directory-b2c-custom-rest-api-netfw.md

@@ -23,7 +23,7 @@ There are two common reasons for why the Azure AD extension is not working for y
 
 ### Can I use Azure AD B2C features in my existing, employee-based Azure AD tenant?
 
-Azure AD and Azure AD B2C are separate product offerings and cannot coexist in the same tenant. An Azure AD tenant represents an organization. An Azure AD B2C tenant represents a collection of identities to be used with relying party applications. With custom policies, Azure AD B2C can federate to Azure AD allowing authentication of employees in an organization.
+Azure AD and Azure AD B2C are separate product offerings and cannot coexist in the same tenant. An Azure AD tenant represents an organization. An Azure AD B2C tenant represents a collection of identities to be used with relying party applications. By adding **New OpenID Connect provider** under **Azure AD B2C > Identity providers** or with custom policies, Azure AD B2C can federate to Azure AD allowing authentication of employees in an organization.
 
 ### Can I use Azure AD B2C to provide social login (Facebook and Google+) into Office 365?
 

articles/active-directory-b2c/active-directory-b2c-faqs.md

@@ -130,7 +130,7 @@ The management of Azure AD B2C using role-based access control is not affected b
 
 Azure AD B2C tenants can be moved to another subscription if the source and destination subscriptions exist within the same Azure Active Directory tenant.
 
-To learn how to move Azure resources like your Azure AD B2C tenant to another subscription, see [Move resources to new resource group or subscription](../azure-resource-manager/resource-group-move-resources.md).
+To learn how to move Azure resources like your Azure AD B2C tenant to another subscription, see [Move resources to new resource group or subscription](../azure-resource-manager/management/move-resource-group-and-subscription.md).
 
 Before you initiate the move, be sure to read the entire article to fully understand the limitations and requirements for such a move. In addition to instructions for moving resources, it includes critical information like a pre-move checklist and how to validate the move operation.
 

articles/active-directory-b2c/active-directory-b2c-how-to-enable-billing.md

@@ -161,7 +161,7 @@ Write-Output "Searching for events starting $7daysago"
 $body       = @{grant_type="client_credentials";resource=$resource;client_id=$ClientID;client_secret=$ClientSecret}
 $oauth      = Invoke-RestMethod -Method Post -Uri $loginURL/$tenantdomain/oauth2/token?api-version=1.0 -Body $body
 
-# Parse audit report items, save output to file(s): auditX.json, where X = 0 thru n for number of nextLink pages
+# Parse audit report items, save output to file(s): auditX.json, where X = 0 through n for number of nextLink pages
 if ($oauth.access_token -ne $null) {
     $i=0
     $headerParams = @{'Authorization'="$($oauth.token_type) $($oauth.access_token)"}

articles/active-directory-b2c/active-directory-b2c-reference-audit-logs.md

@@ -98,8 +98,8 @@ Now that you've acquired an authorization code, you can redeem the `code` for a
 You can also request an access token for your app's own back-end Web API by convention of using the app's client ID as the requested scope (which will result in an access token with that client ID as the "audience"):
 
 ```HTTP
-POST {tenant}.onmicrosoft.com/{policy}/oauth2/v2.0/token HTTP/1.1
-Host: {tenant}.b2clogin.com
+POST https://{tenant}.b2clogin.com/{tenant}.onmicrosoft.com/{policy}/oauth2/v2.0/token HTTP/1.1
+
 Content-Type: application/x-www-form-urlencoded
 
 grant_type=authorization_code&client_id=90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6&scope=90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6 offline_access&code=AwABAAAAvPM1KaPlrEqdFSBzjqfTGBCmLdgfSTLEMPGYuNHSUYBrq...&redirect_uri=urn:ietf:wg:oauth:2.0:oob
@@ -165,8 +165,8 @@ Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZn
 Access tokens and ID tokens are short-lived. After they expire, you must refresh them to continue to access resources. To do this, submit another POST request to the `/token` endpoint. This time, provide the `refresh_token` instead of the `code`:
 
 ```HTTP
-POST {tenant}.onmicrosoft.com/{policy}/oauth2/v2.0/token HTTP/1.1
-Host: {tenant}.b2clogin.com
+POST https://{tenant}.b2clogin.com/{tenant}.onmicrosoft.com/{policy}/oauth2/v2.0/token HTTP/1.1
+
 Content-Type: application/x-www-form-urlencoded
 
 grant_type=refresh_token&client_id=90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6&scope=90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6 offline_access&refresh_token=AwABAAAAvPM1KaPlrEqdFSBzjqfTGBCmLdgfSTLEMPGYuNHSUYBrq...&redirect_uri=urn:ietf:wg:oauth:2.0:oob