Merge branch 'main' into mooreds/add-logout-doc

astro/src/content/articles/authentication/multi-factor-authentication.md

@@ -1,6 +1,6 @@
 ---
-title: "Multi-Factor Authentication (MFA): The Ultimate Guide"
-description: What is multi-factor authentication and how it works?
+title: "What is Multi-Factor Authentication (MFA) and How it Works"
+description: Learn what MFA is, why it's crucial, the available factors, and when to consider requiring multi-factor authentication for enhanced security.
 author: Dan Moore
 section: Authentication
 tags: mfa 2fa multi-factor-authentication two-factor-authentication user-experience customer-experience security policie sms totp factors ap-push tradeoffs open-standards biometric

astro/src/content/articles/identity-basics/magic-links.md

@@ -1,6 +1,6 @@
 ---
-title: What are Magic Links and How to Use Them
-description: "Magic Links: A Guide to Passwordless Authentication"
+title: Magic Links - A Guide to Passwordless Authentication
+description: "Magic links offer secure, passwordless authentication, enhancing user experience and security. Learn more in and improve your access control today!"
 author: Brad McCarty
 icon: /img/icons/magic-links.svg
 darkIcon: /img/icons/magic-links-dark.svg

astro/src/content/articles/identity-basics/what-is-oidc.mdx

@@ -1,6 +1,6 @@
 ---
-title: "What Is OpenID Connect (OIDC)?"
-description: "What Is OpenID Connect (OIDC) and How It Works"
+title: "What Is OpenID Connect (OIDC) and How It Works"
+description: "Explore OpenID Connect (OIDC) and understand how it enhances authentication for web and mobile applications. Learn its workings, benefits, and more."
 author: Dan Moore
 icon: /img/icons/what-is-oidc.svg
 darkIcon: /img/icons/what-is-oidc-dark.svg

astro/src/content/articles/oauth/modern-guide-to-oauth.mdx

@@ -1,6 +1,6 @@
 ---
-title: Modern Guide - What is OAuth 2.0 and How Does It Work?
-description: What is OAuth 2.0 and How does it Work?
+title: What is OAuth 2.0 and How does it Work?
+description: Discover what OAuth 2.0 is, how it works, and its importance in securing and managing access to online resources. Learn about its key grants and benefits.
 image: advice/modern-guide-oauth/expert-advice-the-modern-guide-to-oauth-header-image.png
 author: Brian Pontarelli, Ahmed Hashesh and Dan Moore
 section: OAuth

astro/src/content/docs/lifecycle/authenticate-users/identity-providers/index.mdx

@@ -9,6 +9,7 @@ topOfNav: true
 ---
 import Aside from 'src/components/Aside.astro';
 import InlineField from 'src/components/InlineField.astro';
+import InlineUIElement from 'src/components/InlineUIElement.astro';
 import ScrollRef from 'src/components/ScrollRef.astro';
 import { YouTube } from '@astro-community/astro-embed-youtube';
 import IdentityProviderLimitations from 'src/content/docs/_shared/_identity-provider-limits.mdx';
@@ -79,13 +80,21 @@ When you enable an identity provider you're indicating that this external provid
 
 ## Overrides
 
-For each application, you can provide different identity provider configurations. You might do this if you had two different applications that were both using Apple as an identity provider, but with different Apple configuration settings. You can override none, some or all of the configuration values by expanding the "Overrides" link for the given application assignment or modifying the <InlineField>identityProvider.applicationConfiguration</InlineField> values using the API.
+You can have different identity provider configurations for different applications. Suppose you had two different applications that were both using the Apple Identity Provider. But for one, you wanted to request the `email name` scope and for the other you wanted to request the `email` scope only. To make this work, create the Apple Identity provider with the scope `email name` and assign it to the first application. Then, for the second, override the <InlineField>Scope</InlineField> field with the `email` value.
+
+You can override none, some or all of the available configuration values by expanding the <InlineUIElement>Overrides</InlineUIElement> element for the application's identity provider setting. You may also modify the <InlineField>identityProvider.applicationConfiguration</InlineField> values using the API.
 
 <img src="/img/docs/lifecycle/authenticate-users/identity-providers/override-identity-provider-settings.png" alt="Overriding Identity Provider settings" width="1200" role="top-cropped" />
 
-However, you cannot have two different Identity Providers for the same application. Use two different applications instead.
+For certain Identity Providers, there are no override settings since you can create more than one. You can have multiple configurations for these Identity Provider types:
+
+* External JWT
+* SAMLv2
+* OpenID Connect/OIDC
+
+For other Identity Providers, such as Apple, Google or Facebook, you cannot have two different Identity Providers of the same type assigned to the same Application. Use overrides as documented above.
 
-Additionally, override settings are not available in the External JWT, SAMLv2, or OpenID Connect Identity Providers. You can create multiple instances of these providers; that is the correct way to have multiple configurations for these providers
+In some cases, you need to use two different Applications to achieve your desired configuration. For example, if you need two sets of attributes for an Identity Provider, but the attributes don't exist in the <InlineUIElement>Overrides</InlineUIElement> options. An example of such an attribute is <InlineField>Linking Strategy</InlineField>.
 
 ## Hints