Merge pull request #6460 from MicrosoftDocs/main

1/3/2024 PM Publish

docs/architecture/govern-service-accounts.md

@@ -52,7 +52,7 @@ We recommend the following practices for service account privileges.
 - Don't assign built-in roles to service accounts
   - See, [`oAuth2PermissionGrant` resource type](/graph/api/resources/oauth2permissiongrant)
 - The service principal is assigned a privileged role
-  - [Create and assign a custom role in Microsoft Entra ID](/entra/identity/role-based-access-control/custom-create)
+  - [Create a custom role in Microsoft Entra ID](../identity/role-based-access-control/custom-create.md)
 - Don't include service accounts as members of any groups with elevated permissions
   - See, [Get-MgDirectoryRoleMember](/powershell/module/microsoft.graph.identity.directorymanagement/get-mgdirectoryrolemember):
 

docs/architecture/protect-m365-from-on-premises-attacks.md

@@ -88,7 +88,7 @@ In Microsoft Entra ID, users who have privileged roles, such as administrators,
 
 - To enable a rich role assignment experience that includes delegation and multiple roles at the same time, consider using Microsoft Entra security groups or Microsoft 365 Groups. These groups are collectively called *cloud groups*.
 
-  Also, enable role-based access control. See [Assign Microsoft Entra roles to groups](~/identity/role-based-access-control/groups-assign-role.md). You can use administrative units to restrict the scope of roles to a portion of the organization. See [Administrative units in Microsoft Entra ID](~/identity/role-based-access-control/administrative-units.md).
+  Also, enable role-based access control. See [Assign Microsoft Entra roles](../identity/role-based-access-control/manage-roles-portal.md). You can use administrative units to restrict the scope of roles to a portion of the organization. See [Administrative units in Microsoft Entra ID](~/identity/role-based-access-control/administrative-units.md).
 
 - Deploy emergency access accounts. Do *not* use on-premises password vaults to store credentials. See [Manage emergency access accounts in Microsoft Entra ID](~/identity/role-based-access-control/security-emergency-access.md).
 

docs/external-id/reference-cross-tenant-custom-roles.md

@@ -13,7 +13,7 @@ ms.custom: it-pro
 
 # Create custom roles for managing cross-tenant access settings
 
-Your organization can [define custom roles](/entra/identity/role-based-access-control/custom-create) to manage cross-tenant access settings. These roles allow for precise control without relying on built-in management roles. This article provides guidance on creating recommended custom roles for managing cross-tenant access settings.
+Your organization can [define custom roles](../identity/role-based-access-control/custom-create.md) to manage cross-tenant access settings. These roles allow for precise control without relying on built-in management roles. This article provides guidance on creating recommended custom roles for managing cross-tenant access settings.
 
 ## Cross-tenant access administrator
 

docs/fundamentals/data-storage-japan.md

@@ -8,7 +8,7 @@ ms.author: justinha
 ms.service: entra
 ms.subservice: fundamentals
 ms.topic: conceptual
-ms.date: 11/25/2024
+ms.date: 01/03/2024
 ms.custom: it-pro, references_regions
 ms.collection: M365-identity-device-management
 ---

docs/id-governance/entitlement-management-overview.md

@@ -69,7 +69,7 @@ You can also control access to other resources that rely upon Microsoft Entra se
 
 - You can give users licenses for Microsoft 365 by using a Microsoft Entra security group in an access package and configuring [group-based licensing](~/identity/users/licensing-groups-assign.md) for that group.
 - You can give users access to manage Azure resources by using a Microsoft Entra security group in an access package and creating an [Azure role assignment](/azure/role-based-access-control/role-assignments-portal) for that group.
-- You can give users access to manage Microsoft Entra roles by using groups assignable to Microsoft Entra roles in an access package and [assigning a Microsoft Entra role to that group](~/identity/role-based-access-control/groups-assign-role.md).
+- You can give users access to manage Microsoft Entra roles by using groups assignable to Microsoft Entra roles in an access package and [assigning a Microsoft Entra role to that group](../identity/role-based-access-control/manage-roles-portal.md).
 
 ## How do I control who gets access?
 

docs/id-governance/privileged-identity-management/pim-how-to-add-role-to-user.md

@@ -69,7 +69,7 @@ Follow these steps to make a user eligible for a Microsoft Entra admin role.
 
 ## Assign a role with restricted scope
 
-For certain roles, the scope of the granted permissions can be restricted to a single admin unit, service principal, or application. This procedure is an example if assigning a role that has the scope of an administrative unit. For a list of roles that support scope via administrative unit, see [Assign scoped roles to an administrative unit](~/identity/role-based-access-control/admin-units-assign-roles.md). This feature is currently being rolled out to Microsoft Entra organizations.
+For certain roles, the scope of the granted permissions can be restricted to a single admin unit, service principal, or application. This procedure is an example if assigning a role that has the scope of an administrative unit. For a list of roles that support scope via administrative unit, see [Assign roles with administrative unit scope](../../identity/role-based-access-control/manage-roles-portal.md). This feature is currently being rolled out to Microsoft Entra organizations.
 
 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Privileged Role Administrator](~/identity/role-based-access-control/permissions-reference.md#privileged-role-administrator).
 

docs/identity-platform/howto-add-app-roles-in-apps.md

@@ -73,7 +73,7 @@ Before you can assign app roles to applications, you need to assign yourself as
 
 ## Assign app roles to applications
 
-After adding app roles in your application, you can assign an app role to a client app by using the Microsoft Entra admin center or programmatically by using [Microsoft Graph](/graph/api/user-post-approleassignments). Assigning an app role to an application shouldn't be confused with [assigning roles to users](/entra/identity/role-based-access-control/manage-roles-portal).
+After adding app roles in your application, you can assign an app role to a client app by using the Microsoft Entra admin center or programmatically by using [Microsoft Graph](/graph/api/user-post-approleassignments). Assigning an app role to an application shouldn't be confused with [assigning roles to users](../identity/role-based-access-control/manage-roles-portal.md).
 
 When you assign app roles to an application, you create *application permissions*. Application permissions are typically used by daemon apps or back-end services that need to authenticate and make authorized API call as themselves, without the interaction of a user.
 

docs/identity/authentication/accessibility/authentication-methods-accessibility.md

@@ -5,12 +5,12 @@ author:      gdaluz1 # GitHub alias
 ms.author: justinha
 ms.service: entra-id
 ms.topic: article
-ms.date:     11/05/2024
+ms.date:     01/03/2024
 ms.subservice: authentication
 ---
 # Improve accessibility with multifactor authentication in Microsoft Entra ID
 
-As cybersecurity threats evolve, multifactor authentication (MFA) has become a cornerstone of secure digital identity. Microsoft Entra ID offers a range of MFA methods designed not only for robust security but also to cater to diverse user needs, including those with accessibility constraints. Here's a closer look at how these MFA options enhance accessibility and inclusivity.
+As cybersecurity threats evolve, multifactor authentication (MFA) has become a cornerstone of secure digital identity. Microsoft Entra ID offers a range of MFA methods designed for robust security and diverse user needs, including those with accessibility constraints. Here's a closer look at how these MFA options enhance accessibility and inclusivity.
 
 ## Microsoft Authenticator
 
@@ -20,7 +20,7 @@ The Microsoft Authenticator app provides either notifications for quick approval
 
 ## Text and voice calls
 
-Text and voice call options cater to those who may not use a smartphone app. This can be particularly beneficial for individuals with certain accessibility needs:
+Text and voice call options cater to those who may not use a smartphone app. This can be beneficial for individuals with certain accessibility needs:
 
 - **Text:** Allows users to receive a verification code via text message, which can be useful for those with hearing impairments or those who prefer text-based communication.
 
@@ -30,7 +30,7 @@ For more information, see [Phone authentication methods](/entra/identity/authent
 
 ## FIDO2 security keys
 
-FIDO2 security keys are physical devices that offer a highly accessible and secure MFA option. These hardware keys support biometric authentication (such as fingerprint scans) or PINs, making them ideal for users who may find traditional passwords or other authentication methods challenging. FIDO2 keys are particularly beneficial for users with physical disabilities who may have difficulty typing complex passwords.
+FIDO2 security keys are physical devices that offer a highly accessible and secure MFA option. These hardware keys support biometric authentication (such as fingerprint scans) or PINs, making them ideal for users who may find traditional passwords or other authentication methods challenging. FIDO2 keys are beneficial for users with physical disabilities who may have difficulty typing complex passwords.
 
 For more information, see [How to register passkey (FIDO2)](/entra/identity/authentication/how-to-register-passkey-with-security-key).
 
@@ -51,7 +51,7 @@ References:
 
 ## Conclusion
 
-Microsoft Entra ID's range of MFA options enables individuals with diverse needs to access secure authentication without compromising on usability. By offering various options like the Authenticator app, SMS and voice calls, FIDO2 keys, Windows Hello, and email verification, Microsoft Entra ID ensures that security measures remain accessible and inclusive for all users.
+Microsoft Entra ID's range of MFA options enables individuals with diverse needs to access secure authentication without compromising on usability. To ensure that security measures remain accessible and inclusive for all users, Microsoft Entra ID offers various options like the Authenticator app, SMS and voice calls, FIDO2 keys, Windows Hello, and email verification.
 
 Selecting the right MFA method depends on individual needs and constraints. Microsoft’s commitment to flexible and inclusive authentication helps everyone stay secure, regardless of their physical or technological limitations. For those with specific accessibility requirements, it’s worth exploring each MFA option to find the one that aligns best with personal preferences and usability needs.
 

docs/identity/authentication/certificate-based-authentication-faq.yml

@@ -6,7 +6,7 @@ metadata:
   ms.subservice: authentication
   ms.custom: has-azure-ad-ps-ref
   ms.topic: faq
-  ms.date: 11/26/2024
+  ms.date: 01/03/2024
   ms.author: justinha
   author: justinha
   manager: amycolannino

docs/identity/authentication/certificate-based-authentication-federation-android.md

@@ -6,7 +6,7 @@ ms.service: entra-id
 ms.subservice: authentication
 ms.custom: has-azure-ad-ps-ref, azure-ad-ref-level-one-done
 ms.topic: how-to
-ms.date: 11/26/2024
+ms.date: 01/03/2024
 
 ms.author: justinha
 author: justinha

docs/identity/authentication/certificate-based-authentication-federation-get-started.md

@@ -6,7 +6,7 @@ ms.service: entra-id
 ms.subservice: authentication
 ms.custom: has-azure-ad-ps-ref
 ms.topic: how-to
-ms.date: 11/26/2024
+ms.date: 01/03/2024
 
 ms.author: justinha
 author: justinha

docs/identity/authentication/certificate-based-authentication-federation-ios.md

@@ -6,7 +6,7 @@ ms.service: entra-id
 ms.subservice: authentication
 ms.custom: has-azure-ad-ps-ref, azure-ad-ref-level-one-done
 ms.topic: conceptual
-ms.date: 11/25/2024
+ms.date: 01/03/2024
 
 ms.author: justinha
 author: justinha

docs/identity/authentication/concept-authentication-authenticator-app.md

@@ -5,7 +5,7 @@ description: Learn about using the Microsoft Authenticator in Microsoft Entra ID
 ms.service: entra-id
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 10/29/2024
+ms.date: 01/03/2024
 
 ms.author: justinha
 author: justinha

docs/identity/authentication/concept-authentication-default-enablement.md

@@ -5,7 +5,7 @@ description: Learn about authentication features that can be enabled by default
 ms.service: entra-id
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 11/26/2024
+ms.date: 01/03/2024
 
 ms.author: justinha
 author: ChristianCB83

docs/identity/authentication/concept-authentication-external-method-provider.md

@@ -6,7 +6,7 @@ description: Learn how to configure an external authentication method (EAM) prov
 ms.service: entra-id
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 05/03/2024
+ms.date: 01/03/2024
 
 ms.author: justinha
 author: gregkmsft

docs/identity/authentication/concept-authentication-methods-manage.md

@@ -5,7 +5,7 @@ description: Learn about the authentication methods policy and different ways to
 ms.service: entra-id
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 12/03/2024
+ms.date: 01/03/2024
 
 ms.author: justinha
 author: justinha

docs/identity/authentication/concept-authentication-methods.md

@@ -5,7 +5,7 @@ description: Learn about the different authentication methods and features avail
 ms.service: entra-id
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 11/11/2024
+ms.date: 01/03/2024
 
 ms.author: justinha
 author: justinha

docs/identity/authentication/concept-authentication-oath-tokens.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: entra-id
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 11/15/2024
+ms.date: 01/03/2024
 
 ms.author: justinha
 author: justinha

docs/identity/authentication/concept-authentication-phone-options.md

@@ -5,7 +5,7 @@ description: Learn about using phone authentication methods in Microsoft Entra I
 ms.service: entra-id
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 11/06/2024
+ms.date: 01/03/2024
 
 ms.author: justinha
 author: justinha

docs/identity/authentication/concept-authentication-security-questions.md

@@ -5,7 +5,7 @@ description: Learn about using security questions in Microsoft Entra ID to help
 ms.service: entra-id
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 11/26/2024
+ms.date: 01/03/2024
 
 ms.author: justinha
 author: justinha
@@ -24,7 +24,7 @@ When users register for SSPR, they're prompted to choose the authentication meth
 > [!NOTE]
 > Security questions are stored privately and securely on a user object in the directory and can only be answered by users during registration. There's no way for an administrator to read or modify a user's questions or answers.
 
-Security questions can be less secure than other methods because some people might know the answers to another user's questions. If you use security questions with SSPR, it's recommended to use them in conjunction with another method. A user can be prompted to use the Microsoft Authenticator App or phone authentication to verify their identity during the SSPR process, and choose security questions only if they don't have their phone or registered device with them.
+Security questions can be less secure than other methods because some people might know the answers to another user's questions. If you use security questions with SSPR, it's recommended to use them in along with another method. A user can be prompted to use the Microsoft Authenticator App or phone authentication to verify their identity during the SSPR process, and choose security questions only if they don't have their phone or registered device with them.
 
 ## Predefined questions
 

docs/identity/authentication/concept-authentication-strength-advanced-options.md

@@ -6,7 +6,7 @@ description: Learn how admins can create custom authentication strengths with ad
 ms.service: entra-id
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 03/25/2024
+ms.date: 01/03/2024
 
 ms.author: justinha
 author: inbarckms

docs/identity/authentication/concept-authentication-strength-external-users.md

@@ -6,7 +6,7 @@ description: Learn how admins can use authentication strength requirements for e
 ms.service: entra-id
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 01/12/2024
+ms.date: 01/03/2024
 
 ms.author: justinha
 author: inbarckms

docs/identity/authentication/concept-authentication-strength-how-it-works.md

@@ -6,7 +6,7 @@ description: Learn how admins can use a Conditional Access Policy to require spe
 ms.service: entra-id
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 05/13/2024
+ms.date: 01/03/2024
 
 ms.author: justinha
 author: inbarckms

docs/identity/authentication/concept-authentication-strengths.md

@@ -6,7 +6,7 @@ description: Learn how admins can use Microsoft Entra Conditional Access to dist
 ms.service: entra-id
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 11/18/2024
+ms.date: 01/03/2024
 
 ms.author: justinha
 author: inbarckms

docs/identity/authentication/concept-authentication-web-browser-cookies.md

@@ -5,7 +5,7 @@ description: Learn about Web browser cookies used in Microsoft Entra authenticat
 ms.service: entra-id
 ms.subservice: authentication
 ms.topic: overview
-ms.date: 11/26/2024
+ms.date: 01/03/2024
 
 ms.author: justinha
 author: custorod

docs/identity/authentication/concept-certificate-based-authentication-certificateuserids.md

@@ -5,7 +5,7 @@ description: Learn about certificate user IDs for Microsoft Entra certificate-ba
 ms.service: entra-id
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 11/26/2024
+ms.date: 01/03/2024
 
 ms.author: justinha
 author: vimrang

docs/identity/authentication/concept-certificate-based-authentication-limitations.md

@@ -5,7 +5,7 @@ description: Learn supported and unsupported scenarios for Microsoft Entra certi
 ms.service: entra-id
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 11/26/2024
+ms.date: 01/03/2024
 
 ms.author: justinha
 author: justinha