First wave of changes

ryanberg-aquent · ryanberg-aquent · commit 7fffd2748376 · 2026-01-28T07:03:21.000-10:00
diff --git a/support/entra/entra-id/app-integration/android-app-authentication-fails-after-published-to-google-play-store.md b/support/entra/entra-id/app-integration/android-app-authentication-fails-after-published-to-google-play-store.md
@@ -9,6 +9,8 @@ ms.custom: sap:Developing or Registering apps with Microsoft identity platform
 
 # Authentication fails after an Android app is published to the Google Play Store
 
+## Summary
+
 This article provides a solution to an authentication failure that occurs during signing in after users install an Android app published to the Google Play Store.
 
 ## Symptoms
diff --git a/support/entra/entra-id/app-integration/application-using-tls-1dot0-1dot1-authentication-fail.md b/support/entra/entra-id/app-integration/application-using-tls-1dot0-1dot1-authentication-fail.md
@@ -8,6 +8,8 @@ ms.custom: sap:Developing or Registering apps with Microsoft identity platform
 ---
 # Microsoft Entra applications using TLS 1.0/1.1 fail to authenticate
 
+## Summary
+
 This article provides solutions to authentication errors that occur with Microsoft Entra-integrated applications targeting versions earlier than Microsoft .NET Framework 4.7.
 
 ## Symptoms
diff --git a/support/entra/entra-id/app-integration/asp-dot-net-application-infinite-sign-in-loop.md b/support/entra/entra-id/app-integration/asp-dot-net-application-infinite-sign-in-loop.md
@@ -9,6 +9,8 @@ ms.custom: sap:Developing or Registering apps with Microsoft identity platform
 
 # Infinite sign-in loop between ASP.NET application and Microsoft Entra ID
 
+## Summary
+
 This article provides solutions to an issue where an ASP.NET application experiences an infinite redirect loop during signing in with Microsoft Entra ID.
 
 ## Symptoms
diff --git a/support/entra/entra-id/app-integration/asp-dot-net-open-web-interface-for-dot-net-core-authentication-sign-in-failures.md b/support/entra/entra-id/app-integration/asp-dot-net-open-web-interface-for-dot-net-core-authentication-sign-in-failures.md
@@ -8,6 +8,8 @@ ms.custom: sap:Developing or Registering apps with Microsoft identity platform
 ---
 # Troubleshoot ASP.NET OWIN and ASP.NET Core authentication sign-in failures with Microsoft Entra ID
 
+## Summary
+
 When you develop an ASP.NET Open Web Interface for .NET (OWIN) or ASP.NET Core Authentication web application and integrate it with Microsoft Entra ID, you encounter some issues during the sign-in process without any error messages or hint about what the problem might be. This article doesn't focus on direct solutions to sign-in failures but aims to help you expose hidden error messages that can guide you toward resolving the issue.
 
 > [!NOTE]
diff --git a/support/entra/entra-id/app-integration/confidential-client-application-authentication-error-aadsts7000218.md b/support/entra/entra-id/app-integration/confidential-client-application-authentication-error-aadsts7000218.md
@@ -9,6 +9,8 @@ ms.custom: sap:Developing or Registering apps with Microsoft identity platform
 
 # Error AADSTS7000218 when a confidential client application authenticates to Microsoft Entra ID
 
+## Summary
+
 This article provides a solution to the AADSTS7000218 error that occurs when a confidential client application authenticates to Microsoft Entra ID.
 
 ## Symptoms
diff --git a/support/entra/entra-id/app-integration/customize-authentication-session-expiration.md b/support/entra/entra-id/app-integration/customize-authentication-session-expiration.md
@@ -8,9 +8,14 @@ ms.custom: sap:Developing or Registering apps with Microsoft identity platform
 ---
 # Customize middleware authentication ticket to extend user sign-in duration
 
+## Summary
+
+This article provides guidance on how to configure ASP.NET or ASP.NET Core App sessions to last longer than the Microsoft Entra ID token.
+
 By default, Microsoft Entra ID tokens (ID tokens, access tokens, and SAML tokens) expire after one hour. Also by default, ASP.NET and ASP.NET Core middleware set their authentication tickets to the expiration of these tokens. If you don't want your web application to redirect users to Microsoft Entra ID to have them sign in again, you can customize the middleware authentication ticket.
 
 This customization can also help resolve AJAX-related issues, such as coss-origin resource sharing (CORS) errors to login.microsoftonline.com. These issues often occur when your app functions as both a web application and a web API.
+
 ## For ASP.NET
 
 In the `ConfigureAuth` method of the `Startup.Auth.cs` file, update the `app.UseCookieAuthentication()` method to:
diff --git a/support/entra/entra-id/app-integration/enable-msal4j-logging-spring-boot-webapp.md b/support/entra/entra-id/app-integration/enable-msal4j-logging-spring-boot-webapp.md
@@ -9,6 +9,8 @@ ms.custom: sap:Microsoft Entra App Integration and Development
 
 # Enable MSAL4J logging in a Spring Boot web application
 
+## Summary
+
 This article provides step-by-step instructions to enable [Microsoft Authentication Library for Java](https://github.com/AzureAD/microsoft-authentication-library-for-java) (MSAL4J) logging by using the [Logback framework](https://logback.qos.ch/) in a Spring Boot web application.
 
 ## Code sample
diff --git a/support/entra/entra-id/app-integration/idx10501-token-signature-validation-error.md b/support/entra/entra-id/app-integration/idx10501-token-signature-validation-error.md
@@ -9,6 +9,8 @@ ms.custom: sap:Developing or Registering apps with Microsoft identity platform
 ---
 # IDX10501 Signature Validation Errors in Microsoft Entra ID applications
 
+## Summary
+
 If a client application obtains an access token from Microsoft Entra ID and sends it to a resource (API) application, the resource application must validate the token. It validates by using the public key from the certificate that was used to sign the token. If the application can't find the correct key identifier (kid), it might generate an error message that resembles the following message:
 
 > IDX10501: Signature validation failed. Unable to match 'kid'
diff --git a/support/entra/entra-id/app-integration/msal-client-exception-failed-to-get-user-name.md b/support/entra/entra-id/app-integration/msal-client-exception-failed-to-get-user-name.md
@@ -9,6 +9,8 @@ ms.custom: sap:Developing or Registering apps with Microsoft identity platform
 
 # Microsoft.Identity.Client.MsalClientException: Failed to get user name
 
+## Summary
+
 This article provides a solution to the "Failed to get user name" error that occurs when an application uses Integrated Windows Authentication (IWA) together with Microsoft Authentication Library (MSAL).
 
 ## Symptoms
diff --git a/support/entra/entra-id/app-integration/no-account-login-hint-passed-acquire-token-silent.md b/support/entra/entra-id/app-integration/no-account-login-hint-passed-acquire-token-silent.md
@@ -8,6 +8,8 @@ ms.custom: sap:Developing or Registering apps with Microsoft identity platform
 ---
 # Error "No account or login hint was passed to the AcquireTokenSilent" in web applications without persistent token cache
 
+## Summary
+
 This article offers solutions for the "No account or login hint was passed to the AcquireTokenSilent" error that occurs in a web application using Microsoft Authentication Library (MSAL) or Microsoft Identity Web.
 
 ## Symptoms
diff --git a/support/entra/entra-id/app-integration/package-inspector-msal-android-native.md b/support/entra/entra-id/app-integration/package-inspector-msal-android-native.md
@@ -8,6 +8,8 @@ ms.custom: sap:Developing or Registering apps with Microsoft identity platform
 ---
 # Package Inspector for MSAL Android Native
 
+## Summary
+
 The Microsoft Authentication Library (MSAL) for Android Native includes a tool called Package Inspector. This tool lists the packages installed on an Android device and allows users to view, copy, and paste the signature hash used to sign an application's package. Package Inspector is invaluable for troubleshooting and verifying the signature hash of applications installed on an Android device. This article covers installation, usage, and common issues of the Package Inspector.
 
 ## Scenarios for using Package Inspector
diff --git a/support/entra/entra-id/app-integration/repeat-login-prompts-in-msal-ios-app.md b/support/entra/entra-id/app-integration/repeat-login-prompts-in-msal-ios-app.md
@@ -9,6 +9,8 @@ ms.custom: sap:Microsoft Entra App Integration and Development
 
 # Troubleshoot sign-in prompt issues in iOS with MSAL SDK
 
+## Summary
+
 This article provides guidance for troubleshooting repeated sign-in prompts in an iOS app that uses Microsoft Authentication Library (MSAL).
 
 ## Symptoms
diff --git a/support/entra/entra-id/app-integration/script-errors-running-msal-net-xbap-app.md b/support/entra/entra-id/app-integration/script-errors-running-msal-net-xbap-app.md
@@ -8,6 +8,8 @@ ms.custom: sap:Developing or Registering apps with Microsoft identity platform
 ---
 # "Cookies are disabled" error in MSAL.Net XBAP application in Internet Explorer
 
+## Summary
+
 This article describes a problem in which a script error is returned when you performing a Microsoft Entra ID login by using an XAML Browser Application (XBAP) from Microsoft Internet Explorer.
 
 ## Symptoms
diff --git a/support/entra/entra-id/app-integration/serilog-protected-web-api-authentication-authorization-errors.md b/support/entra/entra-id/app-integration/serilog-protected-web-api-authentication-authorization-errors.md
@@ -8,6 +8,8 @@ ms.reviewer: bachoang, v-weizhu
 ---
 # Use Serilog to troubleshoot Microsoft Entra protected Web API authentication or authorization errors
 
+## Summary
+
 When a web API application calls a web API that's protected with Microsoft Entra ID, authentication or authorization errors might occur due to JwtBearer event validation failures. To troubleshoot this issue, this article introduces a sample web API application named [Net6WebAPILogging](https://github.com/bachoang/Net6WebAPILogging) to set and collect logs for JwtBearer events.
 
 ## Net6WebAPILogging sample application
diff --git a/support/entra/entra-id/app-integration/sign-out-of-openid-connect-oauth2-applications-without-user-selection-prompt.md b/support/entra/entra-id/app-integration/sign-out-of-openid-connect-oauth2-applications-without-user-selection-prompt.md
@@ -9,6 +9,8 @@ ms.topic: how-to
 ---
 # How to sign out of OpenID Connect/OAuth2 applications without a user selection prompt
 
+## Summary
+
 By default, when you sign out of an OpenID Connect/OAuth2 application registered in Microsoft Entra ID, you're prompted to select a user account to sign out of, even if only one account is available. This article provides a step-by-step guide to bypass this behavior.
 
 ## Step 1: Add an optional claim for login\_hint
diff --git a/support/entra/entra-id/app-integration/troubleshoot-cross-origin-resource-sharing-issues.md b/support/entra/entra-id/app-integration/troubleshoot-cross-origin-resource-sharing-issues.md
@@ -8,6 +8,8 @@ ms.custom: sap:Developing or Registering apps with Microsoft identity platform
 ---
 # Troubleshoot CORS issues with Microsoft Entra ID
 
+## Summary
+
 This article provides guidance on troubleshooting and resolving Cross-Origin Resource Sharing (CORS) errors encountered when using Microsoft Entra ID.
 
 ## Understanding CORS
diff --git a/support/entra/entra-id/app-integration/troubleshoot-error-idx10501-aspnet-b2c.md b/support/entra/entra-id/app-integration/troubleshoot-error-idx10501-aspnet-b2c.md
@@ -9,9 +9,12 @@ ms.custom: sap:Microsoft Entra App Integration and Development
 
 # IDX10501 error in ASP.NET Core app with Azure B2C custom policy
 
+## Summary
+
 This guide discusses the cause of the "IDX10501" error, and provides a step-by-step solution to resolve it.
 
 ## Symptoms
+
 When you [implement a custom policy](/azure/active-directory-b2c/enable-authentication-web-application-options#pass-the-azure-ad-b2c-policy-id) in an ASP.NET Core application that integrates with Azure Active Directory B2C (Azure AD B2C), you might encounter the following IDX10501 error:
 
 > IDX10501: Signature validation failed. Unable to match key: kid: '[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'. Number of keys in TokenValidationParameters: '0'. Number of keys in Configuration: '1'. Exceptions caught: '[PII of type 'System.Text.StringBuilder' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'. token: '[PII of type 'System.IdentityModel.Tokens.Jwt.JwtSecurityToken' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'.
diff --git a/support/entra/entra-id/app-integration/troubleshoot-wif10201-no-validkey-securitytoken-mvc.md b/support/entra/entra-id/app-integration/troubleshoot-wif10201-no-validkey-securitytoken-mvc.md
@@ -11,6 +11,8 @@ ms.custom: sap:Issues Signing In to Applications
 
 # WIF10201: No valid key mapping found for securityToken error in ASP.NET application
 
+## Summary
+
 This article provides guidance for troubleshooting an authentication issue that occurs in an ASP.NET MVC application that uses both [WS-Federation](https://github.com/Azure-Samples/active-directory-dotnet-webapp-wsfederation) OWIN middleware and [Windows Identity Foundation](../../../windows-server/user-profiles-and-logon/windows-identity-foundation.md) (WIF) to authenticate to Microsoft Entra ID.
 
 ## Symptoms
diff --git a/support/entra/entra-id/app-integration/troubleshooting-signature-validation-errors.md b/support/entra/entra-id/app-integration/troubleshooting-signature-validation-errors.md
@@ -8,6 +8,8 @@ ms.custom: sap:Developing or Registering apps with Microsoft identity platform
 ---
 # Troubleshoot access token signature validation errors
 
+## Summary
+
 When a resource provider validates an access token's signature, signature validation errors occur. These errors might result from the signing key being unavailable or failing to validate the signature. This article helps you troubleshoot such errors and provides solutions in some scenarios.
 
 ## Step 1: Decode the access token
