MicrosoftDocs
diff --git a/‎.openpublishing.redirection.json‎
Lines changed: 228 additions & 3 deletions b/‎.openpublishing.redirection.json‎
Lines changed: 228 additions & 3 deletions
diff --git a/‎articles/active-directory-b2c/authorization-code-flow.md‎
Lines changed: 4 additions & 1 deletion b/‎articles/active-directory-b2c/authorization-code-flow.md‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎articles/active-directory-b2c/phone-based-mfa.md‎
Lines changed: 5 additions & 5 deletions b/‎articles/active-directory-b2c/phone-based-mfa.md‎
Lines changed: 5 additions & 5 deletions
@@ -1,5 +1,215 @@
 {
   "redirections": [
+    {
+      "source_path": "articles/azure-health-insights/configure-containers.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/configure-containers",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/deploy-portal.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/deploy-portal",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/get-started-cli.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/get-started-cli",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/get-started-powershell.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/get-started-powershell",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/index.yml",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/index",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/overview.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/reliability-health-insights.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/reliability-health-insights",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/use-containers.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/use-containers",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/age-mismatch-inference.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/age-mismatch-inference",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/communication-inference.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/communication-inference",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/complete-order-discrepancy-inference.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/complete-order-discrepancy-inference",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/critical-result-inference.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/critical-result-inference",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/faq.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/faq",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/finding-inference.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/finding-inference",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/get-started.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/get-started",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/guidance-inference.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/guidance-inference",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/index.yml",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/index",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/inferences.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/inferences",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/laterality-mismatch-inference.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/laterality-mismatch-inference",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/limited-order-discrepancy-inference.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/limited-order-discrepancy-inference",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/model-configuration.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/model-configuration",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/overview.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/quality-measure-inference.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/quality-measure-inference",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/radiology-procedure-inference.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/radiology-procedure-inference",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/recommendation-inference.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/recommendation-inference",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/scoring-and-assessment-inference.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/scoring-and-assessment-inference",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/sex-mismatch-inference.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/sex-mismatch-inference",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/support-and-help.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/support-and-help",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/transparency-note.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/transparency-note",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/radiology-insights/tutorial.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/radiology-insights/tutorial",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/responsible-ai/data-privacy-security.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/responsible-ai/data-privacy-security",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/trial-matcher/faq.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/trial-matcher/faq",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/trial-matcher/get-started.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/trial-matcher/get-started",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/trial-matcher/index.yml",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/trial-matcher/index",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/trial-matcher/inferences.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/trial-matcher/inferences",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/trial-matcher/integration-and-responsible-use.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/trial-matcher/integration-and-responsible-use",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/trial-matcher/model-configuration.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/trial-matcher/model-configuration",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/trial-matcher/overview.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/trial-matcher/overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/trial-matcher/patient-info.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/trial-matcher/patient-info",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/trial-matcher/support-and-help.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/trial-matcher/support-and-help",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/trial-matcher/transparency-note.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/trial-matcher/transparency-note",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/azure-health-insights/trial-matcher/trial-matcher-modes.md",
+      "redirect_url": "/previous-versions/azure/azure-health-insights/trial-matcher/trial-matcher-modes",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/network-watcher/network-watcher-using-open-source-tools.md",
       "redirect_url": "/previous-versions/azure/network-watcher/network-watcher-using-open-source-tools",
@@ -2892,7 +3102,12 @@
     },
     {
       "source_path_from_root": "/articles/bastion/quickstart-developer-sku.md",
-      "redirect_url": "/azure/bastion/quickstart-developer",
+      "redirect_url": "/azure/bastion/quickstart-host-portal",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/bastion/quickstart-developer.md",
+      "redirect_url": "/azure/bastion/quickstart-host-portal",
       "redirect_document_id": false
     },
     {
@@ -2907,7 +3122,12 @@
     },
     {
       "source_path_from_root": "/articles/bastion/bastion-create-host-portal.md",
-      "redirect_url": "/azure/bastion/tutorial-create-host-portal",
+      "redirect_url": "/azure/bastion/quickstart-host-portal",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/bastion/tutorial-create-host-portal.md",
+      "redirect_url": "/azure/bastion/quickstart-host-portal",
       "redirect_document_id": false
     },
     {
@@ -6628,7 +6848,7 @@
     {
       "source_path": "articles/vpn-gateway/about-zone-redundant-vnet-gateways.md",
       "redirect_url": "/azure/reliability/reliability-virtual-network-gateway",
-      "redirect_document_id": true
+      "redirect_document_id": false
     },
     {
       "source_path": "articles/dns/dns-sdk.md",
@@ -6665,6 +6885,11 @@
       "redirect_url": "/azure/reliability/reliability-nat-gateway",
       "redirect_document_id": false
     },
+    {
+      "source_path": "articles/synapse-analytics/sql/get-started-azure-data-studio.md",
+      "redirect_url": "/azure/synapse-analytics/sql/get-started-ssms",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/cyclecloud/how-to/collect-custom-metrics-gpu-infiniband-telegraf.md",
       "redirect_url": "/azure/cyclecloud/how-to/monitor-cyclecloud-cluster-using-prometheus-grafana",
 
@@ -69,13 +69,16 @@ client_id=00001111-aaaa-2222-bbbb-3333cccc4444
 | redirect_uri |Required |The redirect URI of your app, where authentication responses are sent and received by your app. It must exactly match one of the redirect URIs that you registered in the portal, except that it must be URL-encoded. |
 | scope |Required |A space-separated list of scopes. The `openid` scope indicates a permission to sign in the user and get data about the user in the form of ID tokens. The `offline_access` scope is optional for web applications. It indicates that your application needs a *refresh token* for extended access to resources. The client-id indicates the token issued are intended for use by Azure AD B2C registered client. The `https://{tenant-name}/{app-id-uri}/{scope}` indicates a permission to protected resources, such as a web API. For more information, see [Request an access token](access-tokens.md#scopes). |
 | response_mode |Recommended |The method that you use to send the resulting authorization code back to your app. It can be `query`, `form_post`, or `fragment`. |
-| state |Recommended |A value included in the request that can be a string of any content that you want to use. Usually, a randomly generated unique value is  used, to prevent cross-site request forgery attacks. The state also is used to encode information about the user's state in the app before the authentication request occurred. For example, the page the user was on, or the user flow that was being executed. |
 | prompt |Optional |The type of user interaction that is required. Currently, the only valid value is `login`, which forces the user to enter their credentials on that request. Single sign-on won't take effect. |
 | code_challenge  | recommended / required | Used to secure authorization code grants via Proof Key for Code Exchange (PKCE). Required if `code_challenge_method` is included. You need to add logic in your application to generate the `code_verifier` and `code_challenge`. The `code_challenge` is a Base64 URL-encoded SHA256 hash of the `code_verifier`. You store the `code_verifier` in your application for later use, and send the `code_challenge` along with the authorization request. For more information, see the [PKCE RFC](https://tools.ietf.org/html/rfc7636). This is now recommended for all application types - native apps, SPAs, and confidential clients like web apps. | 
 | `code_challenge_method` | recommended / required | The method used to encode the `code_verifier` for the `code_challenge` parameter. This *SHOULD* be `S256`, but the spec allows the use of `plain` if for some reason the client can't support SHA256. <br/><br/>If you exclude the `code_challenge_method`, but still include the `code_challenge`, then the  `code_challenge` is assumed to be plaintext. Microsoft identity platform supports both `plain` and `S256`. For more information, see the [PKCE RFC](https://tools.ietf.org/html/rfc7636). This is required for [single page apps using the authorization code flow](tutorial-register-spa.md).|
 | login_hint | No| Can be used to prefill the sign-in name field of the sign-in page. For more information, see [Prepopulate the sign-in name](direct-signin.md#prepopulate-the-sign-in-name).  |
 | domain_hint | No| Provides a hint to Azure AD B2C about the social identity provider that should be used for sign-in. If a valid value is included, the user goes directly to the identity provider sign-in page.  For more information, see [Redirect sign-in to a social provider](direct-signin.md#redirect-sign-in-to-a-social-provider). |
 | Custom parameters | No| Custom parameters that can be used with [custom policies](custom-policy-overview.md). For example, [dynamic custom page content URI](customize-ui-with-html.md?pivots=b2c-custom-policy#configure-dynamic-custom-page-content-uri), or [key-value claim resolvers](claim-resolver-overview.md#oauth2-key-value-parameters). |
+| state |Recommended |A value included in the request that can be a string of any content that you want to use. Usually, a randomly generated unique value is  used, to prevent cross-site request forgery attacks. The state also is used to encode information about the user's state in the app before the authentication request occurred. For example, the page the user was on, or the user flow that was being executed. |
+
+> [!IMPORTANT]
+> For security and privacy, do not put URLs or other sensitive data directly in the state parameter. Instead, use a key or identifier that corresponds to data stored in browser storage, such as localStorage or sessionStorage. This approach lets your app securely reference the necessary data after authentication.
 
 At this point, the user is asked to complete the user flow's workflow. This might involve the user entering their username and password, signing in with a social identity, signing up for the directory, or any other number of steps. User actions depend on how the user flow is defined.
 
 
@@ -1,13 +1,13 @@
 ---
-title: Securing phone-based MFA in Azure AD B2C
+title: Secure phone-based MFA in Azure AD B2C
 titleSuffix: Azure AD B2C
 description: Learn tips for securing phone-based multifactor authentication in your Azure AD B2C tenant by using Azure Monitor Log Analytics reports and alerts. Use our workbook to identify fraudulent phone authentications and mitigate fraudulent sign-ups. =
 
 author: kengaderdus
 manager: CelesteDG
 ms.service: azure-active-directory
 ms.topic: how-to
-ms.date: 1/21/2025
+ms.date: 02/03/2026
 ms.author: kengaderdus
 ms.subservice: b2c
 ms.custom: sfi-image-nochange
@@ -17,7 +17,7 @@ ms.custom: sfi-image-nochange
 #Customer intent: As an Azure AD B2C administrator, I want to monitor phone authentication failures and mitigate fraudulent sign-ups, so that I can protect against malicious use of the telephony service and ensure a secure authentication process.
 
 ---
-# Securing phone-based multifactor authentication
+# Secure phone-based multifactor authentication
 [!INCLUDE [active-directory-b2c-end-of-sale-notice-b](../../includes/active-directory-b2c-end-of-sale-notice-b.md)]
 
 With Microsoft Entra multifactor authentication, users can choose to receive an automated voice call at a phone number they register for verification. Malicious users could take advantage of this method by creating multiple accounts and placing phone calls without completing the MFA registration process. These numerous failed sign-ups could exhaust the allowed sign-up attempts, preventing other users from signing up for new accounts in your Azure AD B2C tenant. To help protect against these attacks, you can use Azure Monitor to monitor phone authentication failures and mitigate fraudulent sign-ups.
@@ -144,8 +144,8 @@ To help prevent fraudulent sign-ups, remove any country/region codes that do not
       </RelyingParty>
     </TrustFrameworkPolicy>
     ```
-> [!IMPORTANT]
->Add the code in step 2 to the _relying party policy_ to enforce country/region code restrictions on the server side. You must not define these elements only in parent policies; put them in the relying party policy.
+      > [!IMPORTANT]
+      >Add the code in step 2 to the _relying party policy_ to enforce country/region code restrictions on the server side. You must not define these elements only in parent policies; put them in the relying party policy.
 
 1. In the `BuildingBlocks` section of this policy file, add the following code. Make sure to include only the country/region codes relevant to your organization: