merge

Author: alexwolfmsft

.openpublishing.redirection.json

@@ -43,7 +43,7 @@ The default name of the **Change email** button in *selfAsserted.html* is **chan
 [!INCLUDE [active-directory-b2c-customization-prerequisites](../../includes/active-directory-b2c-customization-prerequisites.md)]
 
 
-- The B2C users need to have an authentication method specified for self-service password reset. Select the B2C User, in the left menu under **Manage**, select **Authentication methods**. Ensure **Authentication contact info** is set. B2C users created via a Sign-up flow has this set by default. For users created via Azure Portal or by Graph API, you need to set **Authentication contact info** for SSPR to work. 
+- The B2C users need to have an authentication method specified for self-service password reset. Select the B2C User, in the left menu under **Manage**, select **Authentication methods**. Ensure **Authentication contact info** is set. B2C users created via a Sign-up flow has this set by default. For users created via Azure portal or by Graph API, you need to set **Authentication contact info** for SSPR to work. 
 
 
 ## Self-service password reset (recommended)

articles/active-directory-b2c/add-password-reset-policy.md

@@ -160,7 +160,7 @@ const msalConfig = {
       clientId: "<your-MyApp-application-ID>", // This is the ONLY mandatory field; everything else is optional.
       authority: b2cPolicies.authorities.signUpSignIn.authority, // Choose sign-up/sign-in user-flow as your default.
       knownAuthorities: [b2cPolicies.authorityDomain], // You must identify your tenant's domain as a known authority.
-      redirectUri: "http://localhost:6420", // You must register this URI on Azure Portal/App Registration. Defaults to "window.location.href".
+      redirectUri: "http://localhost:6420", // You must register this URI on Azure portal/App Registration. Defaults to "window.location.href".
     },
     cache: {
       cacheLocation: "sessionStorage",  

articles/active-directory-b2c/configure-authentication-sample-spa-app.md

@@ -46,7 +46,7 @@ If you don't already have one, start by setting up a Mailjet account (Azure cust
 2. Navigate to the [API Key Management page](https://dev.mailjet.com/email/guides/senders-and-domains/#use-a-sender-on-all-api-keys-(metasender)). Record the **API Key** and **Secret Key** for use in a later step. Both keys are generated automatically when your account is created.
 
 > [!IMPORTANT]
-> Mailjet offers customers the ability to send emails from shared IP and [dedicated IP addresses](https://documentation.mailjet.com/hc/en-us/articles/1260803352789-Dedicated-IPs-What-They-Are-and-How-to-Warm-Them-Up). When using dedicated IP addresses, you need to build your own reputation properly with an IP address warm-up. For more information, see [How do I warm up my IP ?](https://documentation.mailjet.com/hc/articles/1260803352789-How-do-I-warm-up-my-IP-).
+> Mailjet offers customers the ability to send emails from shared IP and [dedicated IP addresses](https://documentation.mailjet.com/hc/en-us/articles/1260803352789-Dedicated-IPs-What-They-Are-and-How-to-Warm-Them-Up). When using dedicated IP addresses, you need to build your own reputation properly with an IP address warm-up. For more information, see [How do I warm up my IP ?](https://documentation.mailjet.com/hc/articles/1260803352789-How-do-I-warm-up-my-IP-)
 
 ## Create Azure AD B2C policy key
 

articles/active-directory-b2c/custom-email-mailjet.md

@@ -6,7 +6,7 @@ author: kengaderdus
 manager: CelesteDG
 ms.service: azure-active-directory
 ms.topic: how-to
-ms.date: 02/17/2025
+ms.date: 03/04/2026
 ms.author: kengaderdus
 ms.subservice: b2c
 zone_pivot_groups: b2c-policy-type
@@ -440,6 +440,34 @@ To use the sample:
 1. Now modify the policy, pointing to your HTML file, as mentioned previously.
 1. If you see missing fonts, images, or CSS, check your references in the extensions policy and the `\*.html` files.
 
+
+### Bootstrap dependency in sample templates
+
+The [sample templates](https://github.com/azure-ad-b2c/html-templates) use **Bootstrap 3.3.5**, sourced from the official Bootstrap CDN. This version has been validated and tested with Azure AD B2C.
+
+The templates reference the following CDN URL for Bootstrap CSS:
+
+  ```
+  https://cdn.jsdelivr.net/npm/bootstrap@3.3.5/dist/css/bootstrap.min.css
+  ```
+
+The default configuration in the template HTML files includes a link element similar to the following example:
+
+  ```xml
+  <link href="https://cdn.jsdelivr.net/npm/bootstrap@3.3.5/dist/css/bootstrap.min.css" rel="stylesheet" type="text/css" />
+  ```
+
+For the official Bootstrap 3.3.5 download and CDN details, see [Bootstrap 3.3 Getting Started](https://getbootstrap.com/docs/3.3/getting-started/#download-cdn).
+
+#### Replace the CDN reference
+
+You can replace the CDN reference with your organization's internal CDN or a locally hosted copy to meet reliability, security, or compliance requirements.
+
+> [!IMPORTANT]
+> The templates are validated specifically against Bootstrap 3.3.5. Upgrading, downgrading, or otherwise modifying the Bootstrap version might introduce styling, layout, or component compatibility issues.
+
+If you change the Bootstrap version, you're responsible for completing regression testing to validate that your customized templates work correctly with Azure AD B2C. Retain the validated version unless you've completed appropriate testing.
+
 ## Use company branding assets in custom HTML
 
 To use [company branding](customize-ui.md#configure-company-branding) assets in a custom HTML, add the following tags outside the `<div id="api">` tag. The image source is replaced with that of the background image and banner logo.

articles/active-directory-b2c/customize-ui-with-html.md

@@ -531,7 +531,7 @@ The following IDs are used for [RESTful service technical profile](restful-techn
 
 ## Microsoft Entra multifactor authentication error messages
 
-The following IDs are used for an [Microsoft Entra ID multifactor authentication technical profile](multi-factor-auth-technical-profile.md) error message:
+The following IDs are used for a [Microsoft Entra ID multifactor authentication technical profile](multi-factor-auth-technical-profile.md) error message:
 
 | ID | Default value |
 | --- | ------------- |

articles/active-directory-b2c/localization-string-ids.md

@@ -94,7 +94,7 @@ Learn more: [UI customization documentation](./customize-ui-with-html.md?pivots=
 
 ### Add policy keys for your Microsoft DFP client app ID and secret
 
-1. In the Microsoft Entra tenant where Microsoft DFP is set up, create an [Microsoft Entra application and grant admin consent](/dynamics365/fraud-protection/integrate-real-time-api#create-azure-active-directory-applications).
+1. In the Microsoft Entra tenant where Microsoft DFP is set up, create a [Microsoft Entra application and grant admin consent](/dynamics365/fraud-protection/integrate-real-time-api#create-azure-active-directory-applications).
 2. Create a secret value for this application registration. Note the application client ID and client secret value.
 3. Save the client ID and client secret values as [policy keys in your Azure AD B2C tenant](./policy-keys-overview.md).
 

articles/active-directory-b2c/partner-dynamics-365-fraud-protection.md

@@ -113,7 +113,7 @@ REST API settings:
 #### Upload your files
 
 1. Store the UI folder files in your blob container.
-2. [Use Azure Storage Explorer to manage Azure managed disks](/azure/virtual-machines/disks-use-storage-explorer-managed-disks) and access permissions.
+2. [Use Azure Storage Explorer to manage Azure Managed Disks](/azure/virtual-machines/disks-use-storage-explorer-managed-disks) and access permissions.
 
 ### Configure Azure AD B2C
 

articles/active-directory-b2c/partner-onfido.md

@@ -19,7 +19,7 @@ ms.custom: sfi-image-nochange
 
 [!INCLUDE [active-directory-b2c-end-of-sale-notice-b](../../includes/active-directory-b2c-end-of-sale-notice-b.md)]
 
-In this sample tutorial, you learn how to integrate Azure AD B2C authentication with [Trusona Authentication Cloud](https://www.trusona.com/white-paper/trusona-authentication-cloud-white-paper). It's a cloud-based service enabling users to authenticate with a **tap-and-go** experience, without the need for any kind of mobile authenticator app.
+In this sample tutorial, you learn how to integrate Azure AD B2C authentication with [Trusona Authentication Cloud](https://www.trusona.com/white-papers). It's a cloud-based service enabling users to authenticate with a **tap-and-go** experience, without the need for any kind of mobile authenticator app.
 
 Benefits of integrating Trusona Authentication Cloud with Azure AD B2C include:
 -	Deliver strong authentication with a better user experience

articles/active-directory-b2c/partner-trusona.md

@@ -1,13 +1,13 @@
 ---
-title: Securing phone-based MFA in Azure AD B2C
+title: Secure phone-based MFA in Azure AD B2C
 titleSuffix: Azure AD B2C
 description: Learn tips for securing phone-based multifactor authentication in your Azure AD B2C tenant by using Azure Monitor Log Analytics reports and alerts. Use our workbook to identify fraudulent phone authentications and mitigate fraudulent sign-ups. =
 
 author: kengaderdus
 manager: CelesteDG
 ms.service: azure-active-directory
 ms.topic: how-to
-ms.date: 1/21/2025
+ms.date: 02/03/2026
 ms.author: kengaderdus
 ms.subservice: b2c
 ms.custom: sfi-image-nochange
@@ -17,7 +17,7 @@ ms.custom: sfi-image-nochange
 #Customer intent: As an Azure AD B2C administrator, I want to monitor phone authentication failures and mitigate fraudulent sign-ups, so that I can protect against malicious use of the telephony service and ensure a secure authentication process.
 
 ---
-# Securing phone-based multifactor authentication
+# Secure phone-based multifactor authentication
 [!INCLUDE [active-directory-b2c-end-of-sale-notice-b](../../includes/active-directory-b2c-end-of-sale-notice-b.md)]
 
 With Microsoft Entra multifactor authentication, users can choose to receive an automated voice call at a phone number they register for verification. Malicious users could take advantage of this method by creating multiple accounts and placing phone calls without completing the MFA registration process. These numerous failed sign-ups could exhaust the allowed sign-up attempts, preventing other users from signing up for new accounts in your Azure AD B2C tenant. To help protect against these attacks, you can use Azure Monitor to monitor phone authentication failures and mitigate fraudulent sign-ups.
@@ -144,8 +144,8 @@ To help prevent fraudulent sign-ups, remove any country/region codes that do not
       </RelyingParty>
     </TrustFrameworkPolicy>
     ```
-> [!IMPORTANT]
->Add the code in step 2 to the _relying party policy_ to enforce country/region code restrictions on the server side. You must not define these elements only in parent policies; put them in the relying party policy.
+      > [!IMPORTANT]
+      >Add the code in step 2 to the _relying party policy_ to enforce country/region code restrictions on the server side. You must not define these elements only in parent policies; put them in the relying party policy.
 
 1. In the `BuildingBlocks` section of this policy file, add the following code. Make sure to include only the country/region codes relevant to your organization: