MicrosoftDocs
diff --git a/‎copilot/employee-self-service/servicenow-hrsd-itsm.md‎
Lines changed: 85 additions & 3 deletions b/‎copilot/employee-self-service/servicenow-hrsd-itsm.md‎
Lines changed: 85 additions & 3 deletions
diff --git a/‎copilot/manage-public-web-access.md‎
Lines changed: 3 additions & 0 deletions b/‎copilot/manage-public-web-access.md‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎copilot/microsoft-365-copilot-overview.md‎
Lines changed: 9 additions & 0 deletions b/‎copilot/microsoft-365-copilot-overview.md‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎microsoft-365/lti/TOC.yml‎
Lines changed: 4 additions & 16 deletions b/‎microsoft-365/lti/TOC.yml‎
Lines changed: 4 additions & 16 deletions
@@ -73,7 +73,7 @@ Refer to the ESS Agent deployment guide for installation of the agent and subscr
 | **Application Developer** (*minimum privileged role*)  | User who can register an application | Create an App registration - *if using Microsoft Entra OAuth for ServiceNow connector* | Microsoft 365 Admin Center |
 | **Environment Maker** | User who can customize ESS Agent | Configure & Customize ESS Agent | Microsoft Copilot Studio |
 
-### ServiceNow configuration
+## ServiceNow configuration
 
 This section outlines the tasks required to be configured in ServiceNow by an administrator.  ServiceNow integration supports three types of authentications as follows:
 
@@ -88,7 +88,86 @@ This section outlines the tasks required to be configured in ServiceNow by an ad
 > [!TIP]
 > Without elevating access, the new security objects can't be created. If **New** button in the top right of configuration pane is missing, then the role isn't elevated to "`security_admin`”.
 
-#### Option 1: Using OAuth2 authentication - Create an OAuth Application Registry
+### Basic authentication
+
+This method of authentication involves a ServiceNow username and password to authenticate API requests.  This method is simple to use and is primarily suggested for testing purposes, as it offers lower security compared to other authentication methods.
+
+### Microsoft EntraID OAuth using Certificate
+
+This authentication uses app tokens, allowing a registered Entra ID application to access ServiceNow with a token specifying the ServiceNow Entra ID app as the resource.
+
+#### Task 1: Register an application in Microsoft Entra ID for OIDC integration with ServiceNow
+
+[Learn how to register an app in Microsoft Entra ID.](/entra/identity-platform/quickstart-register-app)
+
+1. Sign into the Microsoft Entra admin portal as a global administrator or cloud app administrator.
+1. Go to **Applications** then **App registrations**.
+1. Select **New registration.**
+1. In the new registration form, fill in the following fields:
+    1. **Name:** Any name that represents the purpose of app registratio
+    1. **Redirect URL:** Not needed
+1. Choose **Register** to complete the creation of the new app registration.
+1. Select **Token configuration** then **Add optional claim** for adding claims setting.
+1. Select **Token type** as **Access** and choose the following claims:
+    1. *aud* - for audience validation
+    1. *email* - addressable email for user
+    1. *upn* - an identifier for the user
+1. Select **Add** to complete adding the claims.
+1. If this is the first time OpenId Connect being setup using claims like email, upn, there’ll be a confirmation to turn on the Microsoft Graph permissions, please check the box and select **Add**.
+1. This flow completes the Microsoft Entra piece of configuration.
+
+#### Task 2: Register OIDC provider in ServiceNow
+
+1. Login to the ServiceNow instance that needs to be integrated with ESS Agent.
+1. Elevate access permissions using **Elevate role**. Refer to the section **Error! Reference source not found.** – only the first part and not the tasks.
+1. Click **All** in the top navigation bar.
+1. Search for “OAuth” in the search box within dropdown navigation menu.
+1. Select **System OAuth à Application Registry** from the search results (if you don’t see this option, then you don’t have sufficient privileges).
+1. Select **New** in the configuration section pane.
+1. Select **Configure an OIDC provider to verify ID tokens**.
+1. Fill in the following information for the new application registry:
+
+|Configuration |Description |
+|--------------|------------|
+|Name |a meaningful name to identify that this OIDC provider was created for ESS Agent |
+|Client ID |The client ID of Entra Application created in Task 1 above |
+|Client secret |This value will not be used; can be any value |
+|OAuth OIDC provider configuration |Add a new OIDC provider configuration by selecting the search icon and choosing **New** in the search popup. Fill in the fields as follows:</br> **OIDC Provider:** A name that represents the Microsoft Entra tenant from task 1 above.</br> **OIDC Metadata URL:** `login.microsoftonline.com/<tenant ID>/.well-known/openid-configuration`</br> Replace < tenant ID > with the Entra tenant ID from task 1 above.</br> **OIDC Configuration Cache Life Span:** 120</br> **Application:** Global</br> **User Claim:** oid</br> **User Field:** User ID</br> **Enable JTI claim verification:** disabled</br> Select **Submit** and update the OIDC Entity form. |
+
+#### Task 3: Register an Application in Microsoft Entra ID for connector usage
+
+This is the application which plays the role of a user with elevated permissions in the ServiceNow instance.
+
+1. Login to Entra administration portal as global administrator (or) cloud app administrator.
+1. Go to **Applications** > **App registrations**.
+1. Select **New registration**.
+1. In the new registration form, fill in the following fields:.
+    1. **Name:** any name that represents the purpose of app registration.
+    2. **Redirect URI:** Not needed.
+1. Click **Register** to complete the creation of new app registration.
+1. Select **Certificates & secrets** then upload the .cer file of the certificate. In case of SNI certificate, just add trustedCertificateSubjects in the manifest of the application with the relevant authorityId and subjectName.
+
+#### Task 4: Create a System User in ServiceNow
+
+This is the Application created in the above task 3 which is a user in ServiceNow instance.
+
+Go to **User Administration** > **Users** to create a new user.
+
+**User ID:** The object ID of the service principal of Application created in Task 3 above.
+
+Check **Web service access only**.
+
+### Microsoft Entra ID OAuth User Login
+
+This is user-token based authentication where the end user can sign into Entra ID 1st party application i.e. ServiceNow connector 1st party app and get an access token with scope for the ServiceNow representative Entra ID app.
+
+Perform Task 1 & Task 2 from the previous section Microsoft Entra ID OAuth using Certificate.
+
+In the Task 1 – add the 1st party application i.e., ServiceNow connector to the permission scope – Client ID = c26b24aa-7874-4e06-ad55-7d06b1f79b63.
+
+In the Task 2 – update the user claim to upn or any other custom claim property from the token in ServiceNow.  The user field should match the ServiceNow system user table field containing the upn or user ID.
+
+### Using OAuth2 authentication - Create an OAuth Application Registry
 
 1. Log in to the ServiceNow instance that needs to be integrated with ESS Agent.
 2. Elevate access permissions using **Elevate role**.
@@ -104,7 +183,7 @@ This section outlines the tasks required to be configured in ServiceNow by an ad
     | **Name** | a meaningful name to identify that this application registry is created for ESS Agent |
     | **Client ID** | autogenerated code <br><div class="alert">**Note**</br>This value is used in Microsoft 365 Copilot Connector configuration, if no Advanced Scripting is used. |
     | **Client Secret** | leave it blank to automatically generate a string <br><div class="alert">**Note**</br>This value is used in Microsoft 365 Copilot Connector configuration, if no Advanced Scripting is used. |
-    | **Redirect URL** | a required callback URL that the authorization server redirects to </br>For Microsoft 365 Enterprise:</br>`https://gcs.office.com/v1.0/admin/oauth/callback`</br>For Microsoft 365 Government:</br>`https://gcsgcc.office.com/v1.0/admin/oauth/callback`|
+    | **Redirect URL** | a required callback URL that the authorization server redirects to </br>For Microsoft 365 Enterprise:</br>`https://gcs.office.com/v1.0/admin/oauth/callback`</br>For Microsoft 365 Government:</br>`https://gcsgcc.office.com/v1.0/admin/oauth/callback` Refer to the note after the table for more information.|
     | **Logo URL** | A URL that contains the image for the application logo |
     | **Active** | Set to active |
     | **Refresh token lifespan** | The number of seconds that a refresh token is valid. </br>By default, refresh tokens expire in 100 days (8,640,000 seconds). Recommended value is 31,536,000 (one year) |
@@ -113,6 +192,9 @@ This section outlines the tasks required to be configured in ServiceNow by an ad
     | **Accessible from** | All application scopes |
     | **Client Type** | Integration as a Service |
 
+>[!NOTE]
+>[Please use the actual callback URL from the sign-in popup window during connection configuration by following the steps below, when the URL redirection fails with the error **Invalid redirect_uri**:</br> Copy/paste the complete URL from the authorization popup window</br> Extract redirect_uri parameter.</br> Example: `redirect_uri=https%3a%2f%2ftip1-shared.consent.azure-apim.net%2fredirect`</br> After decoding the URL – replacing %3a with : and %2f with /</br> Update the Redirect URL field.]
+
 9. Select **Submit** or **Update** button to save the changes.
 
 ### Install ServiceNow HRSD extension pack
 
@@ -21,6 +21,9 @@ ms.date: 06/27/2025
 
 Microsoft 365 Copilot and [Microsoft 365 Copilot Chat](/copilot/overview) have an optional feature that allows Copilot to reference web content when responding to user prompts. Allowing Microsoft 365 Copilot and Microsoft 365 Copilot Chat to reference web content improves the quality of Copilot responses by grounding them in the latest information from the web.
 
+> [!NOTE]
+> This article concerns the web search functionality in Microsoft 365 Copilot and Microsoft 365 Copilot Chat. Microsoft 365 **Copilot Search** is an additional, universal search experience that allows users with a Microsoft 365 Copilot license to search across all their Microsoft 365 and third-party data sources. Learn more about [Microsoft 365 Copilot Search]( /copilot/microsoft-365/microsoft-365-copilot-search).
+
 ## Web search
 
 When web search is enabled, Microsoft 365 Copilot and Microsoft 365 Copilot Chat may fetch information from the Bing search service when information from the web helps to provide a better, more grounded response. Admin controls and a user-level **Web content** toggle (only for Microsoft 365 Copilot) are available to [manage whether web search is enabled](#controls-available-to-manage-web-search) in your environment.
 
@@ -57,6 +57,8 @@ Microsoft 365 Copilot:
 
 - Uses content in [Microsoft Graph](/graph/overview) to personalize the responses with a user's work emails, chats, and documents. Copilot only shows the data that users have permission to access.
 
+- Includes [Microsoft 365 Copilot Search](/copilot/microsoft-365/microsoft-365-copilot-search), a universal search experience that allows users to search across all their Microsoft 365 and third-party data sources to find what they need quickly.
+
 - Coordinates large language models (LLMs). LLMs are a type of artificial intelligence (AI) algorithms. These algorithms use deep learning techniques and data sets to understand, summarize, predict, and generate content.
 
   The LLMs include pretrained models, like Generative Pre-Trained Transformers, like GPT-4, that are designed for these tasks. To learn more about Generative Pre-Trained Transformers (GPT), ask [Copilot](https://copilot.microsoft.com).
@@ -65,6 +67,7 @@ To learn more, see:
 
 - [Microsoft 365 Copilot architecture and how it works](microsoft-365-copilot-architecture.md)
 - [Microsoft 365 Copilot service description](/office365/servicedescriptions/office-365-platform-service-description/microsoft-365-copilot)
+- [Microsoft 365 Copilot Search overview](/copilot/microsoft-365/microsoft-365-copilot-search)
 - Video: [Copilot system explained by Microsoft](https://www.youtube.com/watch?v=E5g20qmeKpg)
 - Video: [Microsoft 365 Copilot, LLMs, and your apps](https://www.youtube.com/watch?v=B2-8wrF9Okc)
 - Video: [How to get ready for Microsoft 365 Copilot](https://aka.ms/M365CopilotAdmin)
@@ -87,6 +90,12 @@ With Microsoft 365 Copilot Chat, you can draft content, review what you missed,
 
 You can use Microsoft 365 Copilot Chat in Microsoft Teams, in the Microsoft 365 Copilot Chat app, at [Microsoft365.com](https://www.microsoft365.com/), and at [copilot.microsoft.com](https://copilot.microsoft.com/).
 
+✅ **Microsoft 365 Copilot Search**
+
+Copilot Search is an AI-powered universal search experience across all your Microsoft 365 applications and non-Microsoft data sources. It's integrated with Microsoft 365 Copilot, so users can find the results they need with search, then seamlessly transition to chat for deeper exploration or follow-up task completion.
+
+Learn more about [Copilot Search](/copilot/microsoft-365/microsoft-365-copilot-search).
+
 ✅ **Microsoft Graph**
 
 Microsoft Graph includes information on users, their activities, and the organization data they can access. The Microsoft Graph API brings a personalized context into the prompt, like information from a user's emails, chats, documents, and meetings.
 
@@ -7,14 +7,14 @@ items:
       href: browser-cookies.md
     - name: Canvas integrations
       items:
+      - name: Deploy Microsoft 365 LTI in Canvas
+        href: microsoft-365-lti-canvas.md
       - name: Use Microsoft OneDrive LTI with Canvas 
         href: onedrive-lti.md
       - name: Use Microsoft Teams Assignments with Canvas
         href: teams-assignments-with-canvas.md
-      - name: Use Microsoft Teams classes with Canvas 
+      - name: Use Microsoft Teams with Canvas 
         href: teams-classes-with-canvas.md
-      - name: Use Microsoft Teams meetings with Canvas 
-        href: teams-meetings-with-canvas.md
       - name: Use Microsoft Reflect LTI with Canvas
         href: reflect-lti-canvas.md
     - name: Blackboard integrations
@@ -23,9 +23,7 @@ items:
         href: onedrive-lti-blackboard.md
       - name: Use Microsoft Teams Assignments with Blackboard  
         href: teams-assignments-with-blackboard.md
-      - name: Use Microsoft Teams meetings with Blackboard Learn
-        href: teams-meetings-with-blackboard-learn.md
-      - name: Use Microsoft Teams classes with Blackboard Learn Ultra 
+      - name: Use Microsoft Teams with Blackboard Learn Ultra 
         href: teams-classes-with-blackboard.md
       - name: Use Microsoft Reflect LTI with Blackboard Learn
         href: reflect-lti-blackboard.md        
@@ -35,24 +33,18 @@ items:
         href: moodle-plugin-configuration.md
       - name: Use Microsoft Teams Assignments with Moodle  
         href: teams-assignments-with-moodle.md        
-      - name: Use Microsoft Teams classes and meetings with Moodle
-        href: teams-classes-meetings-with-moodle.md
       - name: Use Microsoft Reflect LTI with Moodle
         href: reflect-lti-moodle.md        
     - name: Open LMS integrations
       items:
       - name: Set up and configure the Moodle plugin for Open LMS
         href: open-lms-plugin-configuration.md
-      - name: Use Microsoft Teams classes and meetings with Open LMS
-        href: open-lms-teams-classes-and-meetings.md
     - name: D2L Brightspace integrations
       items:
       - name: Use Microsoft OneDrive LTI with Brightspace
         href: onedrive-lti-brightspace.md
       - name: Use Microsoft Teams Assignments with Brightspace  
         href: teams-assignments-with-brightspace.md
-      - name: Use Microsoft Teams classes and meetings with Brightspace
-        href: teams-classes-meetings-with-brightspace.md
       - name: Use Microsoft Reflect LTI with D2L Brightspace
         href: reflect-lti-brightspace.md        
     - name: Schoology Learning integrations
@@ -61,14 +53,10 @@ items:
         href: onedrive-lti-schoology.md
       - name: Use Microsoft Teams Assignments with Schoology Learning
         href: teams-assignments-with-schoology.md 
-      - name: Use Microsoft Teams meetings with Schoology Learning
-        href: teams-classes-and-meetings-with-schoology.md
       - name: Use Microsoft Reflect LTI with Schoology Learning
         href: reflect-lti-schoology.md
     - name: Other LMS integrations
       items:
-      - name: Use Microsoft Teams Meetings LTI with any LTI 1.3 compliant LMS
-        href: integrate-with-other-lms.md
       - name: Use Microsoft Teams Assignments LTI with any LTI 1.3 compliant LMS
         href: teams-assignments-with-other-lms.md