Merge branch 'main' into smoke-test

Taojunshen · web-flow · commit 04365b26fb56 · 2025-09-05T05:44:10.000+08:00
diff --git a/dotnet/xml/Microsoft.Identity.Abstractions/CredentialDescription.xml b/dotnet/xml/Microsoft.Identity.Abstractions/CredentialDescription.xml
@@ -227,8 +227,8 @@
             </summary>
         <value>To be added.</value>
         <remarks>To be added.</remarks>
-        <altmember cref="P:Microsoft.Identity.Abstractions.CredentialDescription.CertificateStorePath" />
         <altmember cref="P:Microsoft.Identity.Abstractions.CredentialDescription.CertificateThumbprint" />
+        <altmember cref="P:Microsoft.Identity.Abstractions.CredentialDescription.SourceType" />
         <example>
           <format type="text/markdown"><![CDATA[
             The JSON fragment below describes a user certificate stored in the personal certificates folder (<b>CurrentUser/My</b>) and specified by its distinguised name, used as a client credential in a confidential client application:
@@ -238,7 +238,7 @@
             :::code language="csharp" source="~/../abstractions-samples/test/Microsoft.Identity.Abstractions.Tests/CredentialDescriptionTest.cs" id="distinguishedname_csharp":::
             ]]></format>
         </example>
-        <altmember cref="P:Microsoft.Identity.Abstractions.CredentialDescription.SourceType" />
+        <altmember cref="P:Microsoft.Identity.Abstractions.CredentialDescription.CertificateStorePath" />
       </Docs>
     </Member>
     <Member MemberName="CertificatePassword">
@@ -298,10 +298,10 @@
             </summary>
         <value>To be added.</value>
         <remarks>Use this property in conjunction with <see cref="P:Microsoft.Identity.Abstractions.CredentialDescription.CertificateDistinguishedName" /> or <see cref="P:Microsoft.Identity.Abstractions.CredentialDescription.CertificateThumbprint" />.</remarks>
-        <altmember cref="P:Microsoft.Identity.Abstractions.CredentialDescription.SourceType" />
-        <altmember cref="P:Microsoft.Identity.Abstractions.CredentialDescription.CertificateStorePath" />
         <altmember cref="P:Microsoft.Identity.Abstractions.CredentialDescription.CertificateDistinguishedName" />
         <altmember cref="P:Microsoft.Identity.Abstractions.CredentialDescription.CertificateThumbprint" />
+        <altmember cref="P:Microsoft.Identity.Abstractions.CredentialDescription.SourceType" />
+        <altmember cref="P:Microsoft.Identity.Abstractions.CredentialDescription.CertificateStorePath" />
       </Docs>
     </Member>
     <Member MemberName="CertificateThumbprint">
@@ -325,8 +325,8 @@
             </summary>
         <value>To be added.</value>
         <remarks>Use this property in conjunction with <see cref="P:Microsoft.Identity.Abstractions.CredentialDescription.CertificateStorePath" />.</remarks>
-        <altmember cref="P:Microsoft.Identity.Abstractions.CredentialDescription.CertificateDistinguishedName" />
         <altmember cref="P:Microsoft.Identity.Abstractions.CredentialDescription.CertificateStorePath" />
+        <altmember cref="P:Microsoft.Identity.Abstractions.CredentialDescription.SourceType" />
         <example>
           <format type="text/markdown"><![CDATA[
             The JSON fragment below describes a user certificate stored in the personal certificates folder (<b>CurrentUser/My</b>) and specified by its thumbprint, used as a client credential in a confidential client application:
@@ -336,7 +336,7 @@
             :::code language="csharp" source="~/../abstractions-samples/test/Microsoft.Identity.Abstractions.Tests/CredentialDescriptionTest.cs" id="thumbprint_csharp":::
             ]]></format>
         </example>
-        <altmember cref="P:Microsoft.Identity.Abstractions.CredentialDescription.SourceType" />
+        <altmember cref="P:Microsoft.Identity.Abstractions.CredentialDescription.CertificateDistinguishedName" />
       </Docs>
     </Member>
     <Member MemberName="ClientSecret">
diff --git a/msal-dotnet-articles/acquiring-tokens/desktop-mobile/wam.md b/msal-dotnet-articles/acquiring-tokens/desktop-mobile/wam.md
@@ -187,6 +187,9 @@ To use the broker, developers will need to call <xref:Microsoft.Identity.Client.
 
 ## Integration best practices
 
+> [!IMPORTANT]
+> When using WAM, your application MUST be running in the context of an active, interactive Windows user session and be able to display UI. Attempting to acquire tokens using WAM while running as a Windows service, using task scheduler (unless *specifically* running as a logged in user) or while using `runas` to impersonate another account will result in errors by design.
+
 To make sure that your customers have a great experience with WAM, we strongly advise you adhere to the following principles:
 
 1. **Give the user context prior to authentication**. Draw a UI or window that will inform the user that they need to authenticate, along with reasons for authentication. Explain the benefits of your application if it is a background service.
