Service | Microsoft Docs article | Related commit history on GitHub | Change details |
---|---|---|---|
active-directory | Inbound Provisioning Api Concepts | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-concepts.md | Title: API-driven inbound provisioning concepts description: An overview of API-driven inbound provisioning. -+ Last updated 09/15/2023-+ |
active-directory | Inbound Provisioning Api Configure App | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-configure-app.md | Title: Configure API-driven inbound provisioning app description: Learn how to configure API-driven inbound provisioning app. -+ Last updated 09/15/2023-+ If you're configuring inbound user provisioning to on-premises Active Directory, ## Create your API-driven provisioning app 1. Log in to the [Microsoft Entra admin center](<https://entra.microsoft.com>) as at least an [Application Administrator](https://go.microsoft.com/fwlink/?linkid=2247823).-2. Browse to **Microsoft Entra ID** > **Applications** > **Enterprise applications**. +2. Browse to **Identity** > **Applications** > **Enterprise applications**. 3. Click on **New application** to create a new provisioning application. [![Screenshot of Microsoft Entra Admin Center.](media/inbound-provisioning-api-configure-app/provisioning-entra-admin-center.png)](media/inbound-provisioning-api-configure-app/provisioning-entra-admin-center.png#lightbox) 4. Enter **API-driven** in the search field, then select the application for your setup: |
active-directory | Inbound Provisioning Api Curl Tutorial | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-curl-tutorial.md | Title: Quickstart API-driven inbound provisioning with cURL description: Learn how to get started with API-driven inbound provisioning using cURL. -+ Last updated 09/15/2023-+ |
active-directory | Inbound Provisioning Api Custom Attributes | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-custom-attributes.md | Title: Extend API-driven provisioning to sync custom attributes description: Learn how to extend API-driven inbound provisioning to sync custom attributes. -+ Last updated 09/15/2023-+ You have configured API-driven provisioning app. You're provisioning app is succ In this step, we'll add the two attributes "HireDate" and "JobCode" that are not part of the standard SCIM schema to the provisioning app and use them in the provisioning data flow. -1. Log in to your [Microsoft Entra admin center](https://entra.microsoft.com) as at least an [Application Administrator](https://go.microsoft.com/fwlink/?linkid=2247823). -1. Browse to **Enterprise applications** and open your API-driven provisioning app. +1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least an [Application Administrator](https://go.microsoft.com/fwlink/?linkid=2247823). +1. Browse to **Identity** > **Applications** > **Enterprise applications**. +1. Open your API-driven provisioning app. 1. Open the **Provisioning** blade. 1. Click on the **Edit Provisioning** button. 1. Expand the **Mappings** section and click on the attribute mapping link. <br>- :::image type="content" border="true" source="./media/inbound-provisioning-api-custom-attributes/edit-attribute-mapping.png" alt-text="Screenshot of edit attribute mapping." lightbox="./media/inbound-provisioning-api-custom-attributes/edit-attribute-mapping.png"::: + :::image type="content" border="true" source="./media/inbound-provisioning-api-custom-attributes/edit-attribute-mapping.png" alt-text="Screenshot of edit attribute mapping." lightbox="./media/inbound-provisioning-api-custom-attributes/edit-attribute-mapping.png"::: 1. Scroll down the **Attribute Mappings** page. Select **Show advanced options** and click on the **Edit attribute list for API** link.- :::image type="content" border="true" source="./media/inbound-provisioning-api-custom-attributes/edit-api-attribute-list.png" alt-text="Screenshot of edit API attribute list." lightbox="./media/inbound-provisioning-api-custom-attributes/edit-api-attribute-list.png"::: + :::image type="content" border="true" source="./media/inbound-provisioning-api-custom-attributes/edit-api-attribute-list.png" alt-text="Screenshot of edit API attribute list." lightbox="./media/inbound-provisioning-api-custom-attributes/edit-api-attribute-list.png"::: 1. Scroll down to the end of the **Edit Attribute List** page. 1. Add the following two attributes to the list as SCIM schema extensions. You can use your own SCIM schema namespace. <br> `urn:ietf:params:scim:schemas:extension:contoso:1.0:User:HireDate` <br> `urn:ietf:params:scim:schemas:extension:contoso:1.0:User:JobCode` <br>- :::image type="content" border="true" source="./media/inbound-provisioning-api-custom-attributes/add-custom-attributes.png" alt-text="Screenshot of adding custom attributes." lightbox="./media/inbound-provisioning-api-custom-attributes/add-custom-attributes.png"::: -1. **Save** your changes + :::image type="content" border="true" source="./media/inbound-provisioning-api-custom-attributes/add-custom-attributes.png" alt-text="Screenshot of adding custom attributes." lightbox="./media/inbound-provisioning-api-custom-attributes/add-custom-attributes.png"::: +1. **Save** your changes > [!NOTE] > If you'd like to add only a few additional attributes to the provisioning app, use Microsoft Entra admin center to extend the schema. If you'd like to add more custom attributes (let's say 20+ attributes), then we recommend using the [`UpdateSchema` mode of the CSV2SCIM PowerShell script](inbound-provisioning-api-powershell.md#extending-provisioning-job-schema) which automates the above manual process. |
active-directory | Inbound Provisioning Api Faqs | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-faqs.md | Title: Frequently asked questions (FAQs) about API-driven inbound provisioning description: Learn more about the capabilities and integration scenarios supported by API-driven inbound provisioning. -+ Last updated 09/15/2023-+ |
active-directory | Inbound Provisioning Api Grant Access | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-grant-access.md | Title: Grant access to inbound provisioning API description: Learn how to grant access to the inbound provisioning API. -+ Last updated 09/15/2023-+ |
active-directory | Inbound Provisioning Api Graph Explorer | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-graph-explorer.md | Title: Quickstart API-driven inbound provisioning with Graph Explorer description: Learn how to get started quickly with API-driven inbound provisioning using Graph Explorer -+ Last updated 09/15/2023-+ |
active-directory | Inbound Provisioning Api Issues | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-issues.md | Title: Troubleshoot inbound provisioning API description: Learn how to troubleshoot issues with the inbound provisioning API.-+ |
active-directory | Inbound Provisioning Api Logic Apps | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-logic-apps.md | Title: API-driven inbound provisioning with Azure Logic Apps (Public preview) description: Learn how to implement API-driven inbound provisioning with Azure Logic Apps. -+ Last updated 09/15/2023-+ |
active-directory | Inbound Provisioning Api Postman | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-postman.md | Title: Quickstart API-driven inbound provisioning with Postman description: Learn how to get started quickly with API-driven inbound provisioning using Postman -+ Last updated 09/15/2023-+ |
active-directory | Inbound Provisioning Api Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-powershell.md | Title: API-driven inbound provisioning with PowerShell script (Public preview) description: Learn how to implement API-driven inbound provisioning with a PowerShell script. -+ Last updated 09/15/2023-+ |
active-directory | Insufficient Access Rights Error Troubleshooting | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/insufficient-access-rights-error-troubleshooting.md | Title: Troubleshoot insufficient access rights error description: Learn how to troubleshoot InsufficientAccessRights error when provisioning to on-premises Active Directory.-+ |
active-directory | On Premises Powershell Connector | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/on-premises-powershell-connector.md | Last updated 05/11/2023 - # Provisioning users into applications using PowerShell The following documentation provides configuration and tutorial information demonstrating how the generic PowerShell connector and the ECMA Connector Host can be used to integrate Microsoft Entra ID with external systems that offer Windows PowerShell based APIs. For additional information see [Windows PowerShell Connector technical reference](/microsoft-identity-manager/reference/microsoft-identity-manager-2016-connector-powershell) - ## Prerequisites for provisioning via PowerShell+ The following sections detail the prerequisites for this tutorial. ### Download the PowerShell setup files-Download the PowerShell setup files from GitHub. The setup files consist of the configuration file, the input file, schema file and the scripts used. The files are located [here for download](https://github.com/microsoft/MIMPowerShellConnectors/tree/master/src/ECMA2HostCSV). +[Download the PowerShell setup files from our GitHub repository](https://github.com/microsoft/MIMPowerShellConnectors/tree/master/src/ECMA2HostCSV). The setup files consist of the configuration file, the input file, schema file and the scripts used. ### On-premises prerequisites The connector provides a bridge between the capabilities of the ECMA Connector H `Set-ExecutionPolicy -ExecutionPolicy RemoteSigned` - Deploying this connector requires one or more PowerShell scripts. Some Microsoft products may provide scripts for use with this connector, and the support statement for those scripts would be provided by that product. If you are developing your own scripts for use with this connector, you'll need to have familiarity with the [Extensible Connectivity Management Agent API](/previous-versions/windows/desktop/forefront-2010/hh859557(v=vs.100)?redirectedfrom=MSDN) to develop and maintain those scripts. If you are integrating with third party systems using your own scripts in a production environment, we recommend you work with the third party vendor or a deployment partner for help, guidance and support for this integration. -- ### Cloud requirements - A Microsoft Entra tenant with Microsoft Entra ID P1 or Premium P2 (or EMS E3 or E5). [!INCLUDE [active-directory-p1-license.md](../../../includes/active-directory-p1-license.md)] The connector provides a bridge between the capabilities of the ECMA Connector H If you have already downloaded the provisioning agent and configured it for another on-premises application, then continue reading in the next section. - 1. In the Azure portal, select **Microsoft Entra ID**. - 2. On the left, select **Microsoft Entra Connect**. - 3. On the left, select **Cloud sync**. +1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Hybrid Identity Administrator](../roles/permissions-reference.md#hybrid-identity-administrator). +1. Browse to **Identity** > **Hybrid management** > **Azure AD Connect** > **Cloud Sync** > **Agents**. :::image type="content" source="../../../includes/media/active-directory-cloud-sync-how-to-install/new-ux-1.png" alt-text="Screenshot of new UX screen." lightbox="../../../includes/media/active-directory-cloud-sync-how-to-install/new-ux-1.png"::: - 4. On the left, select **Agent**. - 5. Select **Download on-premises agent**, and select **Accept terms & download**. +1. Select **Download on-premises agent**, review the terms of service, then select **Accept terms & download**. - >[!NOTE] - >Please use different provisioning agents for on-premises application provisioning and Microsoft Entra Connect Cloud Sync / HR-driven provisioning. All three scenarios should not be managed on the same agent. + > [!NOTE] + > Please use different provisioning agents for on-premises application provisioning and Azure AD Connect Cloud Sync / HR-driven provisioning. All three scenarios should not be managed on the same agent. - 6. Open the provisioning agent installer, agree to the terms of service, and select **next**. - 7. When the provisioning agent wizard opens, continue to the **Select Extension** tab and select **On-premises application provisioning** when prompted for the extension you want to enable. - 8. The provisioning agent uses the operating system's web browser to display a popup window for you to authenticate to Microsoft Entra ID, and potentially also your organization's identity provider. If you are using Internet Explorer as the browser on Windows Server, then you may need to add Microsoft web sites to your browser's trusted site list to allow JavaScript to run correctly. - 9. Provide credentials for a Microsoft Entra administrator when you're prompted to authorize. The user is required to have the Hybrid Identity Administrator or Global Administrator role. - 10. Select **Confirm** to confirm the setting. Once installation is successful, you can select **Exit**, and also close the Provisioning Agent Package installer. +1. Open the provisioning agent installer, agree to the terms of service, and select **next**. +1. When the provisioning agent wizard opens, continue to the **Select Extension** tab and select **On-premises application provisioning** when prompted for the extension you want to enable. +1. The provisioning agent uses the operating system's web browser to display a popup window for you to authenticate to Azure AD, and potentially also your organization's identity provider. If you are using Internet Explorer as the browser on Windows Server, then you may need to add Microsoft web sites to your browser's trusted site list to allow JavaScript to run correctly. +1. Provide credentials for an Azure AD administrator when you're prompted to authorize. The user is required to have the Hybrid Identity Administrator or Global Administrator role. +1. Select **Confirm** to confirm the setting. Once installation is successful, you can select **Exit**, and also close the Provisioning Agent Package installer. ## Configure the On-premises ECMA app [!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)] - 1. Sign in to the [Azure portal](https://portal.azure.com) as an administrator. - 2. Go to **Enterprise applications** and select **New application**. - 3. Search for the **On-premises ECMA app** application, give the app a name, and select **Create** to add it to your tenant. - 4. Navigate to the **Provisioning** page of your application. - 5. Select **Get started**. - 6. On the **Provisioning** page, change the mode to **Automatic**. - 7. On the **On-Premises Connectivity** section, select the agent that you just deployed and select **Assign Agent(s)**. - 8. Keep this browser window open, as you complete the next step of configuration using the configuration wizard. +1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator). +1. Browse to **Identity** > **Applications** > **Enterprise applications**. +1. Select **New application**. +1. Search for the **On-premises ECMA app** application, give the app a name, and select **Create** to add it to your tenant. +1. Navigate to the **Provisioning** page of your application. +1. Select **Get started**. +1. On the **Provisioning** page, change the mode to **Automatic**. +1. On the **On-Premises Connectivity** section, select the agent that you just deployed and select **Assign Agent(s)**. +1. Keep this browser window open, as you complete the next step of configuration using the configuration wizard. ++## Place the InputFile.txt and Schema.xml file in locations - ## Place the InputFile.txt and Schema.xml file in locations - Before you can create the PowerShell connector for this tutorial, you need to copy the InputFile.txt and Schema.xml file into the correct locations. These files are the ones you needed to download in section [Download the PowerShell setup files](#download-the-powershell-setup-files). +Before you can create the PowerShell connector for this tutorial, you need to copy the InputFile.txt and Schema.xml file into the correct locations. These files are the ones you needed to download in section [Download the PowerShell setup files](#download-the-powershell-setup-files). |File|location| |--|--| If you have already downloaded the provisioning agent and configured it for anot ## Configure the Microsoft Entra ECMA Connector Host certificate - 1. On the Windows Server where the provisioning agent is installed, right click the **Microsoft ECMA2Host Configuration Wizard** from the start menu, and run as administrator. Running as a Windows administrator is necessary for the wizard to create the necessary Windows event logs. - 2. After the ECMA Connector Host Configuration starts, if it's the first time you have run the wizard, it will ask you to create a certificate. Leave the default port **8585** and select **Generate certificate** to generate a certificate. The autogenerated certificate will be self-signed as part of the trusted root. The certificate SAN matches the host name. - 3. Select **Save**. -+1. On the Windows Server where the provisioning agent is installed, right click the **Microsoft ECMA2Host Configuration Wizard** from the start menu, and run as administrator. Running as a Windows administrator is necessary for the wizard to create the necessary Windows event logs. +2. After the ECMA Connector Host Configuration starts, if it's the first time you have run the wizard, it will ask you to create a certificate. Leave the default port **8585** and select **Generate certificate** to generate a certificate. The autogenerated certificate will be self-signed as part of the trusted root. The certificate SAN matches the host name. +3. Select **Save**. ## Create the PowerShell Connector ### General Screen- 1. Launch the Microsoft ECMA2Host Configuration Wizard from the start menu. - 2. At the top, select **Import** and select the configuration.xml file from step 1. - 3. The new connector should be created and appear in red. Click **Edit**. - 4. Generate a secret token used for authenticating Microsoft Entra ID to the connector. It should be 12 characters minimum and unique for each application. If you do not already have a secret generator, you can use a PowerShell command such as the following to generate an example random string. +1. Launch the Microsoft ECMA2Host Configuration Wizard from the start menu. +2. At the top, select **Import** and select the configuration.xml file from step 1. +3. The new connector should be created and appear in red. Click **Edit**. +4. Generate a secret token used for authenticating Microsoft Entra ID to the connector. It should be 12 characters minimum and unique for each application. If you do not already have a secret generator, you can use a PowerShell command such as the following to generate an example random string. ```powershell -join (((48..90) + (96..122)) * 16 | Get-Random -Count 16 | % {[char]$_}) ```- 5. On the **Properties** page, all of the information should be populated. The table is provided as reference. Click **Next**. +5. On the **Properties** page, all of the information should be populated. The table is provided as reference. Click **Next**. - |Property|Value| - |--|--| - |Name|The name you chose for the connector, which should be unique across all connectors in your environment. For example, `PowerShell`.| - |Autosync timer (minutes)|120| - |Secret Token|Enter your secret token here. It should be 12 characters minimum.| - |Extension DLL|For the PowerShell connector, select **Microsoft.IAM.Connector.PowerShell.dll**.| + |Property|Value| + |--|--| + |Name|The name you chose for the connector, which should be unique across all connectors in your environment. For example, `PowerShell`.| + |Autosync timer (minutes)|120| + |Secret Token|Enter your secret token here. It should be 12 characters minimum.| + |Extension DLL|For the PowerShell connector, select **Microsoft.IAM.Connector.PowerShell.dll**.| :::image type="content" source="media/on-premises-powershell-connector/powershell-1.png" alt-text="Screenshot of general screen." lightbox="media/on-premises-powershell-connector/powershell-1.png"::: ### Connectivity+ The connectivity tab allows you to supply configuration parameters for connecting to a remote system. Configure the connectivity tab with the information provided in the table. +- On the **Connectivity** page, all of the information should be populated. The table is provided as reference. Click **Next**. - :::image type="content" source="media/on-premises-powershell-connector/powershell-2.png" alt-text="Screenshot of the connectivity screen." lightbox="media/on-premises-powershell-connector/powershell-2.png"::: |Parameter|Value|Purpose| |-|--|--| The connectivity tab allows you to supply configuration parameters for connectin ### Capabilities+ The capabilities tab defines the behavior and functionality of the connector. The selections made on this tab cannot be modified when the connector has been created. Configure the capabilities tab with the information provided in the table. - On the **Capabilities** page, all of the information should be populated. The table is provided as reference. Click **Next**. - :::image type="content" source="media/on-premises-powershell-connector/powershell-4.png" alt-text="Screenshot of the capabilities screen." lightbox="media/on-premises-powershell-connector/powershell-4.png"::: |Parameter|Value|Purpose| |-|--|--| The capabilities tab defines the behavior and functionality of the connector. Th |Delete-Add As Replace|Checked|Not supported. This will be ignored.| |Enable Export Password in First Pass|Unchecked|Not supported. This will be ignored.| - ### Global Parameters+ The Global Parameters tab enables you to configure the Windows PowerShell scripts that are run by the connector. You can also configure global values for custom configuration settings defined on the Connectivity tab. Configure the global parameters tab with the information provided in the table. +- On the **Global Parameters** page, all of the information should be populated. The table is provided as reference. Click **Next**. :::image type="content" source="media/on-premises-powershell-connector/powershell-5.png" alt-text="Screenshot of the global screen." lightbox="media/on-premises-powershell-connector/powershell-5.png"::: The Global Parameters tab enables you to configure the Windows PowerShell script |Encoding_Global|\<Blank> (defaults to UTF8)| ### Partitions, Run Profiles, Export, FullImport+ Keep the defaults and click **next**. ### Object types+ Configure the object types tab with the information provided in the table. - On the **Object types** page, all of the information should be populated. The table is provided as reference. Click **Next**. Configure the object types tab with the information provided in the table. |DN|AzureObjectID| ### Select Attributes+ Ensure that the following attributes are selected: - On the **Select Attributes** page, all of the information should be populated. The table is provided as reference. Click **Next**. On the Deprovisioning page, you can specify if you wish to have Microsoft Entra Follow these steps to confirm that the connector host has started and has identified any existing users from the target system. - 1. On the server running the Microsoft Entra ECMA Connector Host, select **Start**. - 2. Select **run** if needed, then enter **services.msc** in the box. - 3. In the **Services** list, ensure that **Microsoft ECMA2Host** is present and running. If it is not running, select **Start**. - 4. On the server running the Microsoft Entra ECMA Connector Host, launch PowerShell. - 5. Change to the folder where the ECMA host was installed, such as `C:\Program Files\Microsoft ECMA2Host`. - 6. Change to the subdirectory `Troubleshooting`. - 7. Run the script `TestECMA2HostConnection.ps1` in the directory as shown, and provide as arguments the connector name and the `ObjectTypePath` value `cache`. If your connector host is not listening on TCP port 8585, then you may also need to provide the `-Port` argument as well. When prompted, type the secret token configured for that connector. +1. On the server running the Microsoft Entra ECMA Connector Host, select **Start**. +2. Select **run** if needed, then enter **services.msc** in the box. +3. In the **Services** list, ensure that **Microsoft ECMA2Host** is present and running. If it is not running, select **Start**. +4. On the server running the Microsoft Entra ECMA Connector Host, launch PowerShell. +5. Change to the folder where the ECMA host was installed, such as `C:\Program Files\Microsoft ECMA2Host`. +6. Change to the subdirectory `Troubleshooting`. +7. Run the script `TestECMA2HostConnection.ps1` in the directory as shown, and provide as arguments the connector name and the `ObjectTypePath` value `cache`. If your connector host is not listening on TCP port 8585, then you may also need to provide the `-Port` argument as well. When prompted, type the secret token configured for that connector. ``` PS C:\Program Files\Microsoft ECMA2Host\Troubleshooting> $cout = .\TestECMA2HostConnection.ps1 -ConnectorName PowerShell -ObjectTypePath cache; $cout.length -gt 9 Supply values for the following parameters: SecretToken: ************ ```- 8. If the script displays an error or warning message, then check that the service is running, and the connector name and secret token match those values you configured in the configuration wizard. - 9. If the script displays the output `False`, then the connector has not seen any entries in the source target system for existing users. If this is a new target system installation, then this behavior is to be expected, and you can continue at the next section. - 10. However, if the target system already contains one or more users but the script displayed `False`, then this status indicates the connector could not read from the target system. If you attempt to provision, then Microsoft Entra ID may not correctly match users in that source directory with users in Microsoft Entra ID. Wait several minutes for the connector host to finish reading objects from the existing target system, and then rerun the script. If the output continues to be `False`, then check the configuration of your connector and the permissions in the target system are allowing the connector to read existing users. +8. If the script displays an error or warning message, then check that the service is running, and the connector name and secret token match those values you configured in the configuration wizard. +9. If the script displays the output `False`, then the connector has not seen any entries in the source target system for existing users. If this is a new target system installation, then this behavior is to be expected, and you can continue at the next section. +10. However, if the target system already contains one or more users but the script displayed `False`, then this status indicates the connector could not read from the target system. If you attempt to provision, then Microsoft Entra ID may not correctly match users in that source directory with users in Microsoft Entra ID. Wait several minutes for the connector host to finish reading objects from the existing target system, and then rerun the script. If the output continues to be `False`, then check the configuration of your connector and the permissions in the target system are allowing the connector to read existing users. <a name='test-the-connection-from-azure-ad-to-the-connector-host'></a> ## Test the connection from Microsoft Entra ID to the connector host - 1. Return to the web browser window where you were configuring the application provisioning in the portal. - >[!NOTE] - >If the window had timed out, then you need to re-select the agent. - 1. Sign in to the [Azure portal](https://portal.azure.com). - 2. Go to **Enterprise applications** and the **On-premises ECMA app** application. - 3. Click on **Provisioning**. - 4. If **Get started** appears, then change the mode to **Automatic**, on the **On-Premises Connectivity** section, select the agent that you just deployed and select **Assign Agent(s)**, and wait 10 minutes. Otherwise go to **Edit Provisioning**. - 2. Under the **Admin credentials** section, enter the following URL. Replace the `connectorName` portion with the name of the connector on the ECMA host, such as `PowerShell`. If you provided a certificate from your certificate authority for the ECMA host, then replace `localhost` with the host name of the server where the ECMA host is installed. +1. Return to the web browser window where you were configuring the application provisioning in the portal. - |Property|Value| - |--|--| - |Tenant URL|https://localhost:8585/ecma2host_connectorName/scim| + > [!NOTE] + > If the window had timed out, then you need to re-select the agent. + + 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator). + 1. Browse to **Identity** > **Applications** > **Enterprise applications**. + 1. Select the **On-premises ECMA app** application. + 1. Select **Provisioning**. + 1. If **Get started** appears, then change the mode to **Automatic**, on the **On-Premises Connectivity** section, select the agent that you just deployed and select **Assign Agent(s)**, and wait 10 minutes. Otherwise go to **Edit Provisioning**. - 3. Enter the **Secret Token** value that you defined when you created the connector. - >[!NOTE] - >If you just assigned the agent to the application, please wait 10 minutes for the registration to complete. The connectivity test won't work until the registration completes. Forcing the agent registration to complete by restarting the provisioning agent on your server can speed up the registration process. Go to your server, search for **services** in the Windows search bar, identify the **Microsoft Entra Connect Provisioning Agent** service, right-click the service, and restart. - 4. Select **Test Connection**, and wait one minute. - 5. After the connection test is successful and indicates that the supplied credentials are authorized to enable provisioning, select **Save**. +1. Under the **Admin credentials** section, enter the following URL. Replace the `connectorName` portion with the name of the connector on the ECMA host, such as `PowerShell`. If you provided a certificate from your certificate authority for the ECMA host, then replace `localhost` with the host name of the server where the ECMA host is installed. -## Configure the application connection in the Azure portal + |Property|Value| + |--|--| + |Tenant URL|https://localhost:8585/ecma2host_connectorName/scim| ++1. Enter the **Secret Token** value that you defined when you created the connector. ++ > [!NOTE] + > If you just assigned the agent to the application, please wait 10 minutes for the registration to complete. The connectivity test won't work until the registration completes. Forcing the agent registration to complete by restarting the provisioning agent on your server can speed up the registration process. Go to your server, search for **services** in the Windows search bar, identify the **Azure AD Connect Provisioning Agent** service, right-click the service, and restart. ++1. Select **Test Connection**, and wait one minute. +1. After the connection test is successful and indicates that the supplied credentials are authorized to enable provisioning, select **Save**. ++## Configure the application connection Return to the web browser window where you were configuring the application provisioning. ->[!NOTE] ->If the window had timed out, then you need to re-select the agent. -- 1. Sign in to the [Azure portal](https://portal.azure.com). - 2. Go to **Enterprise applications** and the **On-premises ECMA app** application. - 3. Select on **Provisioning**. - 4. If **Get started** appears, then change the mode to **Automatic**, on the **On-Premises Connectivity** section, select the agent that you deployed and select **Assign Agent(s)**. Otherwise go to **Edit Provisioning**. - 5. Under the **Admin credentials** section, enter the following URL. Replace the `{connectorName}` portion with the name of the connector on the ECMA connector host, such as **CSV**. The connector name is case sensitive and should be the same case as was configured in the wizard. You can also replace `localhost` with your machine hostname. - - |Property|Value| - |--|--| - |Tenant URL| `https://localhost:8585/ecma2host_CSV/scim`| - 6. Enter the **Secret Token** value that you defined when you created the connector. - >[!NOTE] - >If you just assigned the agent to the application, please wait 10 minutes for the registration to complete. The connectivity test won't work until the registration completes. Forcing the agent registration to complete by restarting the provisioning agent on your server can speed up the registration process. Go to your server, search for **services** in the Windows search bar, identify the **Microsoft Entra Connect Provisioning Agent Service**, right-click the service, and restart. - 7. Select **Test Connection**, and wait one minute. - 8. After the connection test is successful and indicates that the supplied credentials are authorized to enable provisioning, select **Save**. +> [!NOTE] +> If the window had timed out, then you need to re-select the agent. ++1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator). +1. Browse to **Identity** > **Applications** > **Enterprise applications**. +1. Select the **On-premises ECMA app** application. +1. Select **Provisioning**. +1. If **Get started** appears, then change the mode to **Automatic**, on the **On-Premises Connectivity** section, select the agent that you deployed and select **Assign Agent(s)**. Otherwise go to **Edit Provisioning**. +1. Under the **Admin credentials** section, enter the following URL. Replace the `{connectorName}` portion with the name of the connector on the ECMA connector host, such as **CSV**. The connector name is case sensitive and should be the same case as was configured in the wizard. You can also replace `localhost` with your machine hostname. ++ |Property|Value| + |--|--| + |Tenant URL| `https://localhost:8585/ecma2host_CSV/scim`| ++1. Enter the **Secret Token** value that you defined when you created the connector. ++ > [!NOTE] + > If you just assigned the agent to the application, please wait 10 minutes for the registration to complete. The connectivity test won't work until the registration completes. Forcing the agent registration to complete by restarting the provisioning agent on your server can speed up the registration process. Go to your server, search for **services** in the Windows search bar, identify the **Azure AD Connect Provisioning Agent Service**, right-click the service, and restart. ++1. Select **Test Connection**, and wait one minute. +1. After the connection test is successful and indicates that the supplied credentials are authorized to enable provisioning, select **Save**. ## Configure attribute mappings Now you need to map attributes between the representation of the user in Microso You'll use the Azure portal to configure the mapping between the Microsoft Entra user's attributes and the attributes that you previously selected in the ECMA Host configuration wizard. - 1. In the Microsoft Entra portal, under **Enterprise applications**, select the **On-premises ECMA app** application, and then the **Provisioning** page. - 2. Select **Edit provisioning**, and wait 10 seconds. - 3. Expand **Mappings** and select **Provision Microsoft Entra Users**. If this is the first time you've configured the attribute mappings for this application, there will be only one mapping present, for a placeholder. - 4. To confirm that the schema is available in Microsoft Entra ID, select the **Show advanced options** checkbox and select **Edit attribute list for ScimOnPremises**. Ensure that all the attributes selected in the configuration wizard are listed. If not, then wait several minutes for the schema to refresh, and then reload the page. Once you see the attributes listed, then cancel from this page to return to the mappings list. - 5. Now, on the click on the **userPrincipalName** PLACEHOLDER mapping. This mapping is added by default when you first configure on-premises provisioning. - Change the value to match the following: +1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator). +1. Browse to **Identity** > **Applications** > **Enterprise applications**. +1. Select the **On-premises ECMA app** application. +1. Select **Provisioning**. +1. Select **Edit provisioning**, and wait 10 seconds. +1. Expand **Mappings** and select **Provision Azure Active Directory Users**. If this is the first time you've configured the attribute mappings for this application, there will be only one mapping present, for a placeholder. +1. To confirm that the schema is available in Azure AD, select the **Show advanced options** checkbox and select **Edit attribute list for ScimOnPremises**. Ensure that all the attributes selected in the configuration wizard are listed. If not, then wait several minutes for the schema to refresh, and then reload the page. Once you see the attributes listed, then cancel from this page to return to the mappings list. +1. Now, on the click on the **userPrincipalName** PLACEHOLDER mapping. This mapping is added by default when you first configure on-premises provisioning. Change the value to match the following: - |Mapping type|Source attribute|Target attribute| - |--|--|--| - |Direct|userPrincipalName|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:UserName| - 4. Now select **Add New Mapping**, and repeat the next step for each mapping. - 5. Specify the source and target attributes for each of the mappings in the following table. -- - |Mapping type|Source attribute|Target attribute| - |--|--|--| - |Direct|objectId|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:AzureObjectID| - |Direct|userPrincipalName|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:UserName| - |Direct|displayName|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:DisplayName| - |Direct|employeeId|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:EmployeeId| - |Direct|jobTitle|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:Title| - |Direct|mail|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:Email| - |Expression|Switch([IsSoftDeleted],, "False", "True", "True", "False")|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:IsActive| + |Mapping type|Source attribute|Target attribute| + |--|--|--| + |Direct|userPrincipalName|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:UserName| + +1. Now select **Add New Mapping**, and repeat the next step for each mapping. +1. Specify the source and target attributes for each of the mappings in the following table. ++ |Mapping type|Source attribute|Target attribute| + |--|--|--| + |Direct|objectId|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:AzureObjectID| + |Direct|userPrincipalName|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:UserName| + |Direct|displayName|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:DisplayName| + |Direct|employeeId|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:EmployeeId| + |Direct|jobTitle|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:Title| + |Direct|mail|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:Email| + |Expression|Switch([IsSoftDeleted],, "False", "True", "True", "False")|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:IsActive| + :::image type="content" source="media/on-premises-powershell-connector/powershell-8.png" alt-text="Screenshot of attribute mappings." lightbox="media/on-premises-powershell-connector/powershell-8.png"::: - 6. Once all of the mappings have been added, select **Save**. +1. Once all of the mappings have been added, select **Save**. ## Assign users to an application If there are existing users in the InputFile.txt, then you should create applica Otherwise, if there are no current users of the application, then select a test user from Microsoft Entra who will be provisioned to the application. - 1. Ensure that the user selected has all the properties, mapped to the required attributes of the schema. - 2. In the Azure portal, select **Enterprise applications**. - 3. Select the **On-premises ECMA app** application. - 4. On the left, under **Manage**, select **Users and groups**. - 5. Select **Add user/group**. - 6. Under **Users**, select **None Selected**. - 7. Select users from the right and select the **Select** button. - 8. Now select **Assign**. +1. Ensure that the user selected has all the properties, mapped to the required attributes of the schema. +1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator). +1. Browse to **Identity** > **Applications** > **Enterprise applications**. +1. Select the **On-premises ECMA app** application. +1. On the left, under **Manage**, select **Users and groups**. +1. Select **Add user/group**. +1. Under **Users**, select **None Selected**. +1. Select users from the right and select the **Select** button. +1. Now select **Assign**. ## Test provisioning Now that your attributes are mapped and users are assigned, you can test on-demand provisioning with one of your users. - 1. In the Azure portal, select **Enterprise applications**. - 2. Select the **On-premises ECMA app** application. - 3. On the left, select **Provisioning**. - 4. Select **Provision on demand**. - 5. Search for one of your test users, and select **Provision**. - 6. After several seconds, then the message **Successfully created user in target system** appears, with a list of the user attributes. +1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator). +1. Browse to **Identity** > **Applications** > **Enterprise applications**. +1. Select the **On-premises ECMA app** application. +1. Select **Provisioning**. +1. Select **Provision on demand**. +1. Search for one of your test users, and select **Provision**. +1. After several seconds, then the message **Successfully created user in target system** appears, with a list of the user attributes. ## Start provisioning users 1. After on-demand provisioning is successful, change back to the provisioning configuration page. Ensure that the scope is set to only assigned users and groups, turn provisioning **On**, and select **Save**. 2. Wait several minutes for provisioning to start. It might take up to 40 minutes. After the provisioning job has been completed, as described in the next section, if you're done testing, you can change the provisioning status to **Off**, and select **Save**. This action stops the provisioning service from running in the future. - ## Next steps - [App provisioning](user-provisioning.md) |
active-directory | On Premises Scim Provisioning | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/on-premises-scim-provisioning.md | The Microsoft Entra provisioning service supports a [SCIM 2.0](https://techcommu If you have already downloaded the provisioning agent and configured it for another on-premises application, then continue reading in the next section. - 1. In the Azure portal, select **Microsoft Entra ID**. - 2. On the left, select **Microsoft Entra Connect**. - 3. On the left, select **Cloud sync**. +1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Hybrid Identity Administrator](../roles/permissions-reference.md#hybrid-identity-administrator). +1. Browse to **Identity** > **Hybrid management** > **Azure AD Connect** > **Cloud Sync** > **Agents**. - :::image type="content" source="../../../includes/media/active-directory-cloud-sync-how-to-install/new-ux-1.png" alt-text="Screenshot of new UX screen." lightbox="../../../includes/media/active-directory-cloud-sync-how-to-install/new-ux-1.png"::: + :::image type="content" source="../../../includes/media/active-directory-cloud-sync-how-to-install/new-ux-1.png" alt-text="Screenshot of new UX screen." lightbox="../../../includes/media/active-directory-cloud-sync-how-to-install/new-ux-1.png"::: - 4. On the left, select **Agent**. - 5. Select **Download on-premises agent**, and select **Accept terms & download**. +1. Select **Download on-premises agent**, and select **Accept terms & download**. >[!NOTE] >Please use different provisioning agents for on-premises application provisioning and Microsoft Entra Connect Cloud Sync / HR-driven provisioning. All three scenarios should not be managed on the same agent. If you have already downloaded the provisioning agent and configured it for anot ## Provisioning to SCIM-enabled application Once the agent is installed, no further configuration is necessary on-premises, and all provisioning configurations are then managed from the portal. Repeat the below steps for every on-premises application being provisioned via SCIM. - 1. In the Azure portal navigate to the Enterprise applications and add the **On-premises SCIM app** from the [gallery](../../active-directory/manage-apps/add-application-portal.md). - 2. From the left hand menu navigate to the **Provisioning** option and select **Get started**. - 3. Select **Automatic** from the dropdown list and expand the **On-Premises Connectivity** option. - 4. Select the agent that you installed from the dropdown list and select **Assign Agent(s)**. - 5. Now either wait 10 minutes or restart the **Microsoft Entra Connect Provisioning Agent** before proceeding to the next step & testing the connection. - 6. In the **Tenant URL** field, provide the SCIM endpoint URL for your application. The URL is typically unique to each target application and must be resolvable by DNS. An example for a scenario where the agent is installed on the same host as the application is https://localhost:8585/scim ![Screenshot that shows assigning an agent.](./media/on-premises-scim-provisioning/scim-2.png) - 7. Select **Test Connection**, and save the credentials. The application SCIM endpoint must be actively listening for inbound provisioning requests, otherwise the test will fail. Use the steps [here](on-premises-ecma-troubleshoot.md#troubleshoot-test-connection-issues) if you run into connectivity issues. - >[!NOTE] -> If the test connection fails, you will see the request made. Please note that while the URL in the test connection error message is truncated, the actual request sent to the application contains the entire URL provided above. -- 8. Configure any [attribute mappings](customize-application-attributes.md) or [scoping](define-conditional-rules-for-provisioning-user-accounts.md) rules required for your application. - 9. Add users to scope by [assigning users and groups](../../active-directory/manage-apps/add-application-portal-assign-users.md) to the application. - 10. Test provisioning a few users [on demand](provision-on-demand.md). - 11. Add more users into scope by assigning them to your application. - 12. Go to the **Provisioning** pane, and select **Start provisioning**. - 13. Monitor using the [provisioning logs](../../active-directory/reports-monitoring/concept-provisioning-logs.md). +1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator). +1. Browse to **Identity** > **Applications** > **Enterprise applications**. +1. Add the **On-premises SCIM app** from the [gallery](../../active-directory/manage-apps/add-application-portal.md). +1. From the left hand menu navigate to the **Provisioning** option and select **Get started**. +1. Select **Automatic** from the dropdown list and expand the **On-Premises Connectivity** option. +1. Select the agent that you installed from the dropdown list and select **Assign Agent(s)**. +1. Now either wait 10 minutes or restart the **Microsoft Azure AD Connect Provisioning Agent** before proceeding to the next step & testing the connection. +1. In the **Tenant URL** field, provide the SCIM endpoint URL for your application. The URL is typically unique to each target application and must be resolvable by DNS. An example for a scenario where the agent is installed on the same host as the application is https://localhost:8585/scim ++ ![Screenshot that shows assigning an agent.](./media/on-premises-scim-provisioning/scim-2.png) ++1. Select **Test Connection**, and save the credentials. The application SCIM endpoint must be actively listening for inbound provisioning requests, otherwise the test will fail. Use the steps [here](on-premises-ecma-troubleshoot.md#troubleshoot-test-connection-issues) if you run into connectivity issues. ++ > [!NOTE] + > If the test connection fails, you will see the request made. Please note that while the URL in the test connection error message is truncated, the actual request sent to the application contains the entire URL provided above. ++1. Configure any [attribute mappings](customize-application-attributes.md) or [scoping](define-conditional-rules-for-provisioning-user-accounts.md) rules required for your application. +1. Add users to scope by [assigning users and groups](../../active-directory/manage-apps/add-application-portal-assign-users.md) to the application. +1. Test provisioning a few users [on demand](provision-on-demand.md). +1. Add more users into scope by assigning them to your application. +1. Go to the **Provisioning** pane, and select **Start provisioning**. +1. Monitor using the [provisioning logs](../../active-directory/reports-monitoring/concept-provisioning-logs.md). The following video provides an overview of on-premises provisioning.+ > [!VIDEO https://www.youtube.com/embed/QdfdpaFolys] ## Additional requirements |
active-directory | Plan Cloud Hr Provision | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/plan-cloud-hr-provision.md | You also need a valid Microsoft Entra ID P1 or higher subscription license for e ### Prerequisites -- Microsoft Entra ID [hybrid identity administrator](../roles/permissions-reference.md#hybrid-identity-administrator) to configure the Microsoft Entra Connect provisioning agent.-- Microsoft Entra ID [application administrator](../roles/permissions-reference.md#application-administrator) role to configure the provisioning app in the Azure portal+- [Hybrid Identity Administrator](../roles/permissions-reference.md#hybrid-identity-administrator) role to configure the Connect provisioning agent. +- [Application Administrator](../roles/permissions-reference.md#application-administrator) role to configure the provisioning app. - A test and production instance of the cloud HR app. - Administrator permissions in the cloud HR app to create a system integration user and make changes to test employee data for testing purposes. - For user provisioning to Active Directory, a server running Windows Server 2016 or greater is required to host the Microsoft Entra Connect provisioning agent. This server should be a tier 0 server based on the Active Directory administrative tier model. |
active-directory | Provision On Demand | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/provision-on-demand.md | Use on-demand provisioning to provision a user or group in seconds. Among other ::: zone pivot="app-provisioning" -2. Browse to **Identity** > **Applications** > **Enterprise applications** > **All applications**. +2. Browse to **Identity** > **Applications** > **Enterprise applications** > select your application. +3. Select **Provisioning**. -3. Select your application, and then go to the provisioning configuration page. ::: zone-end ::: zone pivot="cross-tenant-synchronization" 2. Browse to **Identity** > **External Identities** > **Cross-tenant Synchronization** > **Configurations**- 3. Select your configuration, and then go to the **Provisioning** configuration page.+ ::: zone-end 4. Configure provisioning by providing your admin credentials. Use on-demand provisioning to provision a user or group in seconds. Among other 5. Select **Provision on demand**. 6. Search for a user by first name, last name, display name, user principal name, or email address. Alternatively, you can search for a group and pick up to five users. + > [!NOTE] > For Cloud HR provisioning app (Workday/SuccessFactors to AD/Azure AD), the input value is different. > For Workday scenario, please provide "WorkerID" or "WID" of the user in Workday. |
active-directory | Skip Out Of Scope Deletions | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/skip-out-of-scope-deletions.md | Because this configuration is widely used with the *Workday to Active Directory [!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)] -1. Sign in to the [Azure portal](https://portal.azure.com), and navigate to the Properties section of your provisioning application. For example, if you want to export your *Workday to AD User Provisioning application* mapping navigate to the Properties section of that app. -1. In the Properties section of your provisioning app, copy the GUID value associated with the *Object ID* field. This value is also called the **ServicePrincipalId** of your app and it's used in Graph Explorer operations. +1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator). +1. Browse to **Identity** > **Applications** > **Enterprise applications**. +1. Select your application and go to Properties section of your provisioning app. In this example we are using Workday. +1. Copy the GUID value in the *Object ID* field. This value is also called the **ServicePrincipalId** of your app and it's used in Graph Explorer operations. ![Screenshot of Workday App Service Principal ID.](./media/skip-out-of-scope-deletions/wd_export_01.png) |
active-directory | Use Scim To Provision Users And Groups | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/use-scim-to-provision-users-and-groups.md | Use the general guidelines when implementing a SCIM endpoint to ensure compatibi * `id` is a required property for all resources. Every response that returns a resource should ensure each resource has this property, except for `ListResponse` with zero elements. * Values sent should be stored in the same format they were sent. Invalid values should be rejected with a descriptive, actionable error message. Transformations of data shouldn't happen between data from Microsoft Entra ID and data stored in the SCIM application. (for example. A phone number sent as 55555555555 shouldn't be saved/returned as +5 (555) 555-5555) * It isn't necessary to include the entire resource in the **PATCH** response.-* Don't require a case-sensitive match on structural elements in SCIM, in particular **PATCH** `op` operation values, as defined in [section 3.5.2](https://tools.ietf.org/html/rfc7644#section-3.5.2). Microsoft Entra ID emits the values of `op` as **Add**, **Replace**, and **Remove**. -* Microsoft Entra ID makes requests to fetch a random user and group to ensure that the endpoint and the credentials are valid. It's also done as a part of the **Test Connection** flow in the [Azure portal](https://portal.azure.com). +* Don't require a case-sensitive match on structural elements in SCIM, in particular **PATCH** `op` operation values, as defined in [section 3.5.2](https://tools.ietf.org/html/rfc7644#section-3.5.2). Azure AD emits the values of `op` as **Add**, **Replace**, and **Remove**. +* Microsoft Azure AD makes requests to fetch a random user and group to ensure that the endpoint and the credentials are valid. It's also done as a part of the **Test Connection** flow. * Support HTTPS on your SCIM endpoint. * Custom complex and multivalued attributes are supported but Microsoft Entra ID doesn't have many complex data structures to pull data from in these cases. Name/value attributes can be mapped to easily, but flowing data to complex attributes with three or more subattributes isn't supported. * The "type" subattribute values of multivalued complex attributes must be unique. For example, there can't be two different email addresses with the "work" subtype. Use the general guidelines when implementing a SCIM endpoint to ensure compatibi * Response to a query/filter request should always be a `ListResponse`. * Microsoft Azure AD only uses the following operators: `eq`, `and`-* The attribute that the resources can be queried on should be set as a matching attribute on the application in the [Microsoft Entra admin center](https://entra.microsoft.com), see [Customizing User Provisioning Attribute Mappings](customize-application-attributes.md). +* The attribute that the resources can be queried on should be set as a matching attribute on the application, see [Customizing User Provisioning Attribute Mappings](customize-application-attributes.md). ### /Users: Use the general guidelines when implementing a SCIM endpoint to ensure compatibi * If a value isn't present, don't send null values. * Property values should be camel cased (for example, readWrite). * Must return a list response.-* The Microsoft Entra provisioning service makes the /schemas request when you save the provisioning configuration in the Azure portal. The request is also made when you open the edit provisioning page in the Azure portal. Other attributes discovered are surfaced to customers in the attribute mappings under the target attribute list. Schema discovery only leads to more target attributes being added. Attributes aren't removed. +* The Microsoft Entra provisioning service makes the /schemas request when you save the provisioning configuration. The request is also made when you open the edit provisioning page. Other attributes discovered are surfaced to customers in the attribute mappings under the target attribute list. Schema discovery only leads to more target attributes being added. Attributes aren't removed. ### User provisioning and deprovisioning It's recommended, but not required, that you support multiple secrets for easy r 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator). 1. Browse to **Identity** > **Applications** > **Enterprise applications** > **Application** > **Provisioning** and select **Authorize**. - 1. Microsoft Entra admin center redirects user to the Authorization URL (sign in page for the third party app). +1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator). +1. Browse to **Identity** > **Applications** > **Enterprise applications**. +1. Select your application and go to **Provisioning**. +1. Select **Authorize**. ++ 1. Users are redirected to the Authorization URL (sign in page for the third party app). 1. Admin provides credentials to the third party application. - 1. Third party app redirects user back to Microsoft Entra admin center and provides the grant code + 1. The third party app redirects user back and provides the grant code - 1. Microsoft Entra provisioning service calls the token URL and provides the grant code. The third party application responds with the access token, refresh token, and expiry date + 1. The Provisioning Service calls the token URL and provides the grant code. The third party application responds with the access token, refresh token, and expiry date 1. When the provisioning cycle begins, the service checks if the current access token is valid and exchanges it for a new token if needed. The access token is provided in each request made to the app and the validity of the request is checked before each request. |
active-directory | User Provisioning Sync Attributes For Mapping | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/user-provisioning-sync-attributes-for-mapping.md | You can use Microsoft Graph and PowerShell to extend the user schema for users i Once schema extensions are created, these extension attributes are automatically discovered when you next visit the provisioning page in the Microsoft Entra admin center, in most cases. -When you've more than 1000 service principals, you may find extensions missing in the source attribute list. If an attribute you've created doesn't automatically appear, then verify the attribute was created and add it manually to your schema. To verify it was created, use Microsoft Graph and [Graph Explorer](/graph/graph-explorer/graph-explorer-overview). To add it manually to your schema, see [Editing the list of supported attributes](customize-application-attributes.md#editing-the-list-of-supported-attributes). +When you have more than 1000 service principals, you may find extensions missing in the source attribute list. If an attribute you've created doesn't automatically appear, then verify the attribute was created and add it manually to your schema. To verify it was created, use Microsoft Graph and [Graph Explorer](/graph/graph-explorer/graph-explorer-overview). To add it manually to your schema, see [Editing the list of supported attributes](customize-application-attributes.md#editing-the-list-of-supported-attributes). ### Create an extension attribute for cloud only users using Microsoft Graph You can extend the schema of Microsoft Entra users using [Microsoft Graph](/graph/overview). First, list the apps in your tenant to get the ID of the app you're working on. GET https://graph.microsoft.com/v1.0/applications ``` -Next, create the extension attribute. Replace the **ID** property below with the **ID** retrieved in the previous step. You'll need to use the **"ID"** attribute and not the "appId". To learn more, see [Create extensionProperty]/graph/api/application-post-extensionproperty). +Next, create the extension attribute. Replace the **ID** property below with the **ID** retrieved in the previous step. You need to use the **"ID"** attribute and not the "appId". To learn more, see [Create extensionProperty]/graph/api/application-post-extensionproperty). ```json POST https://graph.microsoft.com/v1.0/applications/{id}/extensionProperties Content-type: application/json "extension_inputAppId_extensionName": "extensionValue" } ```-Finally, verify the attribute for the user. To learn more, see [Get a user](/graph/api/user-get). Note that the Graph v1.0 does not by default return any of a user's directory extension attributes, unless the attributes are specified in the request as one of the properties to return. +Finally, verify the attribute for the user. To learn more, see [Get a user](/graph/api/user-get). Graph v1.0 doesn't by default return any of a user's directory extension attributes, unless the attributes are specified in the request as one of the properties to return. ```json GET https://graph.microsoft.com/v1.0/users/{id}?$select=displayName,extension_inputAppId_extensionName GET https://graph.microsoft.com/v1.0/users/{id}?$select=displayName,extension_in ### Create an extension attribute on a cloud only user using PowerShell Create a custom extension using PowerShell and assign a value to a user. -``` +```PowerShell #Connect to your Azure AD tenant Connect-AzureAD Get-AzureADUser -ObjectId 0ccf8df6-62f1-4175-9e55-73da9e742690 | Select -ExpandP ``` ## Create an extension attribute using cloud sync-Cloud sync will automatically discover your extensions in on-premises Active Directory when you go to add a new mapping. Use the steps below to auto-discover these attributes and set up a corresponding mapping to Microsoft Entra ID. +Cloud sync will automatically discover your extensions in on-premises Active Directory when you go to add a new mapping. Use the steps below to autodiscover these attributes and set up a corresponding mapping to Azure AD. 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Hybrid Identity Administrator](../roles/permissions-reference.md#hybrid-identity-administrator).-2. Browse to **Identity** > **Hybrid management** > **Microsoft Entra Connect**. -3. Select **Manage Microsoft Entra cloud sync**. --4. Select the configuration you wish to add the extension attribute and mapping. -5. Under **Manage attributes** select **click to edit mappings**. -6. Click **Add attribute mapping**. The attributes will automatically be discovered. -7. The new attributes will be available in the drop-down under **source attribute**. -8. Fill in the type of mapping you want and click **Apply**. +1. Browse to **Identity** > **Hybrid management** > **Azure AD Connect** > **Cloud Sync**. +1. Select the configuration you wish to add the extension attribute and mapping. +1. Under **Manage attributes** select **click to edit mappings**. +1. Select **Add attribute mapping**. The attributes will automatically be discovered. +1. The new attributes are available in the drop-down under **source attribute**. +1. Fill in the type of mapping you want and select **Apply**. + [![Custom attribute mapping](media/user-provisioning-sync-attributes-for-mapping/schema-1.png)](media/user-provisioning-sync-attributes-for-mapping/schema-1.png#lightbox) For more information, see [Cloud Sync Custom Attribute Mapping](../hybrid/cloud-sync/custom-attribute-mapping.md) For more information, see [Cloud Sync Custom Attribute Mapping](../hybrid/cloud- If users who will access the applications originate in on-premises Active Directory, then you must sync the attributes with the users from Active Directory to Microsoft Entra ID. You will need to perform the following tasks before configuring provisioning to your application. -1. Check with the on-premises Active Directory domain admins whether the required attributes are part of the AD DS schema, and if they are not, extend the AD DS schema in the domains where those users have accounts. +1. Check with the on-premises Active Directory domain admins whether the required attributes are part of the AD DS schema, and if they aren't, extend the AD DS schema in the domains where those users have accounts. 1. Open the Microsoft Entra Connect wizard, choose Tasks, and then choose **Customize synchronization options**. ![Microsoft Entra Connect wizard Additional tasks page](./media/user-provisioning-sync-attributes-for-mapping/active-directory-connect-customize.png) -2. Sign in as a Microsoft Entra Global Administrator. +2. Sign in as a [Global Administrator](../roles/permissions-reference.md#global-administrator). 3. On the **Optional Features** page, select **Directory extension attribute sync**. |
active-directory | Workday Integration Reference | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/workday-integration-reference.md | Let's say you want to retrieve the following data sets from Workday and use them The above data sets aren't included by default. To retrieve these data sets:-1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) and open your Workday to AD/Azure AD user provisioning app. -1. In the Provisioning blade, edit the mappings and open the Workday attribute list from the advanced section. -1. Add the following attributes definitions and mark them as "Required". These attributes aren't mapped to any attribute in AD or Microsoft Entra ID. They serve as signals to the connector to retrieve the Cost Center, Cost Center Hierarchy and Pay Group information. ++1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator). +1. Browse to **Identity** > **Applications** > **Enterprise applications**. +1. Select your Workday to AD/Azure AD user provisioning application. +1. Select **Provisioning**. +1. Edit the mappings and open the Workday attribute list from the advanced section. +1. Add the following attributes definitions and mark them as "Required". These attributes aren't mapped to any attribute in AD or Azure AD. They serve as signals to the connector to retrieve the Cost Center, Cost Center Hierarchy and Pay Group information. > [!div class="mx-tdCol2BreakAll"] >| Attribute Name | XPATH API expression | |
active-directory | Workday Retrieve Pronoun Information | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/workday-retrieve-pronoun-information.md | Once you confirm that pronoun data is available in the *Get_Workers* response, g <a name='updating-azure-ad-provisioning-app-to-retrieve-pronouns'></a> -To retrieve pronouns from Workday, update your Microsoft Entra provisioning app to query Workday using v38.1 of the Workday Web Services. We recommend testing this configuration first in your test/sandbox environment before implementing the change in production. +To retrieve pronouns from Workday, update your Azure AD provisioning app to query Workday using v38.1 of the Workday Web Services. We recommend testing this configuration first in your test/sandbox environment before implementing the change in production. + 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator).-1. Open your *Workday to AD User provisioning* app OR *Workday to Microsoft Entra ID User provisioning* app. +1. Browse to **Identity** > **Applications** > **Enterprise applications**. +1. Select your Workday to AD/Azure AD user provisioning application and go to **Provisioning** . 1. In the **Admin Credentials** section, update the **Tenant URL** to include the Workday Web Service version v38.1 as shown. >[!div class="mx-imgBorder"] |
active-directory | Application Proxy Configure Native Client Application | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-proxy/application-proxy-configure-native-client-application.md | The required info in the sample code can be found in the Microsoft Entra admin c | Info required | How to find it in the Microsoft Entra admin center | | | |-| \<Tenant ID> | **Microsoft Entra ID** > **Properties** > **Directory ID** | +| \<Tenant ID> | **Identity** > **Overview** > **Properties** | | \<App ID of the Native app> | **Application registration** > *your native application* > **Overview** > **Application ID** | | \<Scope> | **Application registration** > *your native application* > **API permissions** > Click on the Permission API (user_impersonation) > A panel with the caption **user_impersonation** appears on the right hand side. > The scope is the URL in the edit box. | \<Proxy App URL> | the External URL and path to the API |
active-directory | Application Proxy Configure Single Sign On Password Vaulting | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-proxy/application-proxy-configure-single-sign-on-password-vaulting.md | You should already have published and tested your app with Application Proxy. If 1. Select **Users and Groups**. 1. Assign users to the application with selecting **Add user**. 1. If you want to predefine credentials for a user, check the box front of the user name and select **Update credentials**.-1. Select **Microsoft Entra ID** > **App registrations** > **All applications**. +1. Browse to **Identity** > **Applications** > **App registrations** > **All applications**. 1. From the list, select the app that you configured with Password SSO. 1. Select **Branding**. 1. Update the **Home page URL** with the **Sign on URL** from the Password SSO page and select **Save**. |
active-directory | Application Proxy Integrate With Teams | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-proxy/application-proxy-integrate-with-teams.md | Your users can add cloud apps to their Teams channels [using tabs](https://suppo If you haven't already, [configure Application Proxy for your tenant and install the connector](../app-proxy/application-proxy-add-on-premises-application.md). Then, publish your on-premises application for remote access. When you're publishing the app, make note of the external URL because it's used to add the app to Teams. -If you already have your apps published but don't remember their external URLs, look them up in the [Microsoft Entra admin center](https://portal.azure.com). Sign in, then navigate to **Microsoft Entra ID** > **Enterprise applications** > **All applications** > select your app > **Application proxy**. +If you already have your apps published but don't remember their external URLs, look them up in the [Microsoft Entra admin center](https://entra.microsoft.com). Sign in, then browse to **Identity** > **Applications** > **Enterprise applications** > select your app > **Application proxy**. ## Add your app to Teams |
active-directory | 4 Secure Access Groups | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/architecture/4-secure-access-groups.md | Learn more: * [Overview of Microsoft 365 Groups for administrators](/microsoft-365/admin/create-groups/office-365-groups?view=o365-worldwide&preserve-view=true) * [Create a group in the Microsoft 365 admin center](/microsoft-365/admin/create-groups/create-groups?view=o365-worldwide&preserve-view=true)-* [Azure portal](https://portal.azure.com/) +* [Microsoft Entra admin center](https://entra.microsoft.com) * [Microsoft 365 admin center](https://admin.microsoft.com/) ### Microsoft 365 Groups roles |
active-directory | 9 Secure Access Teams Sharepoint | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/architecture/9-secure-access-teams-sharepoint.md | Sharing in Microsoft 365 is partially governed by the **External Identities, Ext Learn more: -* [Azure portal](https://portal.azure.com/) -* [External Identities in Microsoft Entra ID](../external-identities/external-identities-overview.md) +* [Microsoft Entra admin center](https://entra.microsoft.com) +* [External Identities in Azure AD](../external-identities/external-identities-overview.md) ### Guest user access Guest users are invited to have access to resources. -1. Sign in to the **Azure portal** -1. Browse to **Microsoft Entra ID** > **External Identities** > **External collaboration settings**. +1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com). +1. Browse to **Identity** > **External Identities** > **External collaboration settings**. 1. Find the **Guest user access** options. 1. To prevent guest-user access to other guest-user details, and to prevent enumeration of group membership, select **Guest users have limited access to properties and memberships of directory objects**. |
active-directory | How To Authentication Methods Manage | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/authentication/how-to-authentication-methods-manage.md | If you aren't using SSPR and aren't yet using the Authentication methods policy, ### Review the legacy MFA policy -Start by documenting which methods are available in the legacy MFA policy. Sign in to the [Azure portal](https://portal.azure.com) as a [Global Administrator](../roles/permissions-reference.md#global-administrator). Go to **Microsoft Entra ID** > **Users** > **All users** > **Per-user MFA** > **service settings** to view the settings. These settings are tenant-wide, so there's no need for user or group information. +Start by documenting which methods are available in the legacy MFA policy. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as a [Global Administrator](../roles/permissions-reference.md#global-administrator). Go to **Identity** > **Users** > **All users** > **Per-user MFA** > **service settings** to view the settings. These settings are tenant-wide, so there's no need for user or group information. :::image type="content" border="false" source="media/how-to-authentication-methods-manage/legacy-mfa-policy.png" alt-text="Screenshot the shows the legacy Microsoft Entra multifactor authentication policy." lightbox="media/how-to-authentication-methods-manage/legacy-mfa-policy.png"::: For each method, note whether or not it's enabled for the tenant. The following ### Review the legacy SSPR policy -To get the authentication methods available in the legacy SSPR policy, go to **Microsoft Entra ID** > **Users** > **Password reset** > **Authentication methods**. The following table lists the available methods in the legacy SSPR policy and corresponding methods in the Authentication method policy. +To get the authentication methods available in the legacy SSPR policy, go to **Identity** > **Users** > **Password reset** > **Authentication methods**. The following table lists the available methods in the legacy SSPR policy and corresponding methods in the Authentication method policy. :::image type="content" border="false" source="media/how-to-authentication-methods-manage/legacy-sspr-policy.png" alt-text="Screenshot that shows the legacy Microsoft Entra SSPR policy." lightbox="media/how-to-authentication-methods-manage/legacy-sspr-policy.png"::: |
active-directory | Howto Mfa Mfasettings | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/authentication/howto-mfa-mfasettings.md | To block a user, complete the following steps. [Watch a short video that describes this process.](https://www.youtube.com/watch?v=WdeE1On4S1o&feature=youtu.be) -1. Browse to **Microsoft Entra ID** > **Security** > **multifactor authentication** > **Block/unblock users**. +1. Browse to **Protection** > **Multifactor authentication** > **Block/unblock users**. 1. Select **Add** to block a user. 1. Enter the user name for the blocked user in the format `username@domain.com`, and then provide a comment in the **Reason** box. 1. Select **OK** to block the user. To block a user, complete the following steps. To unblock a user, complete the following steps: -1. Go to **Microsoft Entra ID** > **Security** > **multifactor authentication** > **Block/unblock users**. +1. Go to **Protection** > **Multifactor authentication** > **Block/unblock users**. 1. In the **Action** column next to the user, select **Unblock**. 1. Enter a comment in the **Reason for unblocking** box. 1. Select **OK** to unblock the user. To enable **Report suspicious activity** from the Authentication methods **Setti When a user reports a MFA prompt as suspicious, the event shows up in the Sign-ins report (as a sign-in that was rejected by the user), in the Audit logs, and in the Risk detections report. -- To view the risk detections report, select **Microsoft Entra ID** > **Security** > **Identity Protection** > **Risk detection**. The risk event is part of the standard **Risk Detections** report, and will appear as Detection Type **User Reported Suspicious Activity**, Risk level **High**, Source **End user reported**. +- To view the risk detections report, select **Protection** > **Identity Protection** > **Risk detection**. The risk event is part of the standard **Risk Detections** report, and will appear as Detection Type **User Reported Suspicious Activity**, Risk level **High**, Source **End user reported**. -- To view fraud reports in the Sign-ins report, select **Microsoft Entra ID** > **Sign-in logs** > **Authentication Details**. The fraud report is part of the standard **Microsoft Entra Sign-ins** report and appears in the Result Detail as MFA denied, Fraud Code Entered. +- To view fraud reports in the Sign-ins report, select **Identity** > **Monitoring & health** > **Sign-in logs** > **Authentication Details**. The fraud report is part of the standard **Azure AD Sign-ins** report and appears in the Result Detail as MFA denied, Fraud Code Entered. -- To view fraud reports in the Audit logs, select **Microsoft Entra ID** > **Audit logs**. The fraud report appears under Activity type Fraud reported - user is blocked for MFA or Fraud reported - no action taken based on the tenant-level settings for fraud report. +- To view fraud reports in the Audit logs, select **Identity** > **Monitoring & health** > **Audit logs**. The fraud report appears under Activity type Fraud reported - user is blocked for MFA or Fraud reported - no action taken based on the tenant-level settings for fraud report. ### Manage suspicious activity events You can configure Microsoft Entra ID to send email notifications when users repo To configure fraud alert notifications: -1. Go to **Microsoft Entra ID** > **Security** > **multifactor authentication** > **Notifications**. +1. Go to **Protection** > **Multi-Factor Authentication** > **Notifications**. 1. Enter the email address to send the notification to. 1. To remove an existing email address, select **...** next to the email address, and then select **Delete**. 1. Select **Save**. The following table lists more numbers for different countries. To configure your own caller ID number, complete the following steps: -1. Go to **Microsoft Entra ID** > **Security** > **multifactor authentication** > **Phone call settings**. +1. Go to **Protection** > **Multifactor authentication** > **Phone call settings**. 1. Set the **MFA caller ID number** to the number you want users to see on their phones. Only US-based numbers are allowed. 1. Select **Save**. You can use the following sample scripts to create your own custom messages. The To use your own custom messages, complete the following steps: -1. Go to **Microsoft Entra ID** > **Security** > **multifactor authentication** > **Phone call settings**. +1. Go to **Protection** > **Multifactor authentication** > **Phone call settings**. 1. Select **Add greeting**. 1. Choose the **Type** of greeting, such as **Greeting (standard)** or **Authentication successful**. 1. Select the **Language**. See the previous section on [custom message language behavior](#custom-message-language-behavior). |
active-directory | Howto Mfa Server Settings | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/authentication/howto-mfa-server-settings.md | Caching is primarily used when on-premises systems, such as VPN, send multiple v To set up caching, complete the following steps: -1. Browse to **Microsoft Entra ID** > **Security** > **MFA** > **Caching rules**. +1. Browse to **Protection** > **Multifactor authentication** > **Caching rules**. 1. Select **Add**. 1. Select the **cache type** from the drop-down list. Enter the maximum number of **cache seconds**. 1. If necessary, select an authentication type and specify an application. |
active-directory | Concept Conditional Access Grant | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/conditional-access/concept-conditional-access-grant.md | The following client apps support this setting. This list isn't exhaustive and i - Microsoft Cortana - Microsoft Edge - Microsoft Excel-- Microsoft Flow Mobile+- Microsoft Power Automate - Microsoft Launcher - Microsoft Lists - Microsoft Office The following client apps support this setting. This list isn't exhaustive and i - Nine Mail - Email and Calendar - Notate for Intune - Provectus - Secure Contacts-- Yammer (Android, iOS, and iPadOS)+- Viva Engage (Android, iOS, and iPadOS) > [!NOTE] > Kaizala, Skype for Business, and Visio don't support the **Require app protection policy** grant. If you require these apps to work, use the **Require approved apps** grant exclusively. Using the "or" clause between the two grants will not work for these three applications. |
active-directory | Policy Migration Mfa | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/conditional-access/policy-migration-mfa.md | Title: Migrate a classic Conditional Access policy -description: This article shows how to migrate a classic Conditional Access policy in the Azure portal. +description: This article shows how to migrate a classic Conditional Access policy. |
active-directory | Require Tou | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/conditional-access/require-tou.md | The scenario in this quickstart uses: In the previous section, you created a Conditional Access policy requiring terms of use be accepted. -To test your policy, try to sign in to the [Azure portal](https://portal.azure.com) using your test account. You should see a dialog that requires you to accept your terms of use. +To test your policy, try to sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) using your test account. You should see a dialog that requires you to accept your terms of use. :::image type="content" source="./media/require-tou/57.png" alt-text="Screenshot of a dialog box titled Identity Security Protection terms of use, with Decline and Accept buttons and a button labeled My TOU." border="false"::: |
active-directory | Howto Add App Roles In Apps | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/howto-add-app-roles-in-apps.md | If you have not already done so, you'll need to assign yourself as the applicati > > Ensure that both the API application and the application you want to add permissions to both have an owner, otherwise the API will not be listed when requesting API permissions. -## Assign users and groups to roles --Once you've added app roles in your application, you can assign users and groups to the roles. Assignment of users and groups to roles can be done through the portal's UI, or programmatically using [Microsoft Graph](/graph/api/user-post-approleassignments). When the users assigned to the various app roles sign in to the application, their tokens will have their assigned roles in the `roles` claim. --To assign users and groups to roles by using the Microsoft Entra admin center: --1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Cloud Application Administrator](../roles/permissions-reference.md#cloud-application-administrator). -1. If you have access to multiple tenants, use the **Directories + subscriptions** filter :::image type="icon" source="./media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant that contains the app registration to which you want to add an app role. -1. Browse to **Identity** > **Applications** > **Enterprise applications**. -1. Select **All applications** to view a list of all your applications. If your application doesn't appear in the list, use the filters at the top of the **All applications** list to restrict the list, or scroll down the list to locate your application. -1. Select the application in which you want to assign users or security group to roles. -1. Under **Manage**, select **Users and groups**. -1. Select **Add user** to open the **Add Assignment** pane. -1. Select the **Users and groups** selector from the **Add Assignment** pane. A list of users and security groups is displayed. You can search for a certain user or group and select multiple users and groups that appear in the list. -1. Once you've selected users and groups, select the **Select** button to proceed. -1. Select **Select a role** in the **Add assignment** pane. All the roles that you've defined for the application are displayed. -1. Choose a role and select the **Select** button. -1. Select the **Assign** button to finish the assignment of users and groups to the app. --Confirm that the users and groups you added appear in the **Users and groups** list. - ## Assign app roles to applications -Once you've added app roles in your application, you can assign an app role to a client app by using the Microsoft Entra admin center or programmatically by using [Microsoft Graph](/graph/api/user-post-approleassignments). +Once you've added app roles in your application, you can assign an app role to a client app by using the Microsoft Entra admin center or programmatically by using [Microsoft Graph](/graph/api/user-post-approleassignments). This is not to be confused with [assigning roles to users](../roles/manage-roles-portal.md). When you assign app roles to an application, you create _application permissions_. Application permissions are typically used by daemon apps or back-end services that need to authenticate and make authorized API call as themselves, without the interaction of a user. To assign app roles to an application by using the Microsoft Entra admin center: 1. Select the application to which you want to assign an app role. 1. Select **API permissions** > **Add a permission**. 1. Select the **My APIs** tab, and then select the app for which you defined app roles.-1. Select **Application permissions**. -1. Select the role(s) you want to assign. +1. Under **Permission**, select the role(s) you want to assign. 1. Select the **Add permissions** button complete addition of the role(s). The newly added roles should appear in your app registration's **API permissions** pane. Developers can use app roles to control whether a user can sign in to an app or App roles are preferred by developers when they want to describe and control the parameters of authorization in their app themselves. For example, an app using groups for authorization will break in the next tenant as both the group ID and name could be different. An app using app roles remains safe. In fact, assigning groups to app roles is popular with SaaS apps for the same reasons as it allows the SaaS app to be provisioned in multiple tenants. +## Assign users and groups to Microsoft Entra roles ++Once you've added app roles in your application, you can assign users and groups to [Microsoft Entra roles](../roles/permissions-reference.md). Assignment of users and groups to roles can be done through the portal's UI, or programmatically using [Microsoft Graph](/graph/api/user-post-approleassignments). When the users assigned to the various roles sign in to the application, their tokens will have their assigned roles in the `roles` claim. ++To assign users and groups to roles by using the Microsoft Entra admin center: ++1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Cloud Application Administrator](../roles/permissions-reference.md#cloud-application-administrator). +1. If you have access to multiple tenants, use the **Directories + subscriptions** filter :::image type="icon" source="./media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant that contains the app registration to which you want to add an app role. +1. Browse to **Identity** > **Applications** > **Enterprise applications**. +1. Select **All applications** to view a list of all your applications. If your application doesn't appear in the list, use the filters at the top of the **All applications** list to restrict the list, or scroll down the list to locate your application. +1. Select the application in which you want to assign users or security group to roles. +1. Under **Manage**, select **Users and groups**. +1. Select **Add user** to open the **Add Assignment** pane. +1. Select the **Users and groups** selector from the **Add Assignment** pane. A list of users and security groups is displayed. You can search for a certain user or group and select multiple users and groups that appear in the list. +1. Once you've selected users and groups, select the **Select** button to proceed. +1. Select **Select a role** in the **Add assignment** pane. All the roles that you've defined for the application are displayed. +1. Choose a role and select the **Select** button. +1. Select the **Assign** button to finish the assignment of users and groups to the app. ++Confirm that the users and groups you added appear in the **Users and groups** list. + ## Next steps Learn more about app roles with the following resources. |
active-directory | Howto Create Service Principal Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/howto-create-service-principal-portal.md | To upload the certificate: After registering the certificate with your application in the application registration portal, enable the [confidential client application](authentication-flows-app-scenarios.md#single-page-public-client-and-confidential-client-applications) code to use the certificate. -### Option 3: Create a new application secret +### Option 3: Create a new client secret -If you choose not to use a certificate, you can create a new application secret. +If you choose not to use a certificate, you can create a new client secret. 1. Browse to **Identity** > **Applications** > **App registrations**, then select your application. 1. Select **Certificates & secrets**. If you choose not to use a certificate, you can create a new application secret. 1. Provide a description of the secret, and a duration. 1. Select **Add**. -Once you've saved the client secret, the value of the client secret is displayed. Copy this value because you won't be able to retrieve the key later. You'll provide the key value with the application ID to sign in as the application. Store the key value where your application can retrieve it. +Once you've saved the client secret, the value of the client secret is displayed. This is only displayed once, so copy this value and store it where your application can retrieve it, usually where your application keeps values like `clientId`, or `authoruty` in the source code. You'll provide the secret value along with with the application's client ID to sign in as the application. :::image type="content" source="media/howto-create-service-principal-portal/copy-secret.png" alt-text="Screenshot showing the client secret."::: To configure access policies: 1. Sign in to the [Azure portal](https://portal.azure.com). 1. Select your key vault and select **Access policies**.-1. Select **Add access policy**, then select the key, secret, and certificate permissions you want to grant your application. Select the service principal you created previously. +1. Select **Add access policy**, then select the key, secret, and certificate permissions you want to grant your application. Select the service principal you created previously. 1. Select **Add** to add the access policy. 1. **Save**. |
active-directory | Howto Get List Of All Auth Library Apps | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/howto-get-list-of-all-auth-library-apps.md | No sign-in event that occurred *before* you configure Microsoft Entra ID to send Once you've integrated your Microsoft Entra sign-in and audit logs with Azure Monitor as specified in the Azure Monitor integration, access the sign-ins workbook: - 1. Sign in to the [Azure portal](https://portal.azure.com). - 1. Navigate to **Identity** > **Monitoring & health** > **Workbooks**. + 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Reports Reader](../roles/permissions-reference.md#reports-reader). + 1. Browse to **Identity** > **Monitoring & health** > **Workbooks**. 1. In the **Usage** section, open the **Sign-ins** workbook. :::image type="content" source="media/howto-get-list-of-all-auth-library-apps/sign-in-workbook.png" alt-text="Screenshot of the Azure portal workbooks interface highlighting the sign-ins workbook."::: |
active-directory | Msal Android Shared Devices | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/msal-android-shared-devices.md | Shared device mode also provides Microsoft identity backed management of the dev To create a shared device mode app, developers and cloud device admins work together: - Developers write a single-account app (multiple-account apps aren't supported in shared device mode), add `"shared_device_mode_supported": true` to the app's configuration, and write code to handle things like shared device sign-out.-- Device admins prepare the device to be shared by installing the authenticator app, and setting the device to shared mode using the authenticator app. Only users who are in the [Cloud Device Administrator](../roles/permissions-reference.md#cloud-device-administrator) role can put a device into shared mode by using the [Authenticator app](https://support.microsoft.com/account-billing/how-to-use-the-microsoft-authenticator-app-9783c865-0308-42fb-a519-8cf666fe0acc). You can configure the membership of your organizational roles in the Azure portal via:- **Identity** > **Roles & admins** > **Roles & admins** > **Cloud Device Administrator**. +- Device admins prepare the device to be shared by installing the authenticator app, and setting the device to shared mode using the authenticator app. Only users who are in the [Cloud Device Administrator](../roles/permissions-reference.md#cloud-device-administrator) role can put a device into shared mode by using the [Authenticator app](https://support.microsoft.com/account-billing/how-to-use-the-microsoft-authenticator-app-9783c865-0308-42fb-a519-8cf666fe0acc). You can configure the membership of your organizational roles in the Microsoft Entra admin center under: ++**Identity** > **Roles & Admins** > **Roles & Admins** > **Cloud Device Administrator**. This article focuses primarily what developers should think about. |
active-directory | Quickstart Console App Nodejs Acquire Token | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/quickstart-console-app-nodejs-acquire-token.md | Follow the steps below to get started. To register your application and add the app's registration information to your solution manually, follow these steps: -1. Sign in to the [Azure portal](https://portal.azure.com). -1. If you have access to multiple tenants, use the **Directories + subscriptions** filter :::image type="icon" source="media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant in which you want to register the application. -1. Search for and select **Microsoft Entra ID**. -1. Under **Manage**, select **App registrations** > **New registration**. +1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator). +1. Browse to **Identity** > **Applications** > **App registrations**. +1. Select **New registration**. 1. Enter a **Name** for your application, for example `msal-node-cli`. Users of your app might see this name, and you can change it later. 1. Select **Register**. 1. Under **Manage**, select **Certificates & secrets**. To register your application and add the app's registration information to your 1. Extract the zip file to a local folder close to the root of the disk, for example, *C:/Azure-Samples*. 1. Edit *.env* and replace the values of the fields `TENANT_ID`, `CLIENT_ID`, and `CLIENT_SECRET` with the following snippet: - ``` - "TENANT_ID": "Enter_the_Tenant_Id_Here", + ``` + "TENANT_ID": "Enter_the_Tenant_Id_Here", "CLIENT_ID": "Enter_the_Application_Id_Here", "CLIENT_SECRET": "Enter_the_Client_Secret_Here" ```+ Where:- - `Enter_the_Application_Id_Here` - is the **Application (client) ID** of the application you registered earlier. Find this ID on the app registration's **Overview** pane in the Azure portal. - - `Enter_the_Tenant_Id_Here` - replace this value with the **Tenant ID** or **Tenant name** (for example, contoso.microsoft.com). Find these values on the app registration's **Overview** pane in the Azure portal. - - `Enter_the_Client_Secret_Here` - replace this value with the client secret you created earlier. To generate a new key, use **Certificates & secrets** in the app registration settings in the Azure portal. + - `Enter_the_Application_Id_Here` - is the **Application (client) ID** of the application you registered earlier. Find this ID on the app registration's **Overview**. + - `Enter_the_Tenant_Id_Here` - replace this value with the **Tenant ID** or **Tenant name** (for example, contoso.microsoft.com). Find these values on the app registration's **Overview**. + - `Enter_the_Client_Secret_Here` - replace this value with the client secret you created earlier. To generate a new key, use **Certificates & secrets** in the app registration settings. Using a plaintext secret in the source code poses an increased security risk for your application. Although the sample in this quickstart uses a plaintext client secret, it's only for simplicity. We recommend using [certificate credentials](./certificate-credentials.md) instead of client secrets in your confidential client applications, especially those apps you intend to deploy to production. -3. Edit *.env* and replace the Microsoft Entra ID and Microsoft Graph endpoints with the following values: +1. Edit *.env* and replace the Microsoft Entra ID and Microsoft Graph endpoints with the following values: - For the Microsoft Entra endpoint, replace `Enter_the_Cloud_Instance_Id_Here` with `https://login.microsoftonline.com`. - For the Microsoft Graph endpoint, replace `Enter_the_Graph_Endpoint_Here` with `https://graph.microsoft.com/`. #### Step 4: Admin consent -If you try to run the application at this point, you'll receive *HTTP 403 - Forbidden* error: `Insufficient privileges to complete the operation`. This error happens because any *app-only permission* requires **admin consent**: a global administrator of your directory must give consent to your application. Select one of the options below depending on your role: +If you try to run the application at this point, you'll receive *HTTP 403 - Forbidden* error: `Insufficient privileges to complete the operation`. This error happens because any *app-only permission* requires **admin consent**: an [Application Administrator](../roles/permissions-reference.md#application-administrator) or [Global Administrator](../roles/permissions-reference.md#global-administrator) must give consent to your application. Select one of the options below depending on your role: -##### Global tenant administrator +##### Administrators -If you're a global tenant administrator, go to **API Permissions** page in the Azure portal's Application Registration and select **Grant admin consent for {Tenant Name}** (where {Tenant Name} is the name of your directory). +If you're assigned the [Application Administrator](../roles/permissions-reference.md#application-administrator) or [Global Administrator](../roles/permissions-reference.md#global-administrator) roles, go to **API Permissions** page in the Azure portal's Application Registration and select **Grant admin consent for {Tenant Name}** (where {Tenant Name} is the name of your directory). -##### Standard user +##### Standard users If you're a standard user of your tenant, then you need to ask a global administrator to grant **admin consent** for your application. To do this, give the following URL to your administrator: |
active-directory | Quickstart Single Page App Angular Sign In | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/quickstart-single-page-app-angular-sign-in.md | -In this article you'll register a SPA in the Microsoft Entra admin center, and download a sample Angular SPA. Next, you'll run the sample application, sign in with your personal Microsoft account or a work/school account, and sign out. - ## Prerequisites * An Azure account with an active subscription. If you don't already have one, [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F). To obtain the sample application, you can either clone it from GitHub or downloa ```console git clone https://github.com/Azure-Samples/ms-identity-docs-code-javascript.git ```--- [Download the .zip file](https://github.com/Azure-Samples/ms-identity-docs-code-javascript/archive/refs/heads/main.zip)+- [Download the .zip file](https://github.com/Azure-Samples/ms-identity-docs-code-javascript/archive/refs/heads/main.zip). Extract it to a file path where the length of the name is fewer than 260 characters. ## Configure the project |
active-directory | Quickstart Single Page App Javascript Sign In | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/quickstart-single-page-app-javascript-sign-in.md | -In this article you'll register a SPA in the Microsoft Entra admin center, and download a sample JS SPA. Next, you'll run the sample application, sign in with your personal Microsoft account or a work or school account, and sign out. - ## Prerequisites * An Azure account with an active subscription. If you don't already have one, [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F). To obtain the sample application, you can either clone it from GitHub or downloa ```console git clone https://github.com/Azure-Samples/ms-identity-javascript-tutorial ```--- [Download the .zip file](https://github.com/Azure-Samples/ms-identity-javascript-tutorial/archive/refs/heads/main.zip).+- [Download the .zip file](https://github.com/Azure-Samples/ms-identity-javascript-tutorial/archive/refs/heads/main.zip). Extract it to a file path where the length of the name is fewer than 260 characters. ## Configure the project 1. In your IDE, open the project folder, *ms-identity-javascript-tutorial/angular-spa*, containing the sample. 1. Open *1-Authentication/1-sign-in/App/authConfig.js* and replace the file contents with the following snippet: - ```javascript - /** - * Configuration object to be passed to MSAL instance on creation. - * For a full list of MSAL.js configuration parameters, visit: - * https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/configuration.md - */ - - const msalConfig = { - auth: { - clientId: 'Enter_the_Application_Id_Here', // This is the ONLY mandatory field that you need to supply. - authority: 'https://login.microsoftonline.com/Enter_the_Tenant_Info_Here', // Defaults to "https://login.microsoftonline.com/common" - redirectUri: '/', // You must register this URI on Azure Portal/App Registration. Defaults to window.location.href e.g. http://localhost:3000/ - navigateToLoginRequestUrl: true, // If "true", will navigate back to the original request location before processing the auth code response. - }, - cache: { - cacheLocation: 'sessionStorage', // Configures cache location. "sessionStorage" is more secure, but "localStorage" gives you SSO. - storeAuthStateInCookie: false, // set this to true if you have to support IE - }, - system: { - loggerOptions: { - loggerCallback: (level, message, containsPii) => { - if (containsPii) { - return; - } - switch (level) { - case msal.LogLevel.Error: - console.error(message); - return; - case msal.LogLevel.Info: - console.info(message); - return; - case msal.LogLevel.Verbose: - console.debug(message); - return; - case msal.LogLevel.Warning: - console.warn(message); - return; - } - }, - }, - }, - }; - - /** - * Scopes you add here will be prompted for user consent during sign-in. - * By default, MSAL.js will add OIDC scopes (openid, profile, email) to any login request. - * For more information about OIDC scopes, visit: - * https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent#openid-connect-scopes - */ - const loginRequest = { - scopes: ["openid", "profile"], - }; - - /** - * An optional silentRequest object can be used to achieve silent SSO - * between applications by providing a "login_hint" property. - */ - - // const silentRequest = { - // scopes: ["openid", "profile"], - // loginHint: "example@domain.net" - // }; - - // exporting config object for jest - if (typeof exports !== 'undefined') { - module.exports = { - msalConfig: msalConfig, - loginRequest: loginRequest, - }; - } - ``` + :::code language="csharp" source="~/ms-identity-docs-code-javascript/js-spa/App/authConfig.js"::: * `TenantId` - The identifier of the tenant where the application is registered. Replace the text in quotes with the **Directory (tenant) ID** that was recorded earlier from the overview page of the registered application. * `ClientId` - The identifier of the application, also referred to as the client. Replace the text in quotes with the **Directory (tenant) ID** value that was recorded earlier from the overview page of the registered application. Run the project with a web server by using Node.js: npm install npm start ```-1. Copy the https URL that appears in the terminal, for example, `https://localhost:3000`, and paste it into a browser. We recommend using a private or incognito browser session. +1. Copy the `https` URL that appears in the terminal, for example, `https://localhost:3000`, and paste it into a browser. We recommend using a private or incognito browser session. 1. Follow the steps and enter the necessary details to sign in with your Microsoft account. You'll be requested an email address so a one time passcode can be sent to you. Enter the code when prompted. 1. The application will request permission to maintain access to data you have given it access to, and to sign you in and read your profile. Select **Accept**. 1. The following screenshot appears, indicating that you have signed in to the application and have accessed your profile details from the Microsoft Graph API. |
active-directory | Quickstart Single Page App React Sign In | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/quickstart-single-page-app-react-sign-in.md | -In this article you'll register a SPA in the Microsoft Entra admin center, and download a sample React SPA. Next, you'll run the sample application, sign in with your personal Microsoft account or a work or school account, and sign out. - ## Prerequisites * An Azure account with an active subscription. If you don't already have one, [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F). In this article you'll register a SPA in the Microsoft Entra admin center, and d 1. Select **New registration**. 1. When the **Register an application** page appears, enter a name for your application, such as *identity-client-app*. 1. Under **Supported account types**, select **Accounts in any organizational directory and personal Microsoft accounts**.-1. The application's overview pane is displayed when registration is complete. Record the **Directory (tenant) ID** and the **Application (client) ID** to be used in your application source code. 1. Select **Register**. 1. The application's Overview pane displays upon successful registration. Record the **Application (client) ID** and **Directory (tenant) ID** to be used in your application source code. To obtain the sample application, you can either clone it from GitHub or downloa ```console git clone https://github.com/Azure-Samples/ms-identity-docs-code-javascript.git ```-- [Download the .zip file](https://github.com/Azure-Samples/ms-identity-docs-code-javascript/tree/main)--If you choose to download the `.zip` file, extract the sample app file to a folder where the total length of the path is 260 or fewer characters. +- [Download the .zip file](https://github.com/Azure-Samples/ms-identity-docs-code-javascript/tree/main). Extract it to a file path where the length of the name is fewer than 260 characters. ## Configure the project |
active-directory | Quickstart V2 Aspnet Core Web Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/quickstart-v2-aspnet-core-web-api.md | -> 1. Sign in to the [Azure portal](https://portal.azure.com/). -> 1. If access to multiple tenants is available, use the **Directories + subscriptions** filter :::image type="icon" source="./media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant in which to register the application. -> 1. Search for and select **Microsoft Entra ID**. -> 1. Under **Manage**, select **App registrations** > **New registration**. +> 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator). +> 1. Browse to **Identity** > **Applications** > **App registrations**. +> 1. Select **New registration**. > 1. For **Name**, enter a name for the application. For example, enter **AspNetCoreWebApi-Quickstart**. Users of the app will see this name, and can be changed later. > 1. Select **Register**. > 1. Under **Manage**, select **Expose an API** > **Add a scope**. For **Application ID URI**, accept the default by selecting **Save and continue**, and then enter the following details: This quickstart will be deprecated in the near future and will be updated to use > > The line that contains `.AddMicrosoftIdentityWebApi` adds the Microsoft identity platform authorization to the web API. It's then configured to validate access tokens issued by the Microsoft identity platform based on the information in the `AzureAD` section of the *appsettings.json* configuration file: > -> | *appsettings.json* key | Description -| -> ||-| -> | `ClientId` | Application (client) ID of the application registered in the Azure portal. | -> | `Instance` | Security token service (STS) endpoint for the user to authenticate. This value is typically `https://login.microsoftonline.com/`, indicating the Azure public cloud. | -> | `TenantId` | Name of your tenant or its tenant ID (a GUID), or `common` to sign in users with work or school accounts or Microsoft personal accounts. | +> |*appsettings.json* key | Description | +> | | -- | +> | `ClientId` | Application (client) ID of the application registered. | +> | `Instance` | Security token service (STS) endpoint for the user to authenticate. This value is typically `https://login.microsoftonline.com/`, indicating the Azure public cloud. | +> | `TenantId` | Name of your tenant or its tenant ID (a GUID), or `common` to sign in users with work or school accounts or Microsoft personal accounts. | > > The `Configure()` method contains two important methods, `app.UseAuthentication()` and `app.UseAuthorization()`, that enable their named functionality: > |
active-directory | Quickstart V2 Dotnet Native Aspnet | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/quickstart-v2-dotnet-native-aspnet.md | -> 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Cloud Application Administrator](../roles/permissions-reference.md#cloud-application-administrator). -> 1. If you have access to multiple tenants, use the **Directory + subscription** filter :::image type="icon" source="./media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to select the tenant in which you want to register an application. -> 1. Browse to **Identity** > **Applications** > **App registrations** and select **New registration**. +> 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator). +> 1. Browse to **Identity** > **Applications** > **App registrations**. +> 1. Select **New registration**. > 1. Enter a **Name** for your application, for example `AppModelv2-NativeClient-DotNet-TodoListService`. Users of your app might see this name, and you can change it later. > 1. For **Supported account types**, select **Accounts in any organizational directory**. > 1. Select **Register** to create the application. |
active-directory | Quickstart Web App Aspnet Core Sign In | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/quickstart-web-app-aspnet-core-sign-in.md | In this article you register a web application in the Microsoft Entra admin cent ## Clone or download the sample application To obtain the sample application, you can either clone it from GitHub or download it as a *.zip* file.-- [Download the .zip file](https://github.com/Azure-Samples/ms-identity-docs-code-dotnet/archive/refs/heads/main.zip). Extract it to a file path where the length of the name is fewer than 260 characters. - To clone the sample, open a command prompt and navigate to where you wish to create the project, and enter the following command: ```console git clone https://github.com/Azure-Samples/ms-identity-docs-code-dotnet.git ```+- [Download the .zip file](https://github.com/Azure-Samples/ms-identity-docs-code-dotnet/archive/refs/heads/main.zip). Extract it to a file path where the length of the name is fewer than 260 characters. ## Create and upload a self-signed certificate |
active-directory | Scenario Protected Web Api App Registration | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/scenario-protected-web-api-app-registration.md | To add another layer of security, a Microsoft Entra tenant administrator can con To increase security by restricting token issuance only to client apps that have been assigned app roles: -1. In the Azure portal, select your app in **Identity** > **App registrations**. +1. In the [Microsoft Entra admin center](https://entra.microsoft.com), select your app under **Identity** > **Applications** > **App registrations**. 1. On the application's overview page, select its **Managed application in local directory** link to navigate to its **Enterprise Application Overview** page. 1. Under **Manage**, select **Properties**. 1. Set **Assignment required?** to **Yes**. |
active-directory | Single Page App Tutorial 02 Prepare Spa | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/single-page-app-tutorial-02-prepare-spa.md | Identity related **npm** packages must be installed in the project to enable use 1. Ensure that the correct directory is selected (*reactspalocal*) then enter the following into the terminal to install the relevant `msal` and `bootstrap` packages. ```powershell- npm install @azure/msal-browser @azure/msal-react + npm install @azure/msal-browser @azure/msal-react @azure/msal-common npm install react-bootstrap bootstrap ``` |
active-directory | Test Setup Environment | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/test-setup-environment.md | If your app will primarily be used by a single organization (commonly referred t Replicating Conditional Access policies ensures you don't encounter unexpected blocked access when moving to production and your application can appropriately handle the errors it's likely to receive. -Viewing your production tenant Conditional Access policies may need to be performed by a company administrator. +Viewing your production tenant Conditional Access policies may need to be performed by a [Conditional Access Administrator](../roles/permissions-reference.md#conditional-access-administrator). 1. Go to **Identity** > **Applications** > **Enterprise applications** > **Conditional Access**. 1. View the list of policies in your tenant. Click the first one. 1. Navigate to **Cloud apps or actions**. 1. If the policy only applies to a select group of apps, then move on to the next policy. If not, then it will likely apply to your app as well when you move to production. You should copy the policy over to your test tenant. -In a new tab or browser session, sign in to the [Azure portal](https://portal.azure.com) to access your test tenant. +In a new tab or browser session, sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Conditional Access Administrator](../roles/permissions-reference.md#conditional-access-administrator) to access your test tenant. -1. Browse to **Identity** > **Applications** > **Enterprise applications** > **Conditional Access**. +1. Browse to **Protection** > **Conditional Access**. 1. Select **Create new policy** 1. Copy the settings from the production tenant policy, identified through the previous steps. |
active-directory | V2 Protocols Oidc | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/v2-protocols-oidc.md | ID tokens aren't issued by default for an application registered with the Micros Or: -1. Select **Identity** > **App registrations** > *\<your application\>* > **Manifest**. +1. Select **Identity** > **Applications** > **App registrations** > *\<your application\>* > **Manifest**. 1. Set `oauth2AllowIdTokenImplicitFlow` to `true` in the app registration's [application manifest](reference-app-manifest.md). If ID tokens are not enabled for your app and one is requested, the Microsoft identity platform returns an `unsupported_response` error similar to: |
active-directory | V2 Protocols | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/v2-protocols.md | https://login.microsoftonline.com/<issuer>/oauth2/v2.0/token To find the endpoints for an application you've registered, in the [Microsoft Entra admin center](https://entra.microsoft.com) navigate to: -**Identity** > **App registrations** > \<YOUR-APPLICATION\> > **Endpoints** +**Identity** > **Applications** > **App registrations** > \<YOUR-APPLICATION\> > **Endpoints** ## Next steps |
active-directory | Web Api Quickstart Portal Aspnet Core | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/web-api-quickstart-portal-aspnet-core.md | -> 1. Sign in to the [Azure portal](https://portal.azure.com/). -> 1. If you have access to multiple tenants, use the **Directories + subscriptions** filter :::image type="icon" source="./media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant in which you want to register the application. -> 1. Search for and select **Identity**. -> 1. Under **Manage**, select **App registrations** > **New registration**. +> 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator). +> 1. Browse to **Identity** > **Applications** > **App registrations**. +> 1. Select **New registration**. > 1. For **Name**, enter a name for your application. For example, enter **AspNetCoreWebApi-Quickstart**. Users of your app will see this name, and you can change it later. > 1. Select **Register**. > 1. Under **Manage**, select **Expose an API** > **Add a scope**. For **Application ID URI**, accept the default by selecting **Save and continue**, and then enter the following details:-> - Replace `Enter_the_Application_Id_here` with the application (client) ID of the application that you registered in the Azure portal. You can find the application (client) ID on the app's **Overview** page. +> - Replace `Enter_the_Application_Id_here` with the application (client) ID of the application that you registered. You can find the application (client) ID on the app's **Overview** page. > - Replace `Enter_the_Tenant_Info_Here` with one of the following: > - If your application supports **Accounts in this organizational directory only**, replace this value with the directory (tenant) ID (a GUID) or tenant name (for example, `contoso.onmicrosoft.com`). You can find the directory (tenant) ID on the app's **Overview** page. > - If your application supports **Accounts in any organizational directory**, replace this value with `organizations`.-> | *appsettings.json* key | Description | -> ||-| -> | `ClientId` | Application (client) ID of the application registered in the Azure portal. | -> | `Instance` | Security token service (STS) endpoint for the user to authenticate. This value is typically `https://login.microsoftonline.com/`, indicating the Azure public cloud. | -> | `TenantId` | Name of your tenant or its tenant ID (a GUID), or `common` to sign in users with work or school accounts or Microsoft personal accounts. | +> | *appsettings.json* key | Description | +> |--|--| +> | `ClientId` | Application (client) ID of the application registered. | +> | `Instance` | Security token service (STS) endpoint for the user to authenticate. This value is typically `https://login.microsoftonline.com/`, indicating the Azure public cloud. | +> | `TenantId` | Name of your tenant or its tenant ID (a GUID), or `common` to sign in users with work or school accounts or Microsoft personal accounts. | > > The `Configure()` method contains two important methods, `app.UseAuthentication()` and `app.UseAuthorization()`, that enable their named functionality: > |
active-directory | Web Api Quickstart Portal Dotnet Native Aspnet | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/web-api-quickstart-portal-dotnet-native-aspnet.md | -> 1. Sign in to the [Azure portal](https://portal.azure.com/). -> 1. If you have access to multiple tenants, use the **Directory + subscription** filter :::image type="icon" source="./media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to select the tenant in which you want to register an application. -> 1. Find and select **Identity**. -> 1. Under **Manage**, select **App registrations** > **New registration**. +> 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator). +> 1. Browse to **Identity** > **Applications** > **App registrations**. +> 1. Select **New registration**. > 1. Enter a **Name** for your application, for example `AppModelv2-NativeClient-DotNet-TodoListService`. Users of your app might see this name, and you can change it later. > 1. For **Supported account types**, select **Accounts in any organizational directory**. > 1. Select **Register** to create the application. |
active-directory | Assign Local Admin | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/assign-local-admin.md | Additionally, you can also add users using the command prompt: ## Next steps -- To get an overview of how to manage devices, see [managing devices using the Azure portal](manage-device-identities.md).+- To get an overview of how to manage devices, see [managing device identities](manage-device-identities.md). - To learn more about device-based Conditional Access, see [Conditional Access: Require compliant or Microsoft Entra hybrid joined device](../conditional-access/howto-conditional-access-policy-compliant-device.md). |
active-directory | Concept Device Registration | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/concept-device-registration.md | The goal of Microsoft Entra registered - also known as Workplace joined - device Microsoft Entra registered devices are signed in to using a local account like a Microsoft account on a Windows 10 or newer device. These devices have a Microsoft Entra account for access to organizational resources. Access to resources in the organization can be limited based on that Microsoft Entra account and Conditional Access policies applied to the device identity. -Microsoft Entra Registration is not the same as device enrolment. If Administrators permit users to enrol their devices, organisations can further control these Microsoft Entra registered devices by enrolling the device(s) into Mobile Device Management (MDM) tools like Microsoft Intune. MDM provides a means to enforce organization-required configurations like requiring storage to be encrypted, password complexity, and security software kept updated. +Microsoft Entra Registration is not the same as device enrollment. If Administrators permit users to enroll their devices, organizations can further control these Microsoft Entra registered devices by enrolling the device(s) into Mobile Device Management (MDM) tools like Microsoft Intune. MDM provides a means to enforce organization-required configurations like requiring storage to be encrypted, password complexity, and security software kept updated. Microsoft Entra registration can be accomplished when accessing a work application for the first time or manually using the Windows 10 or Windows 11 Settings menu. Another user wants to access their organizational email on their personal Androi ## Next steps -- [Manage device identities using the Azure portal](manage-device-identities.md)+- [Manage device identities](manage-device-identities.md) - [Manage stale devices in Microsoft Entra ID](manage-stale-devices.md) - [Register your personal device on your work or school network](https://support.microsoft.com/account-billing/register-your-personal-device-on-your-work-or-school-network-8803dd61-a613-45e3-ae6c-bd1ab25bf8a8) |
active-directory | Concept Directory Join | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/concept-directory-join.md | Microsoft Entra join can be deployed by using any of the following methods: - [Plan your Microsoft Entra join implementation](device-join-plan.md) - [Co-management using Configuration Manager and Microsoft Intune](/mem/configmgr/comanage/overview) - [How to manage the local administrators group on Microsoft Entra joined devices](assign-local-admin.md)-- [Manage device identities using the Azure portal](manage-device-identities.md)+- [Manage device identities](manage-device-identities.md) - [Manage stale devices in Microsoft Entra ID](manage-stale-devices.md) |
active-directory | Concept Hybrid Join | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/concept-hybrid-join.md | Use Microsoft Entra hybrid joined devices if: - [Plan your Microsoft Entra hybrid join implementation](hybrid-join-plan.md) - [Co-management using Configuration Manager and Microsoft Intune](/mem/configmgr/comanage/overview)-- [Manage device identities using the Azure portal](manage-device-identities.md)+- [Manage device identities](manage-device-identities.md) - [Manage stale devices in Microsoft Entra ID](manage-stale-devices.md) |
active-directory | Device Join Out Of Box | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/device-join-out-of-box.md | To verify whether a device is joined to your Microsoft Entra ID, review the **Ac ## Next steps -- For more information about managing devices, see [managing devices using the Azure portal](manage-device-identities.md).+- For more information about managing devices, see [managing device identities](manage-device-identities.md). - [What is Microsoft Intune?](/mem/intune/fundamentals/what-is-intune) - [Overview of Windows Autopilot](/mem/autopilot/windows-autopilot) - [Passwordless authentication options for Microsoft Entra ID](../authentication/concept-authentication-passwordless.md) |
active-directory | Device Join Plan | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/device-join-plan.md | Choose your deployment approach or approaches by reviewing the previous table an ## Configure your device settings -The Azure portal allows you to control the deployment of Microsoft Entra joined devices in your organization. To configure the related settings, on the **Microsoft Entra ID page**, select `Devices > Device settings`. [Learn more](manage-device-identities.md) +The [Microsoft Entra admin center](https://entra.microsoft.com) allows you to control the deployment of Microsoft Entra joined devices in your organization. To configure the related settings, browse to **Identity** > **Devices** > **All devices** > **Device settings**. [Learn more](manage-device-identities.md) <a name='users-may-join-devices-to-azure-ad'></a> |
active-directory | Enterprise State Roaming Group Policy Settings | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/enterprise-state-roaming-group-policy-settings.md | -Enterprises that want to manage roaming for personal (unmanaged) devices can use the Azure portal to enable or disable roaming, rather than using Group Policy or MDM. +Enterprises that want to manage roaming for personal (unmanaged) devices can use the Microsoft Entra admin center to enable or disable roaming, rather than using Group Policy or MDM. The following tables describe the policy settings available. > [!NOTE] |
active-directory | Enterprise State Roaming Troubleshooting | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/enterprise-state-roaming-troubleshooting.md | Enterprise State Roaming requires the device to be registered with Microsoft Ent **Potential issue**: **WamDefaultSet** and **AzureAdJoined** both have ΓÇ£NOΓÇ¥ in the field value, the device was domain-joined and registered with Microsoft Entra ID, and the device doesn't sync. If it's showing this, the device may need to wait for policy to be applied or the authentication for the device failed when connecting to Microsoft Entra ID. The user may have to wait a few hours for the policy to be applied. Other troubleshooting steps may include retrying autoregistration by signing out and back in, or launching the task in Task Scheduler. In some cases, running ΓÇ£*dsregcmd.exe /leave*ΓÇ¥ in an elevated command prompt window, rebooting, and trying registration again may help with this issue. -**Potential issue**: The field for **SettingsUrl** is empty and the device doesn't sync. The user may have last logged in to the device before Enterprise State Roaming was enabled. Restart the device and have the user login. Optionally, in the portal, try having the IT Admin navigate to **Microsoft Entra ID** > **Devices** > **Enterprise State Roaming** disable and re-enable **Users may sync settings and app data across devices**. Once re-enabled, restart the device and have the user login. If this doesn't resolve the issue, **SettingsUrl** may be empty if there's a bad device certificate. In this case, running ΓÇ£*dsregcmd.exe /leave*ΓÇ¥ in an elevated command prompt window, rebooting, and trying registration again may help with this issue. +**Potential issue**: The field for **SettingsUrl** is empty and the device doesn't sync. The user may have last logged in to the device before Enterprise State Roaming was enabled. Restart the device and have the user login. Optionally, in the portal, try having the IT Admin navigate to **Identity** > **Devices** > **Overview** > **Enterprise State Roaming** disable and re-enable **Users may sync settings and app data across devices**. Once re-enabled, restart the device and have the user login. If this doesn't resolve the issue, **SettingsUrl** may be empty if there's a bad device certificate. In this case, running ΓÇ£*dsregcmd.exe /leave*ΓÇ¥ in an elevated command prompt window, rebooting, and trying registration again may help with this issue. ## Enterprise State Roaming and multifactor authentication Under certain conditions, Enterprise State Roaming can fail to sync data if Microsoft Entra multifactor authentication is configured. For more information on these symptoms, see the support document [KB3193683](https://support.microsoft.com/kb/3193683). -**Potential issue**: If your device is configured to require multifactor authentication on the Azure portal, you may fail to sync settings while signing in to a Windows 10 or newer device using a password. This type of multifactor authentication configuration is intended to protect an Azure administrator account. Admin users may still be able to sync by signing in to their Windows 10 or newer devices with their Windows Hello for Business PIN or by completing multifactor authentication while accessing other Azure services like Microsoft 365. +**Potential issue**: If your device is configured to require multifactor authentication on the Microsoft Entra admin center, you may fail to sync settings while signing in to a Windows 10 or newer device using a password. This type of multifactor authentication configuration is intended to protect an Azure administrator account. Admin users may still be able to sync by signing in to their Windows 10 or newer devices with their Windows Hello for Business PIN or by completing multifactor authentication while accessing other Azure services like Microsoft 365. **Potential issue**: Sync can fail if the admin configures the Active Directory Federation Services multifactor authentication Conditional Access policy and the access token on the device expires. Ensure that you sign in and sign out using the Windows Hello for Business PIN or complete multifactor authentication while accessing other Azure services like Microsoft 365. |
active-directory | How To Hybrid Join Verify | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/how-to-hybrid-join-verify.md | Here are three ways to locate and verify the hybrid joined device state: 1. Open Windows PowerShell. 2. Enter `dsregcmd /status`. 3. Verify that both **AzureAdJoined** and **DomainJoined** are set to **YES**.-4. You can use the **DeviceId** and compare the status on the service using either the Azure portal or PowerShell. +4. You can use the **DeviceId** and compare the status on the service using either the Microsoft Entra admin center or PowerShell. For downlevel devices, see the article [Troubleshooting Microsoft Entra hybrid joined down-level devices](troubleshoot-hybrid-join-windows-legacy.md#step-1-retrieve-the-registration-status) -## Using the Azure portal +## Using the Microsoft Entra admin center 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com)ntra.microsoft.com) as at least a [Cloud Device Administrator](../roles/permissions-reference.md#cloud-device-administrator). 1. Browse to **Identity** > **Devices** > **All devices**. |
active-directory | Howto Manage Local Admin Passwords | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/howto-manage-local-admin-passwords.md | You can also use Microsoft Graph API [Get deviceLocalCredentialInfo](/graph/api/ ## List all Windows LAPS enable devices -To list all Windows LAPS enabled devices in Microsoft Entra ID, you can browse to **Microsoft Entra ID** > **Devices** > **Local administrator password recovery (Preview)** or use the Microsoft Graph API. +To list all Windows LAPS enabled devices, you can browse to **Identity** > **Devices** > **Overview** > **Local administrator password recovery (Preview)** or use the Microsoft Graph API. ## Auditing local administrator password update and recovery -To view audit events, you can browse to **Microsoft Entra ID** > **Devices** > **Audit logs**, then use the **Activity** filter and search for **Update device local administrator password** or **Recover device local administrator password** to view the audit events. +To view audit events, you can browse to **Identity** > **Devices** > **Overview** > **Audit logs**, then use the **Activity** filter and search for **Update device local administrator password** or **Recover device local administrator password** to view the audit events. ## Conditional Access policies for local administrator password recovery |
active-directory | Howto Vm Sign In Azure Ad Windows | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/howto-vm-sign-in-azure-ad-windows.md | Exit code -2145648607 translates to `DSREG_AUTOJOIN_DISC_FAILED`. The extension - `curl https://pas.windows.net/ -D -` > [!NOTE]- > Replace `<TenantID>` with the Microsoft Entra tenant ID that's associated with the Azure subscription. If you need to find the tenant ID, you can hover over your account name or select **Microsoft Entra ID** > **Properties** > **Directory ID**. + > Replace `<TenantID>` with the Azure AD tenant ID that's associated with the Azure subscription. If you need to find the tenant ID, you can hover over your account name or select **Identity** > **Overview** > **Properties** > **Tenant ID**. > > Attempts to connect to `enterpriseregistration.windows.net` might return 404 Not Found, which is expected behavior. Attempts to connect to `pas.windows.net` might prompt for PIN credentials or might return 404 Not Found. (You don't need to enter the PIN.) Either one is sufficient to verify that the URL is reachable. |
active-directory | Hybrid Join Control | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/hybrid-join-control.md | Use the following example to create a Group Policy Object (GPO) to deploy a regi 1. Key Path: **SOFTWARE\Microsoft\Windows\CurrentVersion\CDJ\AAD**. 1. Value name: **TenantId**. 1. Value type: **REG_SZ**.- 1. Value data: The GUID or **Tenant ID** of your Microsoft Entra instance (This value can be found in the **Azure portal** > **Microsoft Entra ID** > **Properties** > **Tenant ID**). + 1. Value data: The GUID or **Tenant ID** of your Microsoft Entra instance (This value can be found in the **Microsoft Entra admin center** > **Identity** > **Properties** > **Tenant ID**). 1. Select **OK**. 1. Right-click on the Registry and select **New** > **Registry Item**. 1. On the **General** tab, configure the following. |
active-directory | Manage Device Identities | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/manage-device-identities.md | Title: Manage devices in Microsoft Entra ID using the Azure portal -description: This article describes how to use the Azure portal to manage device identities and monitor related event information. + Title: Manage devices in Microsoft Entra ID using the Microsoft Entra admin center +description: This article describes how to use the Microsoft Entra admin center to manage device identities and monitor related event information. -# Manage device identities by using the Azure portal +# Manage device identities using the Microsoft Entra admin center Microsoft Entra ID provides a central place to manage device identities and monitor related event information. Microsoft Entra ID provides a central place to manage device identities and moni You can access the devices overview by completing these steps: 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Global Reader](../roles/permissions-reference.md#global-reader).-1. Go to **Microsoft Entra ID** > **Devices**. +1. Go to **Identity** > **Devices** > **Overview**. In the devices overview, you can view the number of total devices, stale devices, noncompliant devices, and unmanaged devices. You'll also find links to Intune, Conditional Access, BitLocker keys, and basic monitoring. The exported list includes these device identity attributes: ## Configure device settings -If you want to manage device identities by using the Azure portal, the devices need to be either [registered or joined](overview.md) to Microsoft Entra ID. As an administrator, you can control the process of registering and joining devices by configuring the following device settings. +If you want to manage device identities by using the Microsoft Entra admin center, the devices need to be either [registered or joined](overview.md) to Microsoft Entra ID. As an administrator, you can control the process of registering and joining devices by configuring the following device settings. You must be assigned one of the following roles to view device settings: |
active-directory | Manage Stale Devices | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/manage-stale-devices.md | If the delta between the existing value of the activity timestamp and the curren You have two options to retrieve the value of the activity timestamp: -- The **Activity** column on the [devices page](https://portal.azure.com/#blade/Microsoft_AAD_IAM/DevicesMenuBlade/Devices).+- The **Activity** column on the all devices page. :::image type="content" source="./media/manage-stale-devices/01.png" alt-text="Screenshot listing the name, owner, and other information of devices. One column lists the activity time stamp." border="false"::: Disable or delete Microsoft Entra registered devices in the Microsoft Entra ID. > - Deleting a Microsoft Entra registered device in Microsoft Entra ID does not remove registration on the client. It will only prevent access to resources using device as an identity (e.g. Conditional Access). > - Read more on [how to remove a registration on the client](faq.yml) -## Clean up stale devices in the Azure portal +## Clean up stale devices -While you can clean up stale devices in the Azure portal, it's more efficient, to handle this process using a PowerShell script. Use the latest PowerShell V2 module to use the timestamp filter and to filter out system-managed devices such as Autopilot. +While you can clean up stale devices in the Microsoft Entra admin center, it's more efficient to handle this process using a PowerShell script. Use the latest PowerShell V2 module to use the timestamp filter and to filter out system-managed devices such as Autopilot. A typical routine consists of the following steps: Any authentication where a device is being used to authenticate to Microsoft Ent Devices managed with Intune can be retired or wiped, for more information see the article [Remove devices by using wipe, retire, or manually unenrolling the device](/mem/intune/remote-actions/devices-wipe). -To get an overview of how to manage devices, see [managing devices using the Azure portal](manage-device-identities.md) +To get an overview of how to manage devices, see [managing device identities](manage-device-identities.md) |
active-directory | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/overview.md | Getting devices in to Microsoft Entra ID can be done in a self-service manner or - Learn more about [Microsoft Entra registered devices](concept-device-registration.md) - Learn more about [Microsoft Entra joined devices](concept-directory-join.md) - Learn more about [Microsoft Entra hybrid joined devices](concept-hybrid-join.md)-- To get an overview of how to manage device identities, see [Managing device identities using the Azure portal](manage-device-identities.md).+- To get an overview of how to manage device identities, see [Managing device identities](manage-device-identities.md). - To learn more about device-based Conditional Access, see [Configure Microsoft Entra device-based Conditional Access policies](../conditional-access/concept-conditional-access-grant.md). |
active-directory | Plan Device Deployment | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/plan-device-deployment.md | This article helps you evaluate the methods to integrate your device with Micros The landscape of your user's devices is constantly expanding. Organizations may provide desktops, laptops, phones, tablets, and other devices. Your users may bring their own array of devices, and access information from varied locations. In this environment, your job as an administrator is to keep your organizational resources secure across all devices. -Microsoft Entra ID enables your organization to meet these goals with device identity management. You can now get your devices in Microsoft Entra ID and control them from a central location in the [Azure portal](https://portal.azure.com/). This process gives you a unified experience, enhanced security, and reduces the time needed to configure a new device. +Microsoft Entra ID enables your organization to meet these goals with device identity management. You can now get your devices in Microsoft Entra ID and control them from a central location in the [Microsoft Entra admin center](https://entra.microsoft.com). This process gives you a unified experience, enhanced security, and reduces the time needed to configure a new device. There are multiple methods to integrate your devices into Microsoft Entra ID, they can work separately or together based on the operating system and your requirements: The key benefits of giving your devices a Microsoft Entra identity: * Improve user experience ΓÇô Provide your users with easy access to your organizationΓÇÖs cloud-based resources from both personal and corporate devices. Administrators can enable [Enterprise State Roaming](./enterprise-state-roaming-enable.md) for a unified experience across all Windows devices. -* Simplify deployment and management ΓÇô Simplify the process of bringing devices to Microsoft Entra ID with [Windows Autopilot](/windows/deployment/windows-autopilot/windows-10-autopilot), [bulk provisioning](/mem/intune/enrollment/windows-bulk-enroll), or [self-service: Out of Box Experience (OOBE)](https://support.microsoft.com/account-billing/join-your-work-device-to-your-work-or-school-network-ef4d6adb-5095-4e51-829e-5457430f3973). Manage devices with Mobile Device Management (MDM) tools like [Microsoft Intune](/mem/intune/fundamentals/what-is-intune), and their identities in the [Azure portal](https://portal.azure.com/). +* Simplify deployment and management ΓÇô Simplify the process of bringing devices to Microsoft Entra ID with [Windows Autopilot](/windows/deployment/windows-autopilot/windows-10-autopilot), [bulk provisioning](/mem/intune/enrollment/windows-bulk-enroll), or [self-service: Out of Box Experience (OOBE)](https://support.microsoft.com/account-billing/join-your-work-device-to-your-work-or-school-network-ef4d6adb-5095-4e51-829e-5457430f3973). Manage devices with Mobile Device Management (MDM) tools like [Microsoft Intune](/mem/intune/fundamentals/what-is-intune), and their identities in the [Microsoft Entra admin center](https://entra.microsoft.com). ## Plan the deployment project You may determine that Microsoft Entra hybrid join is the best solution for a de ## Manage your devices -Once you've registered or joined your devices to Microsoft Entra ID, use the [Azure portal](https://portal.azure.com/) as a central place to manage your device identities. The Microsoft Entra devices page enables you to: +Once you've registered or joined your devices to Microsoft Entra ID, use the [Microsoft Entra admin center](https://entra.microsoft.com) as a central place to manage your device identities. The Microsoft Entra devices page enables you to: * [Configure your device settings](manage-device-identities.md#configure-device-settings). * You need to be a local administrator to manage Windows devices. [Microsoft Entra ID updates this membership for Microsoft Entra joined devices](assign-local-admin.md), automatically adding users with the device manager role as administrators to all joined devices. |
active-directory | Troubleshoot Device Windows Joined | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/troubleshoot-device-windows-joined.md | If you have a Windows 11 or Windows 10 device that isn't working with Microsoft 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Global Reader](../roles/permissions-reference.md#global-reader). 1. Browse to **Identity** > **Devices** > **All devices** > **Diagnose and solve problems**. 1. Select **Troubleshoot** under the **Windows 10+ related issue** troubleshooter.- :::image type="content" source="media/troubleshoot-device-windows-joined/devices-troubleshoot-windows.png" alt-text="A screenshot showing the Windows troubleshooter located in the diagnose and solve pane of the Azure portal." lightbox="media/troubleshoot-device-windows-joined/devices-troubleshoot-windows.png"::: + :::image type="content" source="media/troubleshoot-device-windows-joined/devices-troubleshoot-windows.png" alt-text="A screenshot showing the Windows troubleshooter located in the diagnose and solve pane." lightbox="media/troubleshoot-device-windows-joined/devices-troubleshoot-windows.png"::: 1. Select **instructions** and follow the steps to download, run, and collect the required logs for the troubleshooter to analyze.-1. Return to the Azure portal when you've collected and zipped the `authlogs` folder and contents. +1. Return to the Microsoft Entra admin center when you've collected and zipped the `authlogs` folder and contents. 1. Select **Browse** and choose the zip file you wish to upload. :::image type="content" source="media/troubleshoot-device-windows-joined/devices-troubleshoot-windows-upload.png" alt-text="A screenshot showing how to browse to select the logs gathered in the previous step to allow the troubleshooter to make recommendations." lightbox="media/troubleshoot-device-windows-joined/devices-troubleshoot-windows-upload.png"::: |
active-directory | Clean Up Stale Guest Accounts | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/enterprise-users/clean-up-stale-guest-accounts.md | Use the following instructions to learn how to enhance monitoring of inactive gu [!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)] -1. Sign in to the [Azure portal](https://portal.azure.com) and open the [Identity Governance](https://portal.azure.com/#blade/Microsoft_AAD_ERM/DashboardBlade/) page. +1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com). +1. Browse to **Identity governance** > **Dashboard** +1. Access the inactive guest account report by navigating to the **Guest access governance** card then select **View inactive guests**. +1. You will see the inactive guest report which will provide insights about inactive guest users based on 90 days of inactivity. The threshold is set to 90 days by default but can be configured using "Edit inactivity threshold" based on your organization's needs. +1. The following insights are provided as part of this report: -2. Access the inactive guest account report by navigating to "Guest access governance" card and click on "View inactive guests" --3. You will see the inactive guest report which will provide insights about inactive guest users based on 90 days of inactivity. The threshold is set to 90 days by default but can be configured using "Edit inactivity threshold" based on your organization's needs. --4. The following insights are provided as part of this report: - - Guest account overview (total guests and inactive guests with further categorization of guests who have never signed in or signed in at least once) - Guest inactivity distribution (Percentage distribution of guest users based on days since last sign in) - Guest inactivity overview (Guest inactivity guidance to configure inactivity threshold) - Guest accounts summary (A tabular view with details of all guest accounts with insights into their activity state. The Activity state could be active or inactive based on the configured inactivity threshold) -5. The inactive days are calculated based on last sign in date if the user has signed in atleast once. For users who have never signed in, the inactive days are calculated based on creation date. +1. The inactive days are calculated based on last sign in date if the user has signed in atleast once. For users who have never signed in, the inactive days are calculated based on creation date. - ### License requirements +### License requirements [!INCLUDE [active-directory-entra-governance-license.md](../../../includes/active-directory-entra-governance-license.md)] > [!NOTE] |
active-directory | Groups Dynamic Rule Validation | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/enterprise-users/groups-dynamic-rule-validation.md | -Microsoft Entra ID, part of Microsoft Entra, now provides the means to validate dynamic group rules (in public preview). On the **Validate rules** tab, you can validate your dynamic rule against sample group members to confirm the rule is working as expected. When you create or update dynamic group rules, you want to know whether a user or a device will be a member of the group. This knowledge helps you evaluate whether a user or device meets the rule criteria and help you troubleshoot when membership isn't expected. +Microsoft Entra ID provides the means to validate dynamic group rules (in public preview). On the **Validate rules** tab, you can validate your dynamic rule against sample group members to confirm the rule is working as expected. When you create or update dynamic group rules, you want to know whether a user or a device will be a member of the group. This knowledge helps you evaluate whether a user or device meets the rule criteria and help you troubleshoot when membership isn't expected. ## Prerequisites To evaluate the dynamic group rule membership feature, the administrator must have one of the following rules assigned directly: Global Administrator, Groups Administrator, or Intune Administrator. To evaluate the dynamic group rule membership feature, the administrator must ha ## Step-by-step walk-through -To get started, go to **Microsoft Entra ID** > **Groups**. Select an existing dynamic group or create a new dynamic group and select **Dynamic membership rules**. You can then see the **Validate Rules** tab. +To get started, sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Groups Administrator](../roles/permissions-reference.md#groups-administrator). ++Browse to **Identity** > **Groups** > **All groups**. Select an existing dynamic group or create a new dynamic group and select **Dynamic membership rules**. You can then see the **Validate Rules** tab. ![Find the Validate rules tab and start with an existing rule](./media/groups-dynamic-rule-validation/validate-tab.png) |
active-directory | Groups Dynamic Tutorial | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/enterprise-users/groups-dynamic-tutorial.md | First, you'll create a group for your guest users who all are from a single part Now that you have your new group, you can apply the licenses that these partner users need. -1. In Microsoft Entra ID, select **Licenses**, select one or more licenses, and then select **Assign**. +1. In the Microsoft Entra admin center browse to **Identity** > **Billing** > **Licenses** > **All products**, select one or more licenses, and then select **Assign**. 2. Select **Users and groups**, and select the **Guest users Contoso** group, and save your changes. 3. **Assignment options** allow you to turn on or off the service plans included the licenses that you selected. When you make a change, be sure to click **OK** to save your changes. 4. To complete the assignment, on the **Assign license** pane, click **Assign** at the bottom of the pane. Perhaps your ultimate administrative plan is to assign all of your guest users t ### To remove the guest users group -1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Global Administrator](../roles/permissions-reference.md#global-administrator). -1. Select Microsoft Entra ID. -2. Select **Groups**. Select the **Guest users Contoso** group, select the ellipsis (...), and then select **Delete**. When you delete the group, any assigned licenses are removed. +1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Groups Administrator](../roles/permissions-reference.md#groups-administrator). +1. Browse to **Groups** > **All groups**. +1. Select the **Guest users Contoso** group, select the ellipsis (...), and then select **Delete**. When you delete the group, any assigned licenses are removed. ### To restore the All Users group -1. Select **Microsoft Entra ID** > **Groups**. Select the name of the **All users** group to open the group. +1. Select **Identity** > **Groups** > **All groups**. Select the name of the **All users** group to open the group. 1. Select **Dynamic membership rules**, clear all the text in the rule, and select **Save**. ## Next steps |
active-directory | Groups Quickstart Expiration | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/enterprise-users/groups-quickstart-expiration.md | If you don't have an Azure subscription, [create a free account](https://azure.m [!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)] 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Global Administrator](../roles/permissions-reference.md#global-administrator).-1. Select Microsoft Entra ID. --2. Select **Groups** > **All groups** and then select **General**. +1. Browse to **Identity** > **Groups** > **All groups** and then select **General**. ![Self-service group settings page](./media/groups-quickstart-expiration/self-service-settings.png) If you don't have an Azure subscription, [create a free account](https://azure.m ## Set group expiration 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Groups Administrator](../roles/permissions-reference.md#groups-administrator).-1. Select Microsoft Entra ID. -1. Select **Groups** > **All groups** > **Expiration** to open the expiration settings. +1. Browse to **Identity** > **Groups** > **All groups** > **Expiration** to open the expiration settings. ![Expiration settings page for group](./media/groups-quickstart-expiration/expiration-settings.png) That's it! In this quickstart, you successfully set the expiration policy for th ### To remove the expiration policy 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Groups Administrator](../roles/permissions-reference.md#groups-administrator).-1. Select Microsoft Entra ID. -1. Select **Groups** > **All groups** > **Expiration**. +1. Browse to **Identity** > **Groups** > **All groups** > **Expiration**. 1. Set **Enable expiration for these Microsoft 365 groups** to **None**. ### To turn off user creation for groups -1. Select **Microsoft Entra ID** > **Groups** > **General**. -2. Set **Users can create Microsoft 365 groups in Azure portals** to **No**. +1. Browse to **Identity** > **Groups** > **Group settings** > **General**. +1. Set **Users can create Microsoft 365 groups in Azure portals** to **No**. ## Next steps |
active-directory | Licensing Groups Resolve Problems | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/enterprise-users/licensing-groups-resolve-problems.md | The following sections give a description of each potential problem and the way **Problem:** There aren't enough available licenses for one of the products that's specified in the group. You need to either purchase more licenses for the product or free up unused licenses from other users or groups. -To see how many licenses are available, go to **Microsoft Entra ID** > **Licenses** > **All products**. +To see how many licenses are available, go to **Identity** > **Billing** > **Licenses** > **All products**. To see which users and groups are consuming licenses, select a product. Under **Licensed users**, you see a list of all users who have had licenses assigned directly or via one or more groups. Under **Licensed groups**, you see all groups that have that products assigned. |
active-directory | Claims Mapping | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/external-identities/claims-mapping.md | -In the [Azure portal](https://portal.azure.com), you can view or edit the claims that are sent in the SAML token to the application. To access the settings, select **Microsoft Entra ID** > **Enterprise applications** > the application that's configured for single sign-on > **Single sign-on**. See the SAML token settings in the **User Attributes** section. +In the [Microsoft Entra admin center](https://entra.microsoft.com), you can view or edit the claims that are sent in the SAML token to the application. To access the settings, browse to **Identity** > **Applications** > **Enterprise applications** > the application that's configured for single sign-on > **Single sign-on**. See the SAML token settings in the **User Attributes** section. :::image type="content" source="media/claims-mapping/view-claims-in-saml-token-attributes.png" alt-text="Screenshot of the SAML token attributes in the UI."::: |
active-directory | Self Service Sign Up Add Api Connector | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/external-identities/self-service-sign-up-add-api-connector.md | Content-type: application/json } ``` -Only user properties and custom attributes listed in the **Identity** > **External Identities** > **Custom user attributes** experience are available to be sent in the request. +Only user properties and custom attributes listed in the **Identity** > **External Identities** > **Overview** > **Custom user attributes** experience are available to be sent in the request. Custom attributes exist in the **extension_\<extensions-app-id>_AttributeName** format in the directory. Your API should expect to receive claims in this same serialized format. For more information on custom attributes, see [define custom attributes for self-service sign-up flows](user-flow-add-custom-attributes.md). |
active-directory | User Flow Add Custom Attributes | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/external-identities/user-flow-add-custom-attributes.md | You can create custom attributes in the Microsoft Entra admin center and use the "extension_831374b3bd5041bfaa54263ec9e050fc_loyaltyNumber": "212342" ``` -The `<extensions-app-id>` is specific to your tenant. To find this identifier, navigate to **Identity** > **App registrations** > **All applications**. Search for the app that starts with `aad-extensions-app` and select it. On the app's Overview page, note the Application (client) ID. +The `<extensions-app-id>` is specific to your tenant. To find this identifier, navigate to **Identity** > **Applications** > **App registrations** > **All applications**. Search for the app that starts with "aad-extensions-app" and select it. On the app's Overview page, note the Application (client) ID. ## Create a custom attribute |
active-directory | Custom Security Attributes Troubleshoot | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/fundamentals/custom-security-attributes-troubleshoot.md | -When signed in to the Azure portal as Global Administrator and you try to access the **Custom security attributes** page, it is disabled. +When signed in to the [Microsoft Entra admin center](https://entra.microsoft.com) and you try to access the **Custom security attributes** page, it is disabled. ![Custom security attributes page disabled in Azure portal.](./media/custom-security-attributes-troubleshoot/attributes-disabled.png) Custom security attributes require a Microsoft Entra ID P1 or P2 license. **Solution** -Open **Microsoft Entra ID** > **Overview** and check the license for your tenant. +Browse to **Identity** > **Overview** and check the license for your tenant. ## Symptom - Add attribute set is disabled -When signed in to the Azure portal as Global Administrator and you try to click the **Custom security attributes** > **Add attribute set** option, it is disabled. +When signed in to the [Microsoft Entra admin center](https://entra.microsoft.com) and you try to click the **Custom security attributes** > **Add attribute set** option, it is disabled. ![Add attribute set option disabled in Azure portal.](./media/custom-security-attributes-troubleshoot/attribute-set-add-disabled.png) |
active-directory | Tutorial Prepare User Accounts | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/governance/tutorial-prepare-user-accounts.md | You need to do perform this action for both $UPN_employee and $UPN_manager After editing the script, save it and follow these steps: - 1. Open a Windows PowerShell command prompt, with Administrative privileges, from a machine that has access to the Microsoft Entra admin center. +1. Open a Windows PowerShell command prompt, with Administrative privileges, from a machine that has access to the Microsoft Entra admin center. 1. Navigate to the saved PowerShell script location and run it. 1. If prompted select **Yes to all** when installing the Azure AD PowerShell module. 1. When prompted, sign in to the Microsoft Entra admin center with a global administrator for your tenant. |
active-directory | Reference Powershell | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/hybrid/cloud-sync/reference-powershell.md | This cmdlet modifies *AADConnectProvisioningAgent.exe.config* to disable verbose This cmdlet pauses synchronization. +### Disable-AADCloudSyncToolsDirSyncAccidentalDeletionPrevention ++Disables accidentalDeletionPrevention tenant feature +``` powershell +Disable-AADCloudSyncToolsDirSyncAccidentalDeletionPrevention -tenantId <TenantId> +``` ++This cmdlet requires `TenantId` of the Azure AD tenant. It will verify if Accidental Deletion Prevention feature, set on the tenant with Azure AD Connect (ADSync, not Cloud Sync), is enabled and disables it. ++#### Example: +``` powershell +Disable-AADCloudSyncToolsDirSyncAccidentalDeletionPrevention -tenantId "340ab039-1234-5678-9012-28fe88f83980" +``` ++ ## Next steps - [What is provisioning?](../what-is-provisioning.md) |
active-directory | How To Connect Fed Group Claims | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/hybrid/connect/how-to-connect-fed-group-claims.md | After you add a group claim configuration to the **User Attributes & Claims** co You can also configure group claims in the [optional claims](../../develop/optional-claims.md) section of the [application manifest](../../develop/reference-app-manifest.md). -1. In the portal, select **Microsoft Entra ID** > **Application Registrations** > **Select Application** > **Manifest**. +1. In the portal, select **Identity** > **Applications** > **App registrations** > **Select Application** > **Manifest**. 2. Enable group membership claims by changing `groupMembershipClaims`. |
active-directory | Tshoot Connect Sso | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/hybrid/connect/tshoot-connect-sso.md | This article helps you find troubleshooting information about common problems re ## Check status of feature -Ensure that the Seamless SSO feature is still **Enabled** on your tenant. You can check the status by going to the **Microsoft Entra ID** > **Microsoft Entra Connect** pane in the [[Microsoft Entra admin center](https://entra.microsoft.com)](https://portal.azure.com/). +Ensure that the Seamless SSO feature is still **Enabled** on your tenant. You can check the status by going to the **Identity** > **Hybrid management** > **Azure AD Connect** > **Connect Sync** pane in the [[Microsoft Entra admin center](https://entra.microsoft.com)](https://portal.azure.com/). ![Screenshot of the Microsoft Entra admin center: Microsoft Entra Connect pane.](./media/tshoot-connect-sso/sso10.png) If your tenant has a Microsoft Entra ID P1 or P2 license associated with it, you ![Screenshot of the Microsoft Entra admin center: Sign-ins report.](media/tshoot-connect-sso/sso9.png) -Browse to **Microsoft Entra ID** > **Sign-ins** in the [[Microsoft Entra admin center](https://entra.microsoft.com)](https://portal.azure.com/), and then select a specific user's sign-in activity. Look for the **SIGN-IN ERROR CODE** field. Map the value of that field to a failure reason and resolution by using the following table: +Browse to **Identity** > **Monitoring & health** > **Sign-ins** in the [[Microsoft Entra admin center](https://entra.microsoft.com)](https://portal.azure.com/), and then select a specific user's sign-in activity. Look for the **SIGN-IN ERROR CODE** field. Map the value of that field to a failure reason and resolution by using the following table: |Sign-in error code|Sign-in failure reason|Resolution | | | |
active-directory | Howto Identity Protection Simulate Risk | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/identity-protection/howto-identity-protection-simulate-risk.md | This risk detection indicates that the application's valid credentials have been "AadTenantDomain": "XXXX.onmicrosoft.com", "AadTenantId": "99d4947b-XXX-XXXX-9ace-abceab54bcd4", ```-1. In about 8 hours, you'll be able to view a leaked credential detection under **Microsoft Entra ID** > **Security** > **Risk Detection** > **Workload identity detections** where the additional info will contain the URL of your GitHub commit. +1. In about 8 hours, you'll be able to view a leaked credential detection under **Protection** > **Identity Protection** > **Risk Detection** > **Workload identity detections** where the additional info will contain the URL of your GitHub commit. ## Testing risk policies |
active-directory | Manage Application Permissions | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/manage-apps/manage-application-permissions.md | To review an application's permissions that have been granted for the entire org 1. Select the application that you want to restrict access to. 1. Select **Permissions**. 1. To view permissions that apply to your entire organization, select the **Admin consent** tab. To view permissions granted to a specific user or group, select the **User consent** tab.-1. To view the details of a given permission, select the permission from the list. The **Permission Details** pane opens. -1. To revoke a given permission, choose the permission you would like to revoke, select the **...** control for that permission, and then choose **Revoke permission**. +1. To view the details of a given permission, select the permission from the list. The **Permission Details** pane opens. + After you've reviewed the permissions granted to an application, you can revoke permissions granted by admins for your entire organization. + > [!NOTE] + > You can't revoke permissions in the **User consent** tab using the portal. You can revoke these permissions using Microsoft Graph API calls or PowerShell cmdlets. Go to the PowerShell and Microsoft Graph tabs of this article for more information. ++To revoke permissions in the **Admin consent** tab: ++1. View the list of permissions in the **Admin consent** tab. +1. Choose the permission you would like to revoke, then select the **...** control for that permission. + :::image type="content" source="media/manage-application-permissions/revoke-permissions.png" alt-text="Screenshot shows how to revoke admin consent."::: +1. Select **Revoke permission**. :::zone-end |
active-directory | Tutorial Manage Access Security | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/manage-apps/tutorial-manage-access-security.md | For the application that the administrator added to their tenant, they want to s 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Cloud Application Administrator](../roles/permissions-reference.md#cloud-application-administrator). 1. Browse to **Identity** > **Applications** > **Enterprise applications**.-4. Select the application to which you want to grant tenant-wide admin consent. -5. Under **Security**, select **Permissions**. -6. Carefully review the permissions that the application requires. If you agree with the permissions the application requires, select **Grant admin consent**. +1. Select the application to which you want to grant tenant-wide admin consent. +1. Under **Security**, select **Permissions**. +1. Carefully review the permissions that the application requires. If you agree with the permissions the application requires, select **Grant admin consent**. ## Create a Conditional Access policy |
active-directory | Workbook Mfa Gaps | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/reports-monitoring/workbook-mfa-gaps.md | The summary widget provides a detailed look at sign-ins related to multifactor a * **Number of sign-ins not protected by multi-factor authentication requirement by location:** This widget shows the sign-ins counts that are not protected by MFA requirement in map bubble chart on the world map. ## How to import the workbook-1. Navigate to **Microsoft Entra ID** > **Monitoring** > **Workbooks**. +1. Navigate to **Identity** > **Monitoring & health** > **Workbooks**. 1. Select **+ New**. 1. Select the **Advanced Editor** button from the top of the page. A JSON editor opens. ![Screenshot of the Advanced Editor button on the new workbook page.](./media/workbook-mfa-gaps/advanced-editor-button.png) |
active-directory | Bustle B2b Transport Systems Provisioning Tutorial | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/saas-apps/bustle-b2b-transport-systems-provisioning-tutorial.md | + + Title: 'Tutorial: Configure Bustle B2B Transport Systems for automatic user provisioning with Microsoft Entra ID' +description: Learn how to automatically provision and deprovision user accounts from Microsoft Entra ID to Bustle B2B Transport Systems. +++writer: twimmers ++ms.assetid: 8bcb45f4-8f3d-4d7a-b2d7-ea7290bbc93b ++++ Last updated : 09/22/2023++++# Tutorial: Configure Bustle B2B Transport Systems for automatic user provisioning ++This tutorial describes the steps you need to perform in both Bustle B2B Transport Systems and Microsoft Entra ID to configure automatic user provisioning. When configured, Microsoft Entra ID automatically provisions and deprovisions users to [Bustle B2B Transport Systems](https://app.bustle.tech) using the Microsoft Entra provisioning service. For important details on what this service does, how it works, and frequently asked questions, see [Automate user provisioning and deprovisioning to SaaS applications with Microsoft Entra ID](../app-provisioning/user-provisioning.md). +++## Supported capabilities +> [!div class="checklist"] +> * Create users in Bustle B2B Transport Systems. +> * Remove users in Bustle B2B Transport Systems when they do not require access anymore. +> * Keep user attributes synchronized between Microsoft Entra ID and Bustle B2B Transport Systems. +> * [Single sign-on](../manage-apps/add-application-portal-setup-oidc-sso.md) to Bustle B2B Transport Systems (recommended). ++## Prerequisites ++The scenario outlined in this tutorial assumes that you already have the following prerequisites: ++* [A Microsoft Entra tenant](../develop/quickstart-create-new-tenant.md) +* A user account in Microsoft Entra ID with [permission](../roles/permissions-reference.md) to configure provisioning (for example, Application Administrator, Cloud Application administrator, Application Owner, or Global Administrator). +* A user account in Bustle B2B Transport Systems with Admin permissions. ++## Step 1: Plan your provisioning deployment +* Learn about [how the provisioning service works](../app-provisioning/user-provisioning.md). +* Determine who will be in [scope for provisioning](../app-provisioning/define-conditional-rules-for-provisioning-user-accounts.md). +* Determine what data to [map between Microsoft Entra ID and Bustle B2B Transport Systems](../app-provisioning/customize-application-attributes.md). ++## Step 2: Configure Bustle B2B Transport Systems to support provisioning with Microsoft Entra ID +Contact Bustle B2B Transport Systems support to configure Bustle B2B Transport Systems to support provisioning with Microsoft Entra ID. ++## Step 3: Add Bustle B2B Transport Systems from the Microsoft Entra application gallery ++Add Bustle B2B Transport Systems from the Microsoft Entra application gallery to start managing provisioning to Bustle B2B Transport Systems. If you have previously setup Bustle B2B Transport Systems for SSO, you can use the same application. However it's recommended that you create a separate app when testing out the integration initially. Learn more about adding an application from the gallery [here](../manage-apps/add-application-portal.md). ++## Step 4: Define who will be in scope for provisioning ++The Microsoft Entra provisioning service allows you to scope who will be provisioned based on assignment to the application and or based on attributes of the user. If you choose to scope who will be provisioned to your app based on assignment, you can use the following [steps](../manage-apps/assign-user-or-group-access-portal.md) to assign users to the application. If you choose to scope who will be provisioned based solely on attributes of the user, you can use a scoping filter as described [here](../app-provisioning/define-conditional-rules-for-provisioning-user-accounts.md). ++* Start small. Test with a small set of users before rolling out to everyone. When scope for provisioning is set to assigned users, you can control this by assigning one or two users to the app. When scope is set to all users, you can specify an [attribute based scoping filter](../app-provisioning/define-conditional-rules-for-provisioning-user-accounts.md). ++* If you need more roles, you can [update the application manifest](../develop/howto-add-app-roles-in-azure-ad-apps.md) to add new roles. +++## Step 5: Configure automatic user provisioning to Bustle B2B Transport Systems ++This section guides you through the steps to configure the Microsoft Entra provisioning service to create, update, and disable users in TestApp based on user assignments in Microsoft Entra ID. ++<a name='to-configure-automatic-user-provisioning-for-Bustle B2B Transport Systems-in-azure-ad'></a> ++### To configure automatic user provisioning for Bustle B2B Transport Systems in Microsoft Entra ID: ++1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Cloud Application Administrator](../roles/permissions-reference.md#cloud-application-administrator). +1. Browse to **Identity** > **Applications** > **Enterprise applications** ++ ![Screenshot of Enterprise applications blade.](common/enterprise-applications.png) ++1. In the applications list, select **Bustle B2B Transport Systems**. ++ ![Screenshot of the Bustle B2B Transport Systems link in the Applications list.](common/all-applications.png) ++1. Select the **Provisioning** tab. ++ ![Screenshot of Provisioning tab.](common/provisioning.png) ++1. Set the **Provisioning Mode** to **Automatic**. ++ ![Screenshot of Provisioning tab automatic.](common/provisioning-automatic.png) ++1. Under the **Admin Credentials** section, input your Bustle B2B Transport Systems Tenant URL and Secret Token. Click **Test Connection** to ensure Microsoft Entra ID can connect to Bustle B2B Transport Systems. If the connection fails, ensure your Bustle B2B Transport Systems account has Admin permissions and try again. ++ ![Screenshot of Token.](common/provisioning-testconnection-tenanturltoken.png) ++1. In the **Notification Email** field, enter the email address of a person who should receive the provisioning error notifications and select the **Send an email notification when a failure occurs** check box. ++ ![Screenshot of Notification Email.](common/provisioning-notification-email.png) ++1. Select **Save**. ++1. Under the **Mappings** section, select **Synchronize Microsoft Entra users to Bustle B2B Transport Systems**. ++1. Review the user attributes that are synchronized from Microsoft Entra ID to Bustle B2B Transport Systems in the **Attribute-Mapping** section. The attributes selected as **Matching** properties are used to match the user accounts in Bustle B2B Transport Systems for update operations. If you choose to change the [matching target attribute](../app-provisioning/customize-application-attributes.md), you need to ensure that the Bustle B2B Transport Systems API supports filtering users based on that attribute. Select the **Save** button to commit any changes. ++ |Attribute|Type|Supported for filtering|Required by Bustle B2B Transport Systems| + ||||| + |userName|String|✓|✓ + |active|Boolean|| + |emails[type eq "work"].value|String||✓ + |name.givenName|String||✓ + |name.familyName|String||✓ + |phoneNumbers[type eq "work"].value|String||✓ + |externalId|String||✓ ++1. To configure scoping filters, refer to the following instructions provided in the [Scoping filter tutorial](../app-provisioning/define-conditional-rules-for-provisioning-user-accounts.md). ++1. To enable the Microsoft Entra provisioning service for Bustle B2B Transport Systems, change the **Provisioning Status** to **On** in the **Settings** section. ++ ![Screenshot of Provisioning Status Toggled On.](common/provisioning-toggle-on.png) ++1. Define the users that you would like to provision to Bustle B2B Transport Systems by choosing the desired values in **Scope** in the **Settings** section. ++ ![Screenshot of Provisioning Scope.](common/provisioning-scope.png) ++1. When you're ready to provision, click **Save**. ++ ![Screenshot of Saving Provisioning Configuration.](common/provisioning-configuration-save.png) ++This operation starts the initial synchronization cycle of all users defined in **Scope** in the **Settings** section. The initial cycle takes longer to perform than subsequent cycles, which occur approximately every 40 minutes as long as the Microsoft Entra provisioning service is running. ++## Step 6: Monitor your deployment +Once you've configured provisioning, use the following resources to monitor your deployment: ++* Use the [provisioning logs](../reports-monitoring/concept-provisioning-logs.md) to determine which users have been provisioned successfully or unsuccessfully +* Check the [progress bar](../app-provisioning/application-provisioning-when-will-provisioning-finish-specific-user.md) to see the status of the provisioning cycle and how close it's to completion +* If the provisioning configuration seems to be in an unhealthy state, the application goes into quarantine. Learn more about quarantine states [here](../app-provisioning/application-provisioning-quarantine-status.md). ++## More resources ++* [Managing user account provisioning for Enterprise Apps](../app-provisioning/configure-automatic-user-provisioning-portal.md) +* [What is application access and single sign-on with Microsoft Entra ID?](../manage-apps/what-is-single-sign-on.md) ++## Next steps ++* [Learn how to review logs and get reports on provisioning activity](../app-provisioning/check-status-user-account-provisioning.md) |
active-directory | Presentation Request Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/verifiable-credentials/presentation-request-api.md | The following example demonstrates a callback payload after the verifiable crede }, "domainValidation": { "url": "https://contoso.com/"- } + }, + "issuanceDate": "yyyy-MM-ddTHH:mm:ssZ", + "expirationDate": "yyyy-MM-ddTHH:mm:ssZ" } ], "receipt": { |
active-directory | Whats New | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/verifiable-credentials/whats-new.md | +## September 2023 ++Verified ID is retiring old Request Service API endpoints that were available before Verified ID was General Available. These APIs should not have been used since GA in August 2022, but if they are used in your app, you need to migrate. The API endpoints being retired are: ++```http +POST https://verifiedid.did.msidentity.com/v1.0/:tenant/verifiablecredentials/request +GET https://verifiedid.did.msidentity.com/v1.0/:tenant/verifiablecredentials/request/:requestId +POST https://verifiedid.did.msidentity.com/v1.0/:tenant/verifiablecredentials/present +POST https://verifiedid.did.msidentity.com/v1.0/:tenant/verifiablecredentials/issuance +``` ++The first API was for creating an issuance or presentation request. The second API was for retrieving a request and the last two APIs was for a wallet completing issuance or presentation. The API endpoints to use since preview are the following. ++```http +POST https://verifiedid.did.msidentity.com/v1.0/:tenant/verifiablecredentials/createPresentationRequest +POST https://verifiedid.did.msidentity.com/v1.0/:tenant/verifiablecredentials/createIssuanceRequest +GET https://verifiedid.did.msidentity.com/v1.0/:tenant/verifiablecredentials/presentationRequests/:requestId +POST https://verifiedid.did.msidentity.com/v1.0/:tenant/verifiablecredentials/completeIssuance +POST https://verifiedid.did.msidentity.com/v1.0/:tenant/verifiablecredentials/verifyPresentation +``` ++Please note that the `/request` API is split into two depending on if you are creating an issuance or presentation request. ++The retired API endpoints will not work after October 2023, 2023. ++## August 2023 ++The `presentation_verified` callback from the Request Service API now returns when a Verified ID credential was issued and when it expires. Business rules can use these values to see the time windoww of when the presented Verified ID credential is valid. An example of this is that it expires in an hour while the business required in needs to be valid until the end of the day. + ## June 2023 Tutorial for getting started with the Wallet Library demo on Android and iOS available [here](using-wallet-library.md). |
ai-services | Batch Inference | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/How-to/batch-inference.md | description: Trigger batch inference with trained model --+ Last updated 11/01/2022 |
ai-services | Create Resource | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/How-to/create-resource.md | description: Create an Anomaly Detector resource --+ Last updated 11/01/2022 |
ai-services | Deploy Anomaly Detection On Container Instances | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/How-to/deploy-anomaly-detection-on-container-instances.md | description: Deploy the Anomaly Detector container to an Azure Container Instanc --+ Last updated 04/01/2020 |
ai-services | Deploy Anomaly Detection On Iot Edge | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/How-to/deploy-anomaly-detection-on-iot-edge.md | description: Deploy the Anomaly Detector module to IoT Edge. --+ Last updated 12/03/2020 |
ai-services | Identify Anomalies | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/How-to/identify-anomalies.md | description: Learn how to detect anomalies in your data either as a batch, or on --+ Last updated 10/01/2019 |
ai-services | Postman | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/How-to/postman.md | description: Learn how to detect anomalies in your data either as a batch, or on --+ Last updated 12/20/2022 |
ai-services | Prepare Data | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/How-to/prepare-data.md | description: Prepare your data and upload to Storage Account --+ Last updated 11/01/2022 |
ai-services | Streaming Inference | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/How-to/streaming-inference.md | description: Streaming inference with trained model --+ Last updated 11/01/2022 |
ai-services | Train Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/How-to/train-model.md | description: Train a Multivariate Anomaly Detection model --+ Last updated 11/01/2022 |
ai-services | Anomaly Detector Container Configuration | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/anomaly-detector-container-configuration.md | description: The Anomaly Detector API container runtime environment is configure --+ Last updated 05/07/2020 |
ai-services | Anomaly Detector Container Howto | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/anomaly-detector-container-howto.md | description: Use the Anomaly Detector API's algorithms to find anomalies in your --+ Last updated 01/27/2023 |
ai-services | Anomaly Detection Best Practices | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/concepts/anomaly-detection-best-practices.md | description: Learn about best practices when detecting anomalies with the Anomal --+ Last updated 01/22/2021 |
ai-services | Best Practices Multivariate | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/concepts/best-practices-multivariate.md | description: Best practices for using the Anomaly Detector Multivariate API's to --+ Last updated 06/07/2022 |
ai-services | Multivariate Architecture | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/concepts/multivariate-architecture.md | description: Reference architecture for using the Anomaly Detector Multivariate --+ Last updated 12/15/2022 |
ai-services | Troubleshoot | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/concepts/troubleshoot.md | description: Learn how to remediate common error codes when you use the Azure AI --+ Last updated 04/01/2021 |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/overview.md | description: Use the Anomaly Detector API's algorithms to apply anomaly detectio --+ Last updated 10/27/2022 |
ai-services | Client Libraries Multivariate | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/quickstarts/client-libraries-multivariate.md | |
ai-services | Client Libraries | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/quickstarts/client-libraries.md | |
ai-services | Regions | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/regions.md | description: A list of available regions and endpoints for the Anomaly Detector --+ Last updated 11/1/2022 |
ai-services | Service Limits | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/service-limits.md | description: Service limits for Anomaly Detector service, including Univariate A --+ Last updated 1/31/2023 |
ai-services | Azure Data Explorer | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/tutorials/azure-data-explorer.md | description: Learn how to use the Univariate Anomaly Detector with Azure Data Ex --+ Last updated 12/19/2022 |
ai-services | Batch Anomaly Detection Powerbi | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/tutorials/batch-anomaly-detection-powerbi.md | description: Learn how to use the Anomaly Detector API and Power BI to visualize --+ Last updated 09/10/2020 |
ai-services | Multivariate Anomaly Detection Synapse | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/tutorials/multivariate-anomaly-detection-synapse.md | description: Learn how to use the Multivariate Anomaly Detector with Azure Synap --+ Last updated 08/03/2022 |
ai-services | Whats New | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/whats-new.md | Title: What's New - Anomaly Detector description: This article is regularly updated with news about the Azure AI Anomaly Detector.--+ |
ai-services | Category Taxonomy | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/Category-Taxonomy.md | |
ai-services | Build Enrollment App | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/Tutorials/build-enrollment-app.md | description: Learn how to set up your development environment and deploy a Face --++ Last updated 11/17/2020 |
ai-services | Storage Lab Tutorial | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/Tutorials/storage-lab-tutorial.md | description: In this tutorial, you'll learn how to integrate the Azure AI Vision --+ Last updated 12/29/2022 |
ai-services | Computer Vision How To Install Containers | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/computer-vision-how-to-install-containers.md | description: Use the Read 3.2 OCR containers from Azure AI Vision to extract tex --+ Last updated 08/29/2023 |
ai-services | Computer Vision Resource Container Config | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/computer-vision-resource-container-config.md | description: This article shows you how to configure both required and optional --+ Last updated 04/09/2021 |
ai-services | Concept Background Removal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-background-removal.md | |
ai-services | Concept Brand Detection | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-brand-detection.md | |
ai-services | Concept Categorizing Images | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-categorizing-images.md | |
ai-services | Concept Describe Images 40 | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-describe-images-40.md | |
ai-services | Concept Describing Images | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-describing-images.md | |
ai-services | Concept Detecting Adult Content | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-detecting-adult-content.md | |
ai-services | Concept Detecting Color Schemes | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-detecting-color-schemes.md | |
ai-services | Concept Detecting Domain Content | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-detecting-domain-content.md | |
ai-services | Concept Detecting Faces | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-detecting-faces.md | |
ai-services | Concept Detecting Image Types | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-detecting-image-types.md | |
ai-services | Concept Face Detection | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-face-detection.md | |
ai-services | Concept Face Recognition | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-face-recognition.md | |
ai-services | Concept Generate Thumbnails 40 | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-generate-thumbnails-40.md | |
ai-services | Concept Generating Thumbnails | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-generating-thumbnails.md | |
ai-services | Concept Image Retrieval | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-image-retrieval.md | |
ai-services | Concept Model Customization | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-model-customization.md | |
ai-services | Concept Object Detection 40 | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-object-detection-40.md | |
ai-services | Concept Object Detection | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-object-detection.md | |
ai-services | Concept Ocr | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-ocr.md | description: Extract text from in-the-wild and non-document images with a fast a --+ Last updated 07/04/2023 |
ai-services | Concept People Detection | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-people-detection.md | |
ai-services | Concept Shelf Analysis | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-shelf-analysis.md | |
ai-services | Concept Tag Images 40 | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-tag-images-40.md | |
ai-services | Concept Tagging Images | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-tagging-images.md | |
ai-services | Deploy Computer Vision On Premises | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/deploy-computer-vision-on-premises.md | description: Learn how to deploy the Azure AI Vision container using Kubernetes --+ Last updated 05/09/2022 |
ai-services | Enrollment Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/enrollment-overview.md | description: Learn about the process of Face enrollment to register users in a f --++ Last updated 09/27/2021 |
ai-services | Add Faces | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/add-faces.md | description: This guide demonstrates how to add a large number of persons and fa --++ Last updated 04/10/2019 |
ai-services | Analyze Video | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/analyze-video.md | |
ai-services | Background Removal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/background-removal.md | |
ai-services | Blob Storage Search | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/blob-storage-search.md | |
ai-services | Call Analyze Image 40 | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/call-analyze-image-40.md | |
ai-services | Call Analyze Image | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/call-analyze-image.md | |
ai-services | Call Read Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/call-read-api.md | |
ai-services | Find Similar Faces | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/find-similar-faces.md | |
ai-services | Generate Thumbnail | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/generate-thumbnail.md | |
ai-services | Identity Access Token | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/identity-access-token.md | |
ai-services | Identity Detect Faces | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/identity-detect-faces.md | |
ai-services | Image Retrieval | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/image-retrieval.md | |
ai-services | Migrate Face Data | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/migrate-face-data.md | description: This guide shows you how to migrate your stored face data from one --+ Last updated 02/22/2021 |
ai-services | Shelf Analyze | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/shelf-analyze.md | |
ai-services | Shelf Model Customization | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/shelf-model-customization.md | description: Learn how to use the Image Analysis model customization feature to --+ Last updated 05/02/2023 |
ai-services | Shelf Modify Images | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/shelf-modify-images.md | |
ai-services | Shelf Planogram | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/shelf-planogram.md | |
ai-services | Specify Detection Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/specify-detection-model.md | |
ai-services | Specify Recognition Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/specify-recognition-model.md | description: This article will show you how to choose which recognition model to --+ Last updated 03/05/2021 |
ai-services | Use Headpose | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/use-headpose.md | description: Learn how to use the HeadPose attribute to automatically rotate the --++ Last updated 02/23/2021 |
ai-services | Use Large Scale | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/use-large-scale.md | |
ai-services | Use Persondirectory | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/use-persondirectory.md | |
ai-services | Identity Api Reference | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/identity-api-reference.md | |
ai-services | Identity Encrypt Data At Rest | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/identity-encrypt-data-at-rest.md | description: Microsoft offers Microsoft-managed encryption keys, and also lets y --++ Last updated 08/28/2020 |
ai-services | Intro To Spatial Analysis Public Preview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/intro-to-spatial-analysis-public-preview.md | |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/language-support.md | description: This article provides a list of natural languages supported by Azur --+ Last updated 12/27/2022 |
ai-services | Overview Identity | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/overview-identity.md | description: The Azure AI Face service provides AI algorithms that you use to de --++ Last updated 07/04/2023 |
ai-services | Overview Image Analysis | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/overview-image-analysis.md | description: The Image Analysis service uses pretrained AI models to extract man --+ Last updated 07/04/2023 |
ai-services | Overview Ocr | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/overview-ocr.md | |
ai-services | Overview Vision Studio | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/overview-vision-studio.md | description: Learn how to set up and use Vision Studio to test features of Azure --+ Last updated 12/27/2022 |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/overview.md | |
ai-services | Client Library | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/quickstarts-sdk/client-library.md | description: Learn how to use Optical character recognition (OCR) in your applic --+ Last updated 08/07/2023 |
ai-services | Identity Client Library | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/quickstarts-sdk/identity-client-library.md | |
ai-services | Image Analysis Client Library 40 | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/quickstarts-sdk/image-analysis-client-library-40.md | description: Learn how to tag images in your application using Image Analysis 4. --+ Last updated 01/24/2023 |
ai-services | Image Analysis Client Library | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/quickstarts-sdk/image-analysis-client-library.md | description: Learn how to tag images in your application using Image Analysis th --+ Last updated 12/27/2022 |
ai-services | Read Container Migration Guide | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/read-container-migration-guide.md | description: Learn how to migrate to the v3 Read OCR containers --+ Last updated 09/28/2021 |
ai-services | Spatial Analysis Camera Placement | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/spatial-analysis-camera-placement.md | description: Learn how to set up a camera for use with Spatial Analysis --+ Last updated 06/08/2021 |
ai-services | Spatial Analysis Container | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/spatial-analysis-container.md | description: The Spatial Analysis container lets you can detect people and dista --+ Last updated 12/27/2022 |
ai-services | Spatial Analysis Local | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/spatial-analysis-local.md | description: Use this guide to learn how to run Spatial Analysis on a recorded l --+ Last updated 06/28/2022 |
ai-services | Spatial Analysis Logging | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/spatial-analysis-logging.md | description: Spatial Analysis provides each container with a common configuratio --+ Last updated 06/08/2021 |
ai-services | Spatial Analysis Operations | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/spatial-analysis-operations.md | description: The Spatial Analysis operations. --+ Last updated 02/02/2022 |
ai-services | Spatial Analysis Web App | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/spatial-analysis-web-app.md | description: Learn how to use Spatial Analysis in a web application. --+ Last updated 06/08/2021 |
ai-services | Spatial Analysis Zone Line Placement | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/spatial-analysis-zone-line-placement.md | description: Learn how to set up zones and lines with Spatial Analysis --+ Last updated 06/08/2021 |
ai-services | Upgrade Api Versions | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/upgrade-api-versions.md | |
ai-services | Use Case Alt Text | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/use-case-alt-text.md | |
ai-services | Use Case Dwell Time | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/use-case-dwell-time.md | |
ai-services | Use Case Identity Verification | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/use-case-identity-verification.md | |
ai-services | Use Case Queue Time | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/use-case-queue-time.md | |
ai-services | Vehicle Analysis | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/vehicle-analysis.md | description: Vehicle analysis provides each container with a common configuratio --+ Last updated 11/07/2022 |
ai-services | Whats New | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/whats-new.md | description: Stay up to date on recent releases and updates to Azure AI Vision. --+ Last updated 12/27/2022 |
ai-services | Azure Kubernetes Recipe | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/containers/azure-kubernetes-recipe.md | description: Deploy the language detection container, with a running sample, to --+ Last updated 01/10/2022 |
ai-services | Api Reference | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/api-reference.md | description: Learn about the content moderation APIs for Content Moderator. --+ Last updated 05/29/2019 |
ai-services | Client Libraries | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/client-libraries.md | |
ai-services | Encrypt Data At Rest | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/encrypt-data-at-rest.md | |
ai-services | Export Delete Data | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/export-delete-data.md | description: You have full control over your data. Learn how to view, export or --+ Last updated 02/07/2019 |
ai-services | Image Lists Quickstart Dotnet | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/image-lists-quickstart-dotnet.md | description: How to moderate images with custom image lists using the Content Mo --+ Last updated 10/24/2019 |
ai-services | Image Moderation Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/image-moderation-api.md | description: Use Content Moderator's machine-assisted image moderation to modera --+ Last updated 10/27/2021 |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/language-support.md | description: This is a list of natural languages that the Content Moderator API --+ Last updated 10/27/2021 |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/overview.md | description: Learn how to use Content Moderator to track, flag, assess, and filt --+ Last updated 11/06/2021 |
ai-services | Samples Dotnet | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/samples-dotnet.md | description: Learn how to use Content Moderator in your .NET applications throug --+ Last updated 10/27/2021 |
ai-services | Samples Rest | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/samples-rest.md | description: Use Content Moderator feature based samples in your applications th --+ Last updated 01/10/2019 |
ai-services | Term Lists Quickstart Dotnet | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/term-lists-quickstart-dotnet.md | description: How to moderate text with custom term lists using the Content Moder --+ Last updated 10/24/2019 |
ai-services | Text Moderation Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/text-moderation-api.md | description: Use text moderation for possible unwanted text, personal data, and --+ Last updated 10/27/2021 |
ai-services | Try Image Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/try-image-api.md | description: Use the Image Moderation API in Azure AI Content Moderator to scan --+ Last updated 01/10/2019 |
ai-services | Try Image List Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/try-image-list-api.md | description: You use the List Management API in Azure AI Content Moderator to cr --+ Last updated 01/10/2019 |
ai-services | Try Terms List Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/try-terms-list-api.md | description: Use the List Management API to create custom lists of terms to use --+ Last updated 01/10/2019 |
ai-services | Try Text Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/try-text-api.md | |
ai-services | Video Moderation Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/video-moderation-api.md | description: How to analyze video content for various objectionable material usi --+ Last updated 10/27/2021 |
ai-services | Harm Categories | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-safety/concepts/harm-categories.md | description: Learn about the different content moderation flags and severity lev --+ Last updated 04/06/2023 |
ai-services | Response Codes | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-safety/concepts/response-codes.md | description: See the possible error codes for the Content Safety APIs. --+ Last updated 05/09/2023 |
ai-services | Encrypt Data At Rest | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-safety/how-to/encrypt-data-at-rest.md | description: Learn how Azure AI Content Safety encrypts your data when it's pers --+ Last updated 07/04/2023 |
ai-services | Use Blocklist | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-safety/how-to/use-blocklist.md | description: Learn how to customize text moderation in Content Safety by using y --+ Last updated 07/20/2023 |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-safety/language-support.md | description: This is a list of natural languages that the Content Safety API sup --+ Last updated 08/01/2023 |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-safety/overview.md | description: Learn how to use Content Safety to track, flag, assess, and filter --+ Last updated 07/18/2023 |
ai-services | Quickstart Image | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-safety/quickstart-image.md | description: Get started using Content Safety to analyze image content for objec --+ Last updated 05/08/2023 |
ai-services | Quickstart Text | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-safety/quickstart-text.md | description: Get started using Content Safety to analyze image and text content --+ Last updated 07/18/2023 |
ai-services | Studio Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-safety/studio-quickstart.md | description: In this quickstart, get started with the Content Safety service usi --+ Last updated 04/27/2023 |
ai-services | Whats New | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-safety/whats-new.md | description: Stay up to date on recent releases and updates to Azure AI Content --+ Last updated 04/07/2023 |
ai-services | Copy Move Projects | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/copy-move-projects.md | |
ai-services | Custom Vision Onnx Windows Ml | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/custom-vision-onnx-windows-ml.md | |
ai-services | Encrypt Data At Rest | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/encrypt-data-at-rest.md | description: Microsoft offers Microsoft-managed encryption keys, and also lets y --+ Last updated 08/28/2020 |
ai-services | Export Delete Data | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/export-delete-data.md | |
ai-services | Export Model Python | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/export-model-python.md | |
ai-services | Export Programmatically | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/export-programmatically.md | |
ai-services | Export Your Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/export-your-model.md | |
ai-services | Get Started Build Detector | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/get-started-build-detector.md | description: In this quickstart, you'll learn how to use the Custom Vision websi --+ Last updated 12/27/2022 |
ai-services | Getting Started Build A Classifier | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/getting-started-build-a-classifier.md | description: In this quickstart, you'll learn how to use the Custom Vision web p --+ Last updated 11/03/2022 |
ai-services | Getting Started Improving Your Classifier | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/getting-started-improving-your-classifier.md | |
ai-services | Iot Visual Alerts Tutorial | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/iot-visual-alerts-tutorial.md | |
ai-services | Limits And Quotas | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/limits-and-quotas.md | |
ai-services | Logo Detector Mobile | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/logo-detector-mobile.md | description: In this tutorial, you will step through a sample app that uses Cust --+ Last updated 07/04/2023 |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/overview.md | |
ai-services | Image Classification | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/quickstarts/image-classification.md | |
ai-services | Object Detection | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/quickstarts/object-detection.md | |
ai-services | Release Notes | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/release-notes.md | |
ai-services | Role Based Access Control | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/role-based-access-control.md | |
ai-services | Select Domain | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/select-domain.md | description: This article will show you how to select a domain for your project --+ Last updated 06/13/2022 |
ai-services | Storage Integration | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/storage-integration.md | |
ai-services | Suggested Tags | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/suggested-tags.md | |
ai-services | Test Your Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/test-your-model.md | |
ai-services | Update Application To 3.0 Sdk | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/update-application-to-3.0-sdk.md | |
ai-services | Use Prediction Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/use-prediction-api.md | |
ai-services | Whats New | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/whats-new.md | description: This article contains news about Custom Vision. --+ Last updated 09/27/2021 |
ai-services | Changelog Release History | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/changelog-release-history.md | |
ai-services | Choose Model Feature | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/choose-model-feature.md | |
ai-services | Concept Accuracy Confidence | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-accuracy-confidence.md | |
ai-services | Concept Add On Capabilities | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-add-on-capabilities.md | |
ai-services | Concept Analyze Document Response | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-analyze-document-response.md | |
ai-services | Concept Business Card | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-business-card.md | |
ai-services | Concept Composed Models | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-composed-models.md | |
ai-services | Concept Contract | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-contract.md | |
ai-services | Concept Custom Classifier | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-custom-classifier.md | |
ai-services | Concept Custom Label Tips | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-custom-label-tips.md | |
ai-services | Concept Custom Label | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-custom-label.md | |
ai-services | Concept Custom Lifecycle | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-custom-lifecycle.md | |
ai-services | Concept Custom Neural | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-custom-neural.md | |
ai-services | Concept Custom Template | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-custom-template.md | |
ai-services | Concept Custom | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-custom.md | |
ai-services | Concept Document Intelligence Studio | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-document-intelligence-studio.md | |
ai-services | Concept General Document | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-general-document.md | |
ai-services | Concept Health Insurance Card | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-health-insurance-card.md | |
ai-services | Concept Id Document | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-id-document.md | |
ai-services | Concept Invoice | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-invoice.md | |
ai-services | Concept Layout | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-layout.md | |
ai-services | Concept Model Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-model-overview.md | |
ai-services | Concept Query Fields | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-query-fields.md | |
ai-services | Concept Read | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-read.md | |
ai-services | Concept Receipt | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-receipt.md | |
ai-services | Concept Tax Document | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-tax-document.md | |
ai-services | Configuration | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/containers/configuration.md | |
ai-services | Disconnected | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/containers/disconnected.md | Title: Use Document Intelligence (formerly Form Recognizer) containers in disconnected environments description: Learn how to run Cognitive Services Docker containers disconnected from the internet.--+ |
ai-services | Image Tags | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/containers/image-tags.md | |
ai-services | Install Run | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/containers/install-run.md | |
ai-services | Create Document Intelligence Resource | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/create-document-intelligence-resource.md | |
ai-services | Create Sas Tokens | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/create-sas-tokens.md | description: How to create Shared Access Signature tokens (SAS) for containers a --+ Last updated 07/18/2023 monikerRange: '<=doc-intel-3.1.0' |
ai-services | Deploy Label Tool | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/deploy-label-tool.md | |
ai-services | Disaster Recovery | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/disaster-recovery.md | |
ai-services | Encrypt Data At Rest | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/encrypt-data-at-rest.md | |
ai-services | Build A Custom Classifier | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/how-to-guides/build-a-custom-classifier.md | |
ai-services | Build A Custom Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/how-to-guides/build-a-custom-model.md | |
ai-services | Compose Custom Models | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/how-to-guides/compose-custom-models.md | |
ai-services | Estimate Cost | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/how-to-guides/estimate-cost.md | |
ai-services | Project Share Custom Models | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/how-to-guides/project-share-custom-models.md | |
ai-services | Use Sdk Rest Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/how-to-guides/use-sdk-rest-api.md | |
ai-services | Label Tool | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/label-tool.md | |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/language-support.md | |
ai-services | Managed Identities Secured Access | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/managed-identities-secured-access.md | |
ai-services | Managed Identities | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/managed-identities.md | |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/overview.md | |
ai-services | Get Started Sdks Rest Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/quickstarts/get-started-sdks-rest-api.md | |
ai-services | Try Document Intelligence Studio | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/quickstarts/try-document-intelligence-studio.md | |
ai-services | Try Sample Label Tool | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/quickstarts/try-sample-label-tool.md | |
ai-services | Resource Customer Stories | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/resource-customer-stories.md | |
ai-services | Sdk Overview V3 0 | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/sdk-overview-v3-0.md | |
ai-services | Sdk Overview V3 1 | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/sdk-overview-v3-1.md | |
ai-services | Service Limits | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/service-limits.md | description: Quick reference, detailed description, and best practices for worki --+ Last updated 07/18/2023 |
ai-services | Studio Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/studio-overview.md | |
ai-services | Supervised Table Tags | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/supervised-table-tags.md | |
ai-services | Tutorial Azure Function | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/tutorial-azure-function.md | description: This guide shows you how to use an Azure function to trigger the pr --+ Last updated 07/18/2023 |
ai-services | Tutorial Logic Apps | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/tutorial-logic-apps.md | |
ai-services | V3 1 Migration Guide | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/v3-1-migration-guide.md | |
ai-services | V3 Error Guide | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/v3-error-guide.md | |
ai-services | Whats New | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/whats-new.md | |
ai-services | How To Cache Token | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to-cache-token.md | description: This article will show you how to cache the authentication token. --+ Last updated 01/14/2020 |
ai-services | How To Configure Read Aloud | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to-configure-read-aloud.md | description: This article will show you how to configure the various options for --+ Last updated 06/29/2020 |
ai-services | How To Configure Translation | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to-configure-translation.md | description: This article will show you how to configure the various options for --+ Last updated 01/06/2022 |
ai-services | How To Create Immersive Reader | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to-create-immersive-reader.md | description: This article shows you how to create a new Immersive Reader resourc --+ Last updated 03/31/2023 |
ai-services | How To Customize Launch Button | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to-customize-launch-button.md | |
ai-services | How To Launch Immersive Reader | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to-launch-immersive-reader.md | |
ai-services | How To Multiple Resources | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to-multiple-resources.md | description: In this tutorial, you'll create a Node.js application that launches --+ Last updated 01/14/2020 |
ai-services | How To Prepare Html | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to-prepare-html.md | |
ai-services | How To Store User Preferences | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to-store-user-preferences.md | description: This article will show you how to store the user's preferences. --+ Last updated 06/29/2020 |
ai-services | Display Math | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to/display-math.md | description: This article will show you how to display math in the Immersive Rea --+ Last updated 01/14/2020 |
ai-services | Set Cookie Policy | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to/set-cookie-policy.md | |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/language-support.md | description: Learn more about the human languages that are available with Immers --+ Last updated 11/15/2021 |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/overview.md | |
ai-services | Client Libraries | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/quickstarts/client-libraries.md | |
ai-services | Reference | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/reference.md | |
ai-services | Release Notes | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/release-notes.md | |
ai-services | Security How To Update Role Assignment | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/security-how-to-update-role-assignment.md | |
ai-services | Tutorial Ios Picture Immersive Reader | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/tutorial-ios-picture-immersive-reader.md | description: In this tutorial, you will build an iOS app from scratch and add th --+ Last updated 01/14/2020 |
ai-services | Configure Containers | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/configure-containers.md | |
ai-services | Multi Region Deployment | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/custom-features/multi-region-deployment.md | description: Learn about deploying your language projects to multiple regions. --+ Last updated 10/11/2022 |
ai-services | Project Versioning | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/custom-features/project-versioning.md | description: Learn how versioning works in conversational language understanding --+ Last updated 10/10/2022 |
ai-services | Data Limits | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/data-limits.md | description: Data and service limitations for Azure AI Language features. --+ Last updated 10/05/2022 |
ai-services | Developer Guide | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/developer-guide.md | description: Learn about how to integrate the Language service SDK and REST API --+ Last updated 02/14/2023 |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/language-support.md | description: This article explains which natural languages are supported by the --+ Last updated 03/09/2023 |
ai-services | Migrate Language Service Latest | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/migrate-language-service-latest.md | description: Learn how to move your Text Analytics applications to use the lates --+ Last updated 08/08/2022 |
ai-services | Migrate | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/migrate.md | |
ai-services | Model Lifecycle | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/model-lifecycle.md | description: This article describes the timelines for models and model versions --+ Last updated 11/29/2022 |
ai-services | Multilingual Emoji Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/multilingual-emoji-support.md | description: Learn about offsets caused by multilingual and emoji encodings in L --+ Last updated 11/02/2021 |
ai-services | Previous Updates | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/previous-updates.md | description: An archive of previous Azure AI Language updates. --+ Last updated 06/23/2022 |
ai-services | Regional Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/regional-support.md | description: Learn which Azure regions are supported by the Language service. --+ Last updated 08/23/2023 |
ai-services | Role Based Access Control | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/role-based-access-control.md | description: Learn how to use Azure RBAC for managing individual access to Azure --+ Last updated 10/31/2022 |
ai-services | Use Asynchronously | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/use-asynchronously.md | description: Learn how to send Language service API requests asynchronously. --+ Last updated 10/31/2022 |
ai-services | Best Practices | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/concepts/best-practices.md | description: Apply best practices when using conversational language understandi --+ Last updated 09/22/2023 |
ai-services | Data Formats | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/concepts/data-formats.md | description: Learn about the data formats accepted by conversational language un --+ Last updated 06/20/2023 |
ai-services | Entity Components | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/concepts/entity-components.md | description: Learn how Conversational Language Understanding extracts entities f --+ Last updated 10/11/2022 |
ai-services | Evaluation Metrics | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/concepts/evaluation-metrics.md | description: Learn about evaluation metrics in Conversational Language Understan --+ Last updated 05/13/2022 |
ai-services | Multiple Languages | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/concepts/multiple-languages.md | description: Learn about which how to make use of multilingual projects in conve --+ Last updated 01/10/2022 |
ai-services | None Intent | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/concepts/none-intent.md | description: Learn about the default None intent in conversational language unde --+ Last updated 05/13/2022 |
ai-services | Faq | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/faq.md | description: Use this article to quickly get the answers to FAQ about conversati --+ Last updated 09/29/2022 |
ai-services | Glossary | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/glossary.md | description: Learn about definitions used in conversational language understandi --+ Last updated 05/13/2022 |
ai-services | Build Schema | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/how-to/build-schema.md | description: Use this article to start building a Conversational Language Unders --+ Last updated 05/13/2022 |
ai-services | Call Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/how-to/call-api.md | description: Learn about sending prediction requests for conversational language --+ Last updated 06/28/2022 |
ai-services | Create Project | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/how-to/create-project.md | description: Use this article to learn how to create projects in Conversational --+ Last updated 09/29/2022 |
ai-services | Deploy Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/how-to/deploy-model.md | description: Use this article to learn how to deploy models for conversational l --+ Last updated 10/12/2022 |
ai-services | Fail Over | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/how-to/fail-over.md | description: Learn how to save and recover your conversational language understa --+ Last updated 05/16/2022 |
ai-services | Migrate From Luis | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/how-to/migrate-from-luis.md | description: Learn about backwards compatibility between LUIS and Conversational --+ Last updated 09/08/2022 |
ai-services | Tag Utterances | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/how-to/tag-utterances.md | description: Use this article to tag your utterances in Conversational Language --+ Last updated 08/25/2023 |
ai-services | Train Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/how-to/train-model.md | description: Use this article to train a model and view its evaluation details t --+ Last updated 08/25/2023 |
ai-services | View Model Evaluation | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/how-to/view-model-evaluation.md | |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/language-support.md | description: This article explains which natural languages are supported by the --+ Last updated 05/12/2022 |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/overview.md | description: Customize an AI model to predict the intentions of utterances, and --+ Last updated 10/26/2022 |
ai-services | Prebuilt Component Reference | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/prebuilt-component-reference.md | description: Learn about which entities can be detected automatically in Convers --+ Last updated 11/02/2021 |
ai-services | Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/quickstart.md | description: Quickly start building an AI model to extract information and predi --+ Last updated 03/14/2023 |
ai-services | Service Limits | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/service-limits.md | description: Learn about the data, region, and throughput limits for Conversatio --+ Last updated 08/23/2023 |
ai-services | Bot Framework | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/tutorials/bot-framework.md | |
ai-services | Data Formats | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/concepts/data-formats.md | description: Learn about the data formats accepted by custom NER. --+ Last updated 10/17/2022 |
ai-services | Evaluation Metrics | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/concepts/evaluation-metrics.md | description: Learn about evaluation metrics in Custom Named Entity Recognition ( --+ Last updated 08/08/2022 |
ai-services | Fail Over | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/fail-over.md | description: Learn how to save and recover your custom NER models. --+ Last updated 04/25/2022 |
ai-services | Faq | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/faq.md | description: Learn about Frequently asked questions when using custom Named Enti --+ Last updated 08/08/2022 |
ai-services | Glossary | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/glossary.md | description: Definitions and terms you may encounter when building AI models usi --+ Last updated 05/06/2022 |
ai-services | Call Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/how-to/call-api.md | |
ai-services | Create Project | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/how-to/create-project.md | description: Learn how to create and manage projects and Azure resources for cus --+ Last updated 06/03/2022 |
ai-services | Deploy Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/how-to/deploy-model.md | description: Learn how to deploy a model for custom NER. --+ Last updated 03/23/2023 |
ai-services | Design Schema | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/how-to/design-schema.md | description: Learn about how to select and prepare data, to be successful in cre --+ Last updated 05/09/2022 |
ai-services | Tag Data | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/how-to/tag-data.md | description: Learn how to label your data for use with Custom Named Entity Recog --+ Last updated 05/24/2022 |
ai-services | Train Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/how-to/train-model.md | description: Learn about how to train your model for Custom Named Entity Recogni --+ Last updated 05/06/2022 |
ai-services | Use Autolabeling | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/how-to/use-autolabeling.md | description: Learn how to use autolabeling in custom named entity recognition. --+ Last updated 03/20/2023 |
ai-services | Use Containers | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/how-to/use-containers.md | description: Learn how to use Docker containers for Custom Named Entity Recognit --+ Last updated 05/08/2023 |
ai-services | View Model Evaluation | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/how-to/view-model-evaluation.md | description: Learn how to evaluate and score your Custom Named Entity Recognitio --+ Last updated 02/28/2023 |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/language-support.md | description: Learn about the languages and regions supported by custom named ent --+ Last updated 05/06/2022 |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/overview.md | description: Customize an AI model to label and extract information from documen --+ Last updated 02/22/2023 |
ai-services | Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/quickstart.md | description: Quickly start building an AI model to categorize and extract inform --+ Last updated 01/25/2023 |
ai-services | Service Limits | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/service-limits.md | description: Learn about the data and service limits when using Custom Named Ent --+ Last updated 08/23/2023 |
ai-services | Data Formats | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/concepts/data-formats.md | description: Learn about the data formats accepted by custom text analytics for --+ Last updated 04/14/2023 |
ai-services | Entity Components | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/concepts/entity-components.md | description: Learn how custom Text Analytics for health extracts entities from t --+ Last updated 04/14/2023 |
ai-services | Evaluation Metrics | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/concepts/evaluation-metrics.md | description: Learn about evaluation metrics in custom Text Analytics for health --+ Last updated 04/14/2023 |
ai-services | Call Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/how-to/call-api.md | |
ai-services | Create Project | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/how-to/create-project.md | description: Learn about the steps for using Azure resources with custom text an --+ Last updated 04/14/2023 |
ai-services | Deploy Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/how-to/deploy-model.md | description: Learn about deploying a model for custom Text Analytics for health. --+ Last updated 04/14/2023 |
ai-services | Design Schema | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/how-to/design-schema.md | description: Learn about how to select and prepare data, to be successful in cre --+ Last updated 04/14/2023 |
ai-services | Fail Over | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/how-to/fail-over.md | description: Learn how to save and recover your custom Text Analytics for health --+ Last updated 04/14/2023 |
ai-services | Label Data | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/how-to/label-data.md | description: Learn how to label your data for use with custom Text Analytics for --+ Last updated 04/14/2023 |
ai-services | Train Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/how-to/train-model.md | description: Learn about how to train your model for custom Text Analytics for h --+ Last updated 04/14/2023 |
ai-services | View Model Evaluation | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/how-to/view-model-evaluation.md | description: Learn how to evaluate and score your Custom Text Analytics for heal --+ Last updated 04/14/2023 |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/language-support.md | description: Learn about the languages and regions supported by custom Text Anal --+ Last updated 04/14/2023 |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/overview.md | description: Customize an AI model to label and extract healthcare information f --+ Last updated 04/14/2023 |
ai-services | Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/quickstart.md | description: Quickly start building an AI model to categorize and extract inform --+ Last updated 04/14/2023 |
ai-services | Glossary | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/reference/glossary.md | description: Learn about definitions used in custom Text Analytics for health --+ Last updated 04/14/2023 |
ai-services | Service Limits | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/reference/service-limits.md | description: Learn about the data and service limits when using Custom Text Anal --+ Last updated 08/23/2023 |
ai-services | Data Formats | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/concepts/data-formats.md | description: Learn about the data formats accepted by custom text classification --+ Last updated 05/24/2022 |
ai-services | Evaluation Metrics | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/concepts/evaluation-metrics.md | description: Learn about evaluation metrics in custom text classification. --+ Last updated 08/08/2022 |
ai-services | Fail Over | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/fail-over.md | description: Learn how to save and recover your custom text classification model --+ Last updated 04/22/2022 |
ai-services | Faq | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/faq.md | description: Learn about Frequently asked questions when using the custom text c --+ Last updated 04/22/2022 |
ai-services | Glossary | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/glossary.md | description: Learn about definitions used in custom text classification. --+ Last updated 04/14/2022 |
ai-services | Call Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/how-to/call-api.md | |
ai-services | Create Project | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/how-to/create-project.md | description: Learn about the steps for using Azure resources with custom text cl --+ Last updated 06/03/2022 |
ai-services | Deploy Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/how-to/deploy-model.md | description: Learn how to deploy a model for custom text classification. --+ Last updated 03/23/2023 |
ai-services | Design Schema | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/how-to/design-schema.md | description: Learn about data selection, preparation, and creating a schema for --+ Last updated 05/05/2022 |
ai-services | Tag Data | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/how-to/tag-data.md | description: Learn about how to label your data for use with the custom text cla --+ Last updated 11/10/2022 |
ai-services | Train Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/how-to/train-model.md | description: Learn about how to train your model for custom text classification. --+ Last updated 08/08/2022 |
ai-services | Use Autolabeling | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/how-to/use-autolabeling.md | description: Learn how to use autolabeling in custom text classification. --+ Last updated 3/15/2023 |
ai-services | View Model Evaluation | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/how-to/view-model-evaluation.md | description: Learn how to view the evaluation scores for a custom text classific --+ Last updated 10/12/2022 |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/language-support.md | description: Learn about which languages are supported by custom text classifica --+ Last updated 05/06/2022 |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/overview.md | description: Customize an AI model to classify documents and other content using --+ Last updated 06/17/2022 |
ai-services | Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/quickstart.md | description: Quickly start building an AI model to identify and apply labels (cl --+ Last updated 01/25/2023 |
ai-services | Service Limits | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/service-limits.md | |
ai-services | Triage Email | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/tutorials/triage-email.md | description: Learn how to use custom text classification to categorize and triag --+ Last updated 01/27/2023 |
ai-services | Azure Machine Learning Labeling | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom/azure-machine-learning-labeling.md | |
ai-services | Call Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/entity-linking/how-to/call-api.md | description: Learn how to identify and link entities found in text with the enti --+ Last updated 11/02/2021 |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/entity-linking/language-support.md | description: A list of natural languages supported by the entity linking API --+ Last updated 11/02/2021 |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/entity-linking/overview.md | description: An overview of entity linking in Azure AI services, which helps you --+ Last updated 01/10/2023 |
ai-services | Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/entity-linking/quickstart.md | description: 'Use this quickstart to perform Entity Linking, using C#, Python, J --+ Last updated 02/17/2023 |
ai-services | Call Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/key-phrase-extraction/how-to/call-api.md | description: How to extract key phrases by using the Key Phrase Extraction API. --+ Last updated 01/10/2023 |
ai-services | Use Containers | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/key-phrase-extraction/how-to/use-containers.md | description: Learn how to use Docker containers for Key Phrase Extraction on-pre --+ Last updated 04/11/2023 |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/key-phrase-extraction/language-support.md | description: Use this article to find the natural languages supported by Key Phr --+ Last updated 09/18/2023 |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/key-phrase-extraction/overview.md | description: An overview of key phrase extraction in Azure AI services, which he --+ Last updated 01/10/2023 |
ai-services | Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/key-phrase-extraction/quickstart.md | description: Use this quickstart to start using the Key Phrase Extraction API. --+ Last updated 02/17/2023 |
ai-services | Integrate Power Bi | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/key-phrase-extraction/tutorials/integrate-power-bi.md | description: Learn how to use the key phrase extraction feature to get text stor --+ Last updated 09/28/2022 |
ai-services | Call Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/language-detection/how-to/call-api.md | description: This article will show you how to detect the language of written te --+ Last updated 03/01/2022 |
ai-services | Use Containers | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/language-detection/how-to/use-containers.md | description: Use Docker containers for the Language Detection API to determine t --+ Last updated 04/11/2023 |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/language-detection/language-support.md | description: This article explains which natural languages are supported by the --+ Last updated 11/02/2021 |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/language-detection/overview.md | description: An overview of language detection in Azure AI services, which helps --+ Last updated 07/27/2022 |
ai-services | Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/language-detection/quickstart.md | description: Use this quickstart to start using Language Detection. --+ Last updated 02/17/2023 |
ai-services | Language Studio | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/language-studio.md | description: Use this article to learn about Language Studio, and testing featur --+ Last updated 01/03/2023 |
ai-services | Entity Metadata | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/named-entity-recognition/concepts/entity-metadata.md | description: Learn about entity metadata in the NER feature. --+ Last updated 06/13/2023 |
ai-services | Entity Resolutions | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/named-entity-recognition/concepts/entity-resolutions.md | description: Learn about entity resolutions in the NER feature. --+ Last updated 10/12/2022 |
ai-services | Ga Preview Mapping | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/named-entity-recognition/concepts/ga-preview-mapping.md | description: Learn about the NER preview API. --+ Last updated 06/14/2023 |
ai-services | Named Entity Categories | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/named-entity-recognition/concepts/named-entity-categories.md | description: Learn about the entities the NER feature can recognize from unstruc --+ Last updated 11/02/2021 |
ai-services | How To Call | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/named-entity-recognition/how-to-call.md | description: This article will show you how to extract named entities from text. --+ Last updated 01/10/2023 |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/named-entity-recognition/language-support.md | description: This article explains which natural languages are supported by the --+ Last updated 06/27/2022 |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/named-entity-recognition/overview.md | description: An overview of the Named Entity Recognition feature in Azure AI ser --+ Last updated 06/15/2022 |
ai-services | Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/named-entity-recognition/quickstart.md | description: Use this quickstart to start using the Named Entity Recognition (NE --+ Last updated 02/17/2023 |
ai-services | Extract Excel Information | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/named-entity-recognition/tutorials/extract-excel-information.md | description: Learn how to Extract Excel text without having to write code, using --+ Last updated 11/21/2022 |
ai-services | Data Formats | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/concepts/data-formats.md | description: Learn about the data formats accepted by orchestration workflow. --+ Last updated 05/19/2022 |
ai-services | Evaluation Metrics | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/concepts/evaluation-metrics.md | description: Learn about evaluation metrics in orchestration workflow --+ Last updated 05/19/2022 |
ai-services | Fail Over | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/concepts/fail-over.md | description: Learn how to save and recover your orchestration workflow models. --+ Last updated 05/19/2022 |
ai-services | None Intent | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/concepts/none-intent.md | description: Learn about the default None intent in orchestration workflow. --+ Last updated 06/03/2022 |
ai-services | Faq | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/faq.md | description: Use this article to quickly get the answers to FAQ about orchestrat --+ Last updated 06/21/2022 |
ai-services | Glossary | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/glossary.md | description: Learn about definitions used in orchestration workflow. --+ Last updated 05/19/2022 |
ai-services | Build Schema | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/how-to/build-schema.md | |
ai-services | Call Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/how-to/call-api.md | description: Learn about sending requests for orchestration workflow. --+ Last updated 06/28/2022 |
ai-services | Create Project | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/how-to/create-project.md | description: Use this article to learn how to create projects in orchestration w --+ Last updated 03/23/2023 |
ai-services | Deploy Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/how-to/deploy-model.md | description: Learn about deploying orchestration workflow projects. --+ Last updated 10/12/2022 |
ai-services | Tag Utterances | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/how-to/tag-utterances.md | description: Use this article to tag utterances --+ Last updated 05/20/2022 |
ai-services | Train Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/how-to/train-model.md | |
ai-services | View Model Evaluation | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/how-to/view-model-evaluation.md | |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/language-support.md | description: Learn about the languages supported by orchestration workflow. --+ Last updated 05/17/2022 |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/overview.md | description: Customize an AI model to connect your Conversational Language Under --+ Last updated 08/10/2022 |
ai-services | Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/quickstart.md | description: Quickly start creating an AI model to connect your Conversational L --+ Last updated 02/28/2023 |
ai-services | Service Limits | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/service-limits.md | description: Learn about the data, region, and throughput limits for Orchestrati --+ Last updated 08/23/2023 |
ai-services | Connect Services | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/tutorials/connect-services.md | |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/overview.md | description: Learn how to integrate AI into your applications that can extract i --+ Last updated 07/19/2023 |
ai-services | Conversations Entity Categories | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/personally-identifiable-information/concepts/conversations-entity-categories.md | description: Learn about the entities the Conversational PII feature (preview) c --+ Last updated 05/15/2022 |
ai-services | Entity Categories | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/personally-identifiable-information/concepts/entity-categories.md | description: Learn about the entities the PII feature can recognize from unstruc --+ Last updated 11/15/2021 |
ai-services | How To Call For Conversations | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/personally-identifiable-information/how-to-call-for-conversations.md | description: This article will show you how to extract PII from chat and spoken --+ Last updated 01/31/2023 |
ai-services | How To Call | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/personally-identifiable-information/how-to-call.md | description: This article will show you how to extract PII and health informatio --+ Last updated 07/27/2022 |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/personally-identifiable-information/language-support.md | description: This article explains which natural languages are supported by the --+ Last updated 08/02/2022 |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/personally-identifiable-information/overview.md | description: An overview of the PII detection feature in Azure AI services, whic --+ Last updated 01/10/2023 |
ai-services | Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/personally-identifiable-information/quickstart.md | description: Use this quickstart to start using the PII detection API. --+ Last updated 02/17/2023 |
ai-services | Azure Resources | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/concepts/azure-resources.md | Title: Azure resources - question answering description: Question answering uses several Azure sources, each with a different purpose. Understanding how they are used individually allows you to plan for and select the correct pricing tier or know when to change your pricing tier. Understanding how they are used in combination allows you to find and fix problems when they occur.--+ |
ai-services | Best Practices | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/concepts/best-practices.md | Title: Best practices - question answering description: Use these best practices to improve your project and provide better results to your application/chat bot's end users.--+ |
ai-services | Confidence Score | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/concepts/confidence-score.md | |
ai-services | Limits | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/concepts/limits.md | Title: Limits and boundaries - question answering description: Question answering has meta-limits for parts of the knowledge base and service. It is important to keep your knowledge base within those limits in order to test and publish.--+ |
ai-services | Plan | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/concepts/plan.md | Title: Plan your app - question answering description: Learn how to plan your question answering app. Understand how question answering works and interacts with other Azure services and some project concepts.--+ |
ai-services | Precise Answering | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/concepts/precise-answering.md | Title: Precise answering using answer span detection - question answering description: Understand Precise answering feature available in question answering.--+ |
ai-services | Project Development Lifecycle | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/concepts/project-development-lifecycle.md | Title: Project lifecycle - question answering description: Question answering learns best in an iterative cycle of model changes, utterance examples, deployment, and gathering data from endpoint queries.--+ |
ai-services | Analytics | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/analytics.md | |
ai-services | Authoring | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/authoring.md | Title: Authoring API - question answering description: Use the question answering Authoring API to automate common tasks like adding new question answer pairs, and creating, and publishing projects. --+ |
ai-services | Azure Openai Integration | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/azure-openai-integration.md | Title: Connect Custom Question Answering with Azure OpenAI on your data description: Learn how to use Custom Question Answering with Azure OpenAI.--+ |
ai-services | Change Default Answer | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/change-default-answer.md | Title: Get default answer - custom question answering description: The default answer is returned when there is no match to the question. You may want to change the default answer from the standard default answer in custom question answering.--+ Last updated 11/02/2021 |
ai-services | Chit Chat | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/chit-chat.md | |
ai-services | Configure Resources | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/configure-resources.md | Title: Configure Question Answering service description: This document outlines advanced configurations for custom question answering enabled resources.--+ |
ai-services | Create Test Deploy | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/create-test-deploy.md | Title: Create, test, and deploy your question answering project description: You can create a question answering project from your own content, such as FAQs or product manuals. This article includes an example of creating a question answering project from a simple FAQ webpage, to answer questions.--+ |
ai-services | Encrypt Data At Rest | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/encrypt-data-at-rest.md | |
ai-services | Manage Knowledge Base | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/manage-knowledge-base.md | Title: Manage projects - question answering description: Custom question answering allows you to manage projects by providing access to the project settings and content.--+ |
ai-services | Migrate Knowledge Base | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/migrate-knowledge-base.md | Title: Move projects - custom question answering description: Moving a custom question answering project requires exporting a project from one resource, and then importing into another.--+ |
ai-services | Migrate Qnamaker To Question Answering | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/migrate-qnamaker-to-question-answering.md | Title: Migrate from QnA Maker to Question Answering description: Details on features, requirements, and examples for migrating from QnA Maker to Question Answering--+ ms. |
ai-services | Migrate Qnamaker | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/migrate-qnamaker.md | Title: Migrate QnA Maker knowledge bases to custom question answering description: Migrate your legacy QnAMaker knowledge bases to custom question answering to take advantage of the latest features.--+ |
ai-services | Network Isolation | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/network-isolation.md | Title: Network isolation and Private Link -question answering description: Users can restrict public access to question answering resources.--+ |
ai-services | Prebuilt | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/prebuilt.md | Title: Prebuilt API - question answering description: Use the question answering Prebuilt API to ask and receive answers to questions without having to create a project. --+ |
ai-services | Smart Url Refresh | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/smart-url-refresh.md | Title: Smart URL refresh - question answering description: Use the question answering smart URL refresh feature to keep your project up to date.--+ |
ai-services | Troubleshooting | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/troubleshooting.md | Title: Troubleshooting - question answering description: The curated list of the most frequently asked questions regarding question answering will help you adopt the feature faster and with better results.--+ |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/language-support.md | |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/overview.md | Title: What is question answering? description: Question answering is a cloud-based Natural Language Processing (NLP) service that easily creates a natural conversational layer over your data. It can be used to find the most appropriate answer for any given natural language input, from your custom project.--+ recommendations: false |
ai-services | Sdk | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/quickstart/sdk.md | Title: "Quickstart: Use SDK to create and manage project - custom question answering" description: This quickstart shows you how to create and manage your project using custom question answering.--+ Last updated 06/06/2022 |
ai-services | Document Format Guidelines | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/reference/document-format-guidelines.md | Title: Import document format guidelines - question answering description: Use these guidelines for importing documents to get the best results for your content with question answering.--+ |
ai-services | Markdown Format | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/reference/markdown-format.md | Title: Markdown format - question answering description: Following is the list of markdown formats that you can use your answer text.--+ |
ai-services | Active Learning | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/tutorials/active-learning.md | Title: Enrich your project with active learning description: In this tutorial, learn how to enrich your question answering projects with active learning--+ |
ai-services | Adding Synonyms | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/tutorials/adding-synonyms.md | Title: Improve the quality of responses with synonyms description: In this tutorial, learn how to improve response with synonyms and alternate words--+ |
ai-services | Bot Service | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/tutorials/bot-service.md | Title: "Tutorial: Create an FAQ bot with question answering and Azure AI Bot Service" description: In this tutorial, create a no code FAQ Bot with question answering and Azure AI Bot Service.--+ |
ai-services | Guided Conversations | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/tutorials/guided-conversations.md | Title: Add guided conversations with multi-turn prompts description: In this tutorial, learn how to make guided conversations with multi-turn prompts.--+ |
ai-services | Multiple Domains | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/tutorials/multiple-domains.md | Title: "Tutorial: Create a FAQ bot for multiple categories with Azure AI Bot Service" description: In this tutorial, create a no code FAQ Bot for production use cases with question answering and Azure AI Bot Service.--+ |
ai-services | Multiple Languages | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/tutorials/multiple-languages.md | Title: Create projects in multiple languages -question answering description: In this tutorial, you will learn how to create projects with multiple languages.--+ |
ai-services | Power Virtual Agents | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/tutorials/power-virtual-agents.md | Title: "Tutorial: Add your Question Answering project to Power Virtual Agents" description: In this tutorial, you will learn how to add your Question Answering project to Power Virtual Agents.--+ |
ai-services | Data Formats | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/custom/concepts/data-formats.md | description: Learn about the data formats accepted by custom sentiment analysis. --+ Last updated 07/19/2023 |
ai-services | Call Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/custom/how-to/call-api.md | |
ai-services | Create Project | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/custom/how-to/create-project.md | description: Learn about the steps for using Azure resources with Custom sentime --+ Last updated 07/19/2023 |
ai-services | Deploy Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/custom/how-to/deploy-model.md | description: Learn about deploying a model for Custom sentiment analysis. --+ Last updated 07/19/2023 |
ai-services | Design Schema | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/custom/how-to/design-schema.md | description: Learn about data selection and preparation for custom sentient anal --+ Last updated 07/19/2023 |
ai-services | Label Data | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/custom/how-to/label-data.md | description: Learn about how to label your data for use with the custom Sentimen --+ Last updated 07/19/2023 |
ai-services | Train Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/custom/how-to/train-model.md | description: Learn about how to train your model for Custom sentiment analysis. --+ Last updated 07/19/2023 |
ai-services | Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/custom/quickstart.md | description: Quickly start building an AI model to identify the sentiment of tex --+ Last updated 07/19/2023 |
ai-services | Call Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/how-to/call-api.md | description: This article will show you how to detect sentiment, and mine for op --+ Last updated 07/19/2023 |
ai-services | Use Containers | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/how-to/use-containers.md | description: Use the Docker containers for the Sentiment Analysis API to perform --+ Last updated 09/18/2023 |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/language-support.md | description: This article explains which languages are supported by the Sentimen --+ Last updated 09/18/2023 |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/overview.md | description: An overview of the sentiment analysis feature in Azure AI services, --+ Last updated 07/19/2023 |
ai-services | Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/quickstart.md | description: Use this quickstart to start using the Sentiment Analysis API. --+ Last updated 07/19/2023 |
ai-services | Data Formats | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/summarization/custom/how-to/data-formats.md | description: Learn about how to select and prepare data, to be successful in cre --+ Last updated 06/01/2022 |
ai-services | Deploy Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/summarization/custom/how-to/deploy-model.md | description: Learn about deploying a model for Custom summarization. --+ Last updated 06/02/2023 |
ai-services | Test Evaluate | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/summarization/custom/how-to/test-evaluate.md | description: Learn about how to test and evaluate custom summarization models. --+ Last updated 06/01/2022 |
ai-services | Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/summarization/custom/quickstart.md | description: Quickly start building an AI model to summarize text. --+ Last updated 05/26/2023 |
ai-services | Conversation Summarization | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/summarization/how-to/conversation-summarization.md | description: This article will show you how to summarize chat logs with the conv --+ Last updated 01/31/2023 |
ai-services | Document Summarization | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/summarization/how-to/document-summarization.md | description: This article will show you how to summarize text with the extractiv --+ Last updated 09/26/2022 |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/summarization/language-support.md | description: Learn about which languages are supported by document summarization --+ Last updated 09/28/2022 |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/summarization/overview.md | description: Learn about summarizing text. --+ Last updated 01/12/2023 |
ai-services | Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/summarization/quickstart.md | description: Use this quickstart to start using Document Summarization. --+ Last updated 02/17/2023 |
ai-services | Region Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/summarization/region-support.md | description: Learn about which regions are supported by document summarization. --+ Last updated 06/11/2023 |
ai-services | Assertion Detection | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/text-analytics-for-health/concepts/assertion-detection.md | description: Learn about assertion detection. --+ Last updated 01/04/2023 |
ai-services | Health Entity Categories | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/text-analytics-for-health/concepts/health-entity-categories.md | description: Learn about categories recognized by Text Analytics for health --+ Last updated 01/04/2023 |
ai-services | Relation Extraction | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/text-analytics-for-health/concepts/relation-extraction.md | description: Learn about relation extraction --+ Last updated 01/04/2023 |
ai-services | Call Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/text-analytics-for-health/how-to/call-api.md | description: Learn how to extract and label medical information from unstructure --+ Last updated 01/04/2023 |
ai-services | Configure Containers | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/text-analytics-for-health/how-to/configure-containers.md | description: Text Analytics for health containers uses a common configuration fr --+ Last updated 11/02/2021 |
ai-services | Use Containers | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/text-analytics-for-health/how-to/use-containers.md | description: Learn how to extract and label medical information on premises usin --+ Last updated 01/18/2023 |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/text-analytics-for-health/language-support.md | description: "This article explains which natural languages are supported by the --+ Last updated 01/04/2023 |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/text-analytics-for-health/overview.md | description: An overview of Text Analytics for health in Azure AI services, whic --+ Last updated 01/06/2023 |
ai-services | Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/text-analytics-for-health/quickstart.md | description: Use this quickstart to start using Text Analytics for health. --+ Last updated 02/17/2023 |
ai-services | Power Automate | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/tutorials/power-automate.md | description: Learn how to use Azure AI Language in power automate, without writi --+ Last updated 03/02/2023 |
ai-services | Use Kubernetes Service | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/tutorials/use-kubernetes-service.md | description: Deploy a key phrase extraction container image to Azure Kubernetes --+ Last updated 05/27/2022 |
ai-services | Whats New | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/whats-new.md | description: Find out about new releases and features for the Azure AI Language. --+ Last updated 04/14/2023 |
ai-services | Cost Management | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/cost-management.md | |
ai-services | Data Feeds From Different Sources | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/data-feeds-from-different-sources.md | |
ai-services | Encryption | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/encryption.md | |
ai-services | Glossary | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/glossary.md | |
ai-services | Alerts | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/how-tos/alerts.md | |
ai-services | Anomaly Feedback | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/how-tos/anomaly-feedback.md | |
ai-services | Configure Metrics | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/how-tos/configure-metrics.md | |
ai-services | Credential Entity | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/how-tos/credential-entity.md | |
ai-services | Diagnose An Incident | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/how-tos/diagnose-an-incident.md | |
ai-services | Further Analysis | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/how-tos/further-analysis.md | |
ai-services | Manage Data Feeds | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/how-tos/manage-data-feeds.md | |
ai-services | Metrics Graph | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/how-tos/metrics-graph.md | |
ai-services | Onboard Your Data | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/how-tos/onboard-your-data.md | |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/overview.md | |
ai-services | Rest Api And Client Library | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/quickstarts/rest-api-and-client-library.md | |
ai-services | Web Portal | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/quickstarts/web-portal.md | |
ai-services | Enable Anomaly Notification | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/tutorials/enable-anomaly-notification.md | Title: Metrics Advisor anomaly notification e-mails with Azure Logic Apps description: Learn how to automate sending e-mail alerts in response to Metric Advisor anomalies --+ Last updated 05/20/2021 |
ai-services | Write A Valid Query | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/tutorials/write-a-valid-query.md | Title: Write a query for Metrics Advisor data ingestion description: Learn how to onboard your data to Metrics Advisor. --+ Last updated 05/20/2021 |
ai-services | Whats New | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/whats-new.md | |
ai-services | Chatgpt Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/chatgpt-quickstart.md | |
ai-services | Abuse Monitoring | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/concepts/abuse-monitoring.md | |
ai-services | Advanced Prompt Engineering | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/concepts/advanced-prompt-engineering.md | |
ai-services | Content Filter | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/concepts/content-filter.md | keywords: > [!IMPORTANT] > The content filtering system isn't applied to prompts and completions processed by the Whisper model in Azure OpenAI Service. Learn more about the [Whisper model in Azure OpenAI](models.md#whisper-preview). -Azure OpenAI Service includes a content filtering system that works alongside core models. This system works by running both the prompt and completion through an ensemble of classification models aimed at detecting and preventing the output of harmful content. The content filtering system detects and takes action on specific categories of potentially harmful content in both input prompts and output completions. Variations in API configurations and application design may affect completions and thus filtering behavior. The content filtering system supports the following languages: Chinese, English, French, German, Italian, Japanese, Portuguese, and Spanish. It might not be able to detect inappropriate content in languages that it hasn't been trained or tested to process. +Azure OpenAI Service includes a content filtering system that works alongside core models. This system works by running both the prompt and completion through an ensemble of classification models aimed at detecting and preventing the output of harmful content. The content filtering system detects and takes action on specific categories of potentially harmful content in both input prompts and output completions. Variations in API configurations and application design may affect completions and thus filtering behavior. ++The content filtering models have been specifically trained and tested on the following languages: English, German, Japanese, Spanish, French, Italian, Portuguese, and Chinese. However, the service can work in many other languages, but the quality may vary. In all cases, you should do your own testing to ensure that it works for your application. In addition to the content filtering system, the Azure OpenAI Service performs monitoring to detect content and/or behaviors that suggest use of the service in a manner that may violate applicable product terms. For more information about understanding and mitigating risks associated with your application, see the [Transparency Note for Azure OpenAI](/legal/cognitive-services/openai/transparency-note?tabs=text). For more information about how data is processed in connection with content filtering and abuse monitoring, see [Data, privacy, and security for Azure OpenAI Service](/legal/cognitive-services/openai/data-privacy?context=/azure/ai-services/openai/context/context#preventing-abuse-and-harmful-content-generation). |
ai-services | Legacy Models | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/concepts/legacy-models.md | Title: Azure OpenAI Service legacy models description: Learn about the legacy models in Azure OpenAI. --+ Last updated 07/06/2023 |
ai-services | Models | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/concepts/models.md | Title: Azure OpenAI Service models description: Learn about the different model capabilities that are available with Azure OpenAI. --+ Last updated 09/15/2023 |
ai-services | Prompt Engineering | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/concepts/prompt-engineering.md | Title: Azure OpenAI Service | Introduction to Prompt engineering description: Learn how to use prompt engineering to optimize your work with Azure OpenAI Service.--+ Last updated 03/21/2023 |
ai-services | Red Teaming | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/concepts/red-teaming.md | Title: Introduction to red teaming large language models (LLMs) description: Learn about how red teaming and adversarial testing is an essential practice in the responsible development of systems and features using large language models (LLMs)--+ Last updated 05/18/2023 |
ai-services | System Message | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/concepts/system-message.md | Title: System message framework and template recommendations for Large Language Models(LLMs) description: Learn about how to construct system messages also know as metaprompts to guide an AI system's behavior.--+ Last updated 05/19/2023 |
ai-services | Understand Embeddings | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/concepts/understand-embeddings.md | |
ai-services | Use Your Data | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/concepts/use-your-data.md | |
ai-services | Dall E Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/dall-e-quickstart.md | |
ai-services | Encrypt Data At Rest | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/encrypt-data-at-rest.md | description: Learn how Azure OpenAI encrypts your data when it's persisted to th --+ Last updated 11/14/2022 |
ai-services | Business Continuity Disaster Recovery | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/business-continuity-disaster-recovery.md | |
ai-services | Chatgpt | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/chatgpt.md | |
ai-services | Completions | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/completions.md | |
ai-services | Content Filters | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/content-filters.md | |
ai-services | Create Resource | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/create-resource.md | |
ai-services | Embeddings | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/embeddings.md | |
ai-services | Fine Tuning | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/fine-tuning.md | |
ai-services | Function Calling | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/function-calling.md | |
ai-services | Integrate Synapseml | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/integrate-synapseml.md | |
ai-services | Manage Costs | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/manage-costs.md | description: Learn how to plan for and manage costs for Azure OpenAI by using co --+ Last updated 08/22/2023 |
ai-services | Managed Identity | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/managed-identity.md | Title: How to configure Azure OpenAI Service with managed identities description: Provides guidance on how to set managed identity with Azure Active Directory--+ Last updated 06/24/2022 |
ai-services | Monitoring | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/monitoring.md | Title: Monitoring Azure OpenAI Service description: Learn how to use Azure Monitor tools like Log Analytics to capture and analyze metrics and data logs for your Azure OpenAI Service resources. --+ Last updated 09/07/2023 |
ai-services | Prepare Dataset | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/prepare-dataset.md | |
ai-services | Quota | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/quota.md | description: Learn how to use Azure OpenAI to control your deployments rate limi --+ Last updated 08/01/2023 |
ai-services | Role Based Access Control | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/role-based-access-control.md | description: Learn how to use Azure RBAC for managing individual access to Azure --+ Last updated 08/30/2022 |
ai-services | Switching Endpoints | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/switching-endpoints.md | |
ai-services | Work With Code | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/work-with-code.md | |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/overview.md | description: Apply advanced language models to variety of use cases with Azure O --+ Last updated 09/15/2023 |
ai-services | Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/quickstart.md | |
ai-services | Quotas Limits | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/quotas-limits.md | description: Quick reference, detailed description, and best practices on the qu --+ Last updated 06/08/2023 |
ai-services | Reference | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/reference.md | |
ai-services | Embeddings | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/tutorials/embeddings.md | |
ai-services | Use Your Data Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/use-your-data-quickstart.md | |
ai-services | Whats New | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/whats-new.md | description: Learn about the latest news and features updates for Azure OpenAI --+ Last updated 09/20/2023 recommendations: false |
ai-services | Concept Active Inactive Events | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concept-active-inactive-events.md | description: This article discusses the use of active and inactive events within ms.--+ Last updated 02/20/2020 |
ai-services | Concept Active Learning | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concept-active-learning.md | description: Learning settings determine the *hyperparameters* of the model trai ms.--+ Last updated 02/20/2020 |
ai-services | Concept Apprentice Mode | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concept-apprentice-mode.md | description: Learn how to use apprentice mode to gain confidence in a model with ms.--+ Last updated 07/26/2022 |
ai-services | Concept Auto Optimization | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concept-auto-optimization.md | description: This article provides a conceptual overview of the auto-optimize fe ms.--+ Last updated 03/08/2021 |
ai-services | Concept Multi Slot Personalization | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concept-multi-slot-personalization.md | |
ai-services | Concept Rewards | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concept-rewards.md | description: The reward score indicates how well the personalization choice, Rew ms.--+ Last updated 02/20/2020 |
ai-services | Concepts Exploration | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concepts-exploration.md | description: With exploration, Personalizer is able to continuously deliver good ms.--+ Last updated 08/28/2022 |
ai-services | Concepts Features | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concepts-features.md | description: Personalizer uses features, information about actions and context, ms.--+ Last updated 12/28/2022 |
ai-services | Concepts Offline Evaluation | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concepts-offline-evaluation.md | description: This article will explain how to use offline evaluation to measure ms.--+ Last updated 02/20/2020 |
ai-services | Concepts Reinforcement Learning | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concepts-reinforcement-learning.md | description: Personalizer uses information about actions and current context to ms.--+ Last updated 05/07/2019 |
ai-services | Concepts Scalability Performance | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concepts-scalability-performance.md | description: "High-performance and high-traffic websites and applications have t ms.--+ Last updated 10/24/2019 |
ai-services | Encrypt Data At Rest | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/encrypt-data-at-rest.md | |
ai-services | How Personalizer Works | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/how-personalizer-works.md | description: The Personalizer _loop_ uses machine learning to build the model th ms.--+ Last updated 02/18/2020 |
ai-services | How To Create Resource | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/how-to-create-resource.md | description: In this article, learn how to create a personalizer resource in the ms.--+ Last updated 03/26/2020 |
ai-services | How To Feature Evaluation | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/how-to-feature-evaluation.md | description: When you run a Feature Evaluation in your Personalizer resource fro ms.--+ Last updated 09/22/2022 |
ai-services | How To Inference Explainability | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/how-to-inference-explainability.md | description: Personalizer can return feature scores in each Rank call to provide ms.--+ Last updated 09/20/2022 |
ai-services | How To Learning Behavior | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/how-to-learning-behavior.md | description: Apprentice mode gives you confidence in the Personalizer service an ms.--+ Last updated 07/26/2022 |
ai-services | How To Manage Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/how-to-manage-model.md | description: The machine-learned model and learning settings can be exported for ms.--+ Last updated 02/20/2020 |
ai-services | How To Multi Slot | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/how-to-multi-slot.md | |
ai-services | How To Offline Evaluation | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/how-to-offline-evaluation.md | description: This article will show you how to use offline evaluation to measure ms.--+ Last updated 02/20/2020 |
ai-services | How To Settings | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/how-to-settings.md | description: Service configuration includes how the service treats rewards, how ms.--+ Last updated 04/29/2020 |
ai-services | How To Thick Client | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/how-to-thick-client.md | |
ai-services | Quickstart Personalizer Sdk | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/quickstart-personalizer-sdk.md | description: This quickstart shows you how to create and manage a Personalizer l ms.--+ Last updated 02/02/2023 ms.devlang: csharp, javascript, python |
ai-services | Responsible Characteristics And Limitations | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/responsible-characteristics-and-limitations.md | description: Characteristics and limitations of Personalizer --+ Last updated 05/23/2022 |
ai-services | Responsible Data And Privacy | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/responsible-data-and-privacy.md | description: Data and privacy for Personalizer --+ Last updated 05/23/2022 |
ai-services | Responsible Guidance Integration | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/responsible-guidance-integration.md | description: Guidance for integration and responsible use of Personalizer --+ Last updated 05/23/2022 |
ai-services | Responsible Use Cases | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/responsible-use-cases.md | description: Transparency Note for Personalizer --+ Last updated 05/23/2022 |
ai-services | Terminology | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/terminology.md | description: Personalizer uses terminology from reinforcement learning. These te ms.--+ Last updated 09/16/2022 |
ai-services | Tutorial Use Azure Notebook Generate Loop Data | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/tutorial-use-azure-notebook-generate-loop-data.md | description: This tutorial simulates a Personalizer loop _system in an Azure Not ms.--+ Last updated 04/27/2020 |
ai-services | Tutorial Use Personalizer Chat Bot | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/tutorial-use-personalizer-chat-bot.md | description: Customize a C# .NET chat bot with a Personalizer loop to provide th ms.--+ Last updated 05/17/2021 ms.devlang: csharp |
ai-services | Tutorial Use Personalizer Web App | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/tutorial-use-personalizer-web-app.md | description: Customize a C# .NET web app with a Personalizer loop to provide the ms.--+ Last updated 06/10/2020 ms.devlang: csharp |
ai-services | What Is Personalizer | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/what-is-personalizer.md | description: Personalizer is a cloud-based service that allows you to choose the ms.--+ Last updated 11/17/2022 |
ai-services | Whats New | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/whats-new.md | description: This article contains news about Personalizer. ms.--+ Last updated 05/28/2021 |
ai-services | Where Can You Use Personalizer | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/where-can-you-use-personalizer.md | description: Personalizer can be applied in any situation where your application ms.--+ Last updated 02/18/2020 |
ai-services | Migrate To Openai | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/qnamaker/How-To/migrate-to-openai.md | Title: Migrate QnA Maker to Azure OpenAI on your data description: Learn how to migrate your QnA Maker projects to Azure OpenAI.--+ |
ai-services | Audio Processing Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/audio-processing-overview.md | description: An overview of audio processing and capabilities of the Microsoft A --+ Last updated 09/07/2022 |
ai-services | Audio Processing Speech Sdk | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/audio-processing-speech-sdk.md | description: An overview of the features, capabilities, and restrictions for aud --+ Last updated 09/16/2022 |
ai-services | Bring Your Own Storage Speech Resource Speech To Text | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/bring-your-own-storage-speech-resource-speech-to-text.md | description: Learn how to use Bring your own storage (BYOS) Speech resource with --+ Last updated 03/28/2023 |
ai-services | Bring Your Own Storage Speech Resource | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/bring-your-own-storage-speech-resource.md | description: Learn how to set up Bring your own storage (BYOS) Speech resource. --+ Last updated 03/28/2023 |
ai-services | How To Get Speech Session Id | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/how-to-get-speech-session-id.md | description: Learn how to get Speech service Speech to text Session ID and Trans --+ Last updated 11/29/2022 |
ai-services | Keyword Recognition Guidelines | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/keyword-recognition-guidelines.md | description: An overview of recommendations and guidelines when using keyword re --+ Last updated 04/30/2021 |
ai-services | Keyword Recognition Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/keyword-recognition-overview.md | description: An overview of the features, capabilities, and restrictions for key --+ Last updated 04/30/2021 |
ai-services | Logging Audio Transcription | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/logging-audio-transcription.md | description: Learn how to use audio and transcription logging for speech to text --+ Last updated 03/28/2023 |
ai-services | Sovereign Clouds | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/sovereign-clouds.md | description: Learn how to use Sovereign Clouds --+ Last updated 05/10/2022 |
ai-services | Speech Service Vnet Service Endpoint | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/speech-service-vnet-service-endpoint.md | description: This article describes how to use Speech service with an Azure Virt --+ Last updated 03/19/2021 |
ai-services | Speech Services Private Link | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/speech-services-private-link.md | description: Learn how to use Speech service with private endpoints provided by --+ Last updated 04/07/2021 |
ai-services | Speech Services Quotas And Limits | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/speech-services-quotas-and-limits.md | description: Quick reference, detailed description, and best practices on the qu --+ Last updated 02/17/2023 |
ai-services | Document Translation Flow | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/connector/document-translation-flow.md | |
ai-services | Text Translator Flow | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/connector/text-translator-flow.md | |
ai-services | Deploy User Managed Glossary | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/containers/deploy-user-managed-glossary.md | description: How to deploy a user-managed glossary in the Translator container e --+ Last updated 08/15/2023 |
ai-services | Translator Container Configuration | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/containers/translator-container-configuration.md | description: The Translator container runtime environment is configured using th --+ Last updated 07/18/2023 |
ai-services | Translator Container Supported Parameters | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/containers/translator-container-supported-parameters.md | |
ai-services | Translator How To Install Container | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/containers/translator-how-to-install-container.md | description: Use the Docker container for Translator API to translate text. --+ Last updated 07/18/2023 |
ai-services | Create Translator Resource | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/create-translator-resource.md | |
ai-services | Beginners Guide | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/beginners-guide.md | |
ai-services | Bleu Score | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/concepts/bleu-score.md | |
ai-services | Customization | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/concepts/customization.md | description: Use the Microsoft Translator Hub to build your own machine translat --+ Last updated 07/18/2023 |
ai-services | Data Filtering | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/concepts/data-filtering.md | |
ai-services | Dictionaries | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/concepts/dictionaries.md | |
ai-services | Document Formats Naming Convention | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/concepts/document-formats-naming-convention.md | |
ai-services | Model Training | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/concepts/model-training.md | |
ai-services | Parallel Documents | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/concepts/parallel-documents.md | |
ai-services | Sentence Alignment | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/concepts/sentence-alignment.md | |
ai-services | Workspace And Project | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/concepts/workspace-and-project.md | description: This article will explain the differences between a workspace and a --+ Last updated 07/18/2023 |
ai-services | Faq | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/faq.md | |
ai-services | Copy Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/how-to/copy-model.md | |
ai-services | Create Manage Project | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/how-to/create-manage-project.md | |
ai-services | Create Manage Training Documents | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/how-to/create-manage-training-documents.md | |
ai-services | Create Manage Workspace | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/how-to/create-manage-workspace.md | |
ai-services | Enable Vnet Service Endpoint | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/how-to/enable-vnet-service-endpoint.md | description: This article describes how to use Custom Translator service with an --+ Last updated 08/08/2023 |
ai-services | Publish Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/how-to/publish-model.md | |
ai-services | Test Your Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/how-to/test-your-model.md | |
ai-services | Train Custom Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/how-to/train-custom-model.md | |
ai-services | Translate With Custom Model | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/how-to/translate-with-custom-model.md | |
ai-services | Key Terms | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/key-terms.md | |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/overview.md | |
ai-services | Platform Upgrade | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/platform-upgrade.md | |
ai-services | Quickstart | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/quickstart.md | |
ai-services | Release Notes | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/release-notes.md | |
ai-services | Document Sdk Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/document-sdk-overview.md | |
ai-services | Faq | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/faq.md | |
ai-services | Create Sas Tokens | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/how-to-guides/create-sas-tokens.md | Title: Create shared access signature (SAS) tokens for storage containers and blobs description: How to create Shared Access Signature tokens (SAS) for containers and blobs with Microsoft Storage Explorer and the Azure portal.--+ |
ai-services | Create Use Glossaries | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/how-to-guides/create-use-glossaries.md | Title: Create and use a glossary with Document Translation description: How to create and use a glossary with Document Translation. --+ |
ai-services | Create Use Managed Identities | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/how-to-guides/create-use-managed-identities.md | |
ai-services | Use Rest Api Programmatically | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/how-to-guides/use-rest-api-programmatically.md | description: "How to create a Document Translation service using C#, Go, Java, N --+ Last updated 07/18/2023 |
ai-services | Language Studio | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/language-studio.md | description: "Document Translation in Azure AI Language Studio." --+ Last updated 09/19/2023 |
ai-services | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/overview.md | description: An overview of the cloud-based batch Document Translation service a --+ Last updated 07/18/2023 |
ai-services | Document Translation Rest Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/quickstarts/document-translation-rest-api.md | description: "How to create a Document Translation service using C#, Go, Java, N --+ Last updated 07/18/2023 |
ai-services | Document Translation Sdk | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/quickstarts/document-translation-sdk.md | description: Use the Translator C#/.NET or Python client library (SDK) for cloud --+ Last updated 07/18/2023 |
ai-services | Cancel Translation | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/reference/cancel-translation.md | |
ai-services | Get Document Status | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/reference/get-document-status.md | |
ai-services | Get Documents Status | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/reference/get-documents-status.md | |
ai-services | Get Supported Document Formats | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/reference/get-supported-document-formats.md | |
ai-services | Get Supported Glossary Formats | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/reference/get-supported-glossary-formats.md | |
ai-services | Get Supported Storage Sources | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/reference/get-supported-storage-sources.md | |
ai-services | Get Translation Status | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/reference/get-translation-status.md | |
ai-services | Get Translations Status | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/reference/get-translations-status.md | |
ai-services | Rest Api Guide | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/reference/rest-api-guide.md | description: View a list of with links to the Document Translation REST APIs. --+ Last updated 09/07/2023 |
ai-services | Start Translation | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/reference/start-translation.md | |
ai-services | Dynamic Dictionary | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/dynamic-dictionary.md | description: This article explains how to use the dynamic dictionary feature of --+ Last updated 07/18/2023 |
ai-services | Encrypt Data At Rest | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/encrypt-data-at-rest.md | |
ai-services | Firewalls | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/firewalls.md | description: Azure AI Translator can translate behind firewalls using either dom --+ Last updated 07/18/2023 |
ai-services | Language Support | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/language-support.md | description: Azure AI Translator supports the following languages for text to te --+ Last updated 07/18/2023 |
ai-services | Migrate To V3 | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/migrate-to-v3.md | description: This article provides the steps to help you migrate from V2 to V3 o --+ Last updated 07/18/2023 |
ai-services | Modifications Deprecations | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/modifications-deprecations.md | description: Translator Service changes, modifications, and deprecations -+ - Last updated 07/18/2023 |
ai-services | Prevent Translation | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/prevent-translation.md | description: Prevent translation of content with the Translator. The Translator --+ Last updated 07/18/2023 |
ai-services | Profanity Filtering | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/profanity-filtering.md | description: Use Translator profanity filtering to determine the level of profan --+ Last updated 07/18/2023 |
ai-services | Quickstart Text Rest Api | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/quickstart-text-rest-api.md | description: "Learn to translate text with the Translator service REST APIs. Exa --+ Last updated 09/06/2023 |
ai-services | Quickstart Text Sdk | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/quickstart-text-sdk.md | description: "Learn to translate text with the Translator service SDks in a prog --+ Last updated 09/06/2023 |
ai-services | Rest Api Guide | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/reference/rest-api-guide.md | description: View a list of with links to the Text Translation REST APIs. --+ Last updated 09/18/2023 |
ai-services | V3 0 Break Sentence | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/reference/v3-0-break-sentence.md | |
ai-services | V3 0 Detect | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/reference/v3-0-detect.md | |
ai-services | V3 0 Dictionary Examples | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/reference/v3-0-dictionary-examples.md | |
ai-services | V3 0 Dictionary Lookup | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/reference/v3-0-dictionary-lookup.md | |
ai-services | V3 0 Languages | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/reference/v3-0-languages.md | |
ai-services | V3 0 Reference | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/reference/v3-0-reference.md | description: Reference documentation for the Translator V3.0. Version 3.0 of the --+ Last updated 09/19/2023 |
ai-services | V3 0 Translate | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/reference/v3-0-translate.md | |
ai-services | V3 0 Transliterate | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/reference/v3-0-transliterate.md | |
ai-services | Service Limits | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/service-limits.md | description: This article lists service limits for the Translator text and docum --+ Last updated 07/18/2023 |
ai-services | Sovereign Clouds | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/sovereign-clouds.md | description: Using Translator in sovereign clouds --+ Last updated 07/18/2023 |
ai-services | Text Sdk Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/text-sdk-overview.md | |
ai-services | Text Translation Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/text-translation-overview.md | description: Integrate the Text Translation API into your applications, websites -+ - Last updated 07/18/2023 |
ai-services | Translator Faq | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/translator-faq.md | |
ai-services | Translator Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/translator-overview.md | description: Integrate Translator into your applications, websites, tools, and o -+ - Last updated 07/18/2023 |
ai-services | Translator Text Apis | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/translator-text-apis.md | description: "Learn to translate text, transliterate text, detect language and m --+ Last updated 07/18/2023 |
ai-services | Whats New | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/whats-new.md | |
ai-services | Word Alignment | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/word-alignment.md | description: To receive alignment information, use the Translate method and incl --+ Last updated 07/18/2023 |
aks | Access Private Cluster | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/aks/access-private-cluster.md | Last updated 09/15/2023 # Access a private Azure Kubernetes Service (AKS) cluster -When you access a private AKS cluster, you must connect to the cluster from the cluster virtual network, from a peered network, or via a configured private endpoint. These approaches require configuring a VPN, Express Route, deploying a *jumpbox* within the cluster virtual network, or creating a private endpoint inside of another virtual network. +When you access a private AKS cluster, you need to connect to the cluster from the cluster virtual network, a peered network, or a configured private endpoint. These approaches require configuring a VPN, Express Route, deploying a *jumpbox* within the cluster virtual network, or creating a private endpoint inside of another virtual network. -With the Azure CLI, you can use `command invoke` to access private clusters without the need to configure a VPN or Express Route. `command invoke` allows you to remotely invoke commands, like `kubectl` and `helm`, on your private cluster through the Azure API without directly connecting to the cluster. The `Microsoft.ContainerService/managedClusters/runcommand/action` and `Microsoft.ContainerService/managedclusters/commandResults/read` actions control the permissions for using `command invoke`. With the Azure portal, you can use the `Run command` feature to run commands on your private cluster. The `Run command` feature uses the same `command invoke` functionality to run commands on your cluster. +With the Azure CLI, you can use `command invoke` to access private clusters without the need to configure a VPN or Express Route. `command invoke` allows you to remotely invoke commands, like `kubectl` and `helm`, on your private cluster through the Azure API without directly connecting to the cluster. The `Microsoft.ContainerService/managedClusters/runcommand/action` and `Microsoft.ContainerService/managedclusters/commandResults/read` actions control the permissions for using `command invoke`. -## Prerequisites +With the Azure portal, you can use the `Run command` feature to run commands on your private cluster. The `Run command` feature uses the same `command invoke` functionality to run commands on your cluster. -* An existing private cluster. -* The Azure CLI version 2.24.0 or later. +## Before you begin ++Before you begin, make sure you have the following resources and permissions: ++* An existing private cluster. If you don't have one, see [Create a private AKS cluster](./private-clusters.md). +* The Azure CLI version 2.24.0 or later. Run `az --version` to find the version. If you need to install or upgrade, see [Install Azure CLI](/cli/azure/install-azure-cli). * Access to the `Microsoft.ContainerService/managedClusters/runcommand/action` and `Microsoft.ContainerService/managedclusters/commandResults/read` roles on the cluster. ### Limitations |
aks | Api Server Vnet Integration | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/aks/api-server-vnet-integration.md | AKS clusters configured with API Server VNet Integration can have public network --disable-private-cluster ``` +## Connect to cluster using kubectl ++* Configure `kubectl` to connect to your cluster using the [`az aks get-credentials`][az-aks-get-credentials] command. ++ ```azurecli-interactive + az aks get-credentials -g <resource-group> -n <cluster-name> + ``` + ## Next steps For associated best practices, see [Best practices for network connectivity and security in AKS][operator-best-practices-network]. For associated best practices, see [Best practices for network connectivity and [az-identity-create]: /cli/azure/identity#az-identity-create [az-role-assignment-create]: /cli/azure/role/assignment#az-role-assignment-create [ref-support-levels]: /cli/azure/reference-types-and-status+[az-aks-get-credentials]: /cli/azure/aks#az-aks-get-credentials |
aks | Certificate Rotation | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/aks/certificate-rotation.md | Last updated 01/19/2023 # Certificate rotation in Azure Kubernetes Service (AKS) -Azure Kubernetes Service (AKS) uses certificates for authentication with many of its components. If you have a RBAC-enabled cluster built after March 2022, it's enabled with certificate auto-rotation. Periodically, you may need to rotate those certificates for security or policy reasons. For example, you may have a policy to rotate all your certificates every 90 days. +Azure Kubernetes Service (AKS) uses certificates for authentication with many of its components. RBAC-enabled clusters created after March 2022 are enabled with certificate auto-rotation. You may need to periodically rotate those certificates for security or policy reasons. For example, you may have a policy to rotate all your certificates every 90 days. > [!NOTE]-> Certificate auto-rotation will *only* be enabled by default for RBAC enabled AKS clusters. +> Certificate auto-rotation is *only* enabled by default for RBAC enabled AKS clusters. This article shows you how certificate rotation works in your AKS cluster. ## Before you begin -This article requires that you are running the Azure CLI version 2.0.77 or later. Run `az --version` to find the version. If you need to install or upgrade, see [Install Azure CLI][azure-cli-install]. +This article requires the Azure CLI version 2.0.77 or later. Run `az --version` to find the version. If you need to install or upgrade, see [Install Azure CLI][azure-cli-install]. ## AKS certificates, Certificate Authorities, and Service Accounts -AKS generates and uses the following certificates, Certificate Authorities, and Service Accounts: +AKS generates and uses the following certificates, Certificate Authorities (CA), and Service Accounts (SA): -* The AKS API server creates a Certificate Authority (CA) called the Cluster CA. +* The AKS API server creates a CA called the Cluster CA. * The API server has a Cluster CA, which signs certificates for one-way communication from the API server to kubelets.-* Each kubelet also creates a Certificate Signing Request (CSR), which is signed by the Cluster CA, for communication from the kubelet to the API server. +* Each kubelet creates a Certificate Signing Request (CSR), which the Cluster CA signs, for communication from the kubelet to the API server. * The API aggregator uses the Cluster CA to issue certificates for communication with other APIs. The API aggregator can also have its own CA for issuing those certificates, but it currently uses the Cluster CA.-* Each node uses a Service Account (SA) token, which is signed by the Cluster CA. +* Each node uses an SA token, which the Cluster CA signs. * The `kubectl` client has a certificate for communicating with the AKS cluster. -Certificates mentioned above are maintained by Microsoft, except the cluster certificate, which you have to maintain. +Microsoft maintains all certificates mentioned in this section, except for the cluster certificate. > [!NOTE]-> AKS clusters created prior to May 2019 have certificates that expire after two years. Any cluster created after May 2019 or any cluster that has its certificates rotated have Cluster CA certificates that expire after 30 years. All other AKS certificates, which use the Cluster CA for signing, will expire after two years and are automatically rotated during an AKS version upgrade which happened after 8/1/2021. To verify when your cluster was created, use `kubectl get nodes` to see the *Age* of your node pools. >-> Additionally, you can check the expiration date of your cluster's certificate. For example, the following bash command displays the client certificate details for the *myAKSCluster* cluster in resource group *rg*: -> ```console -> kubectl config view --raw -o jsonpath="{.users[?(@.name == 'clusterUser_rg_myAKSCluster')].user.client-certificate-data}" | base64 -d | openssl x509 -text | grep -A2 Validity -> ``` +> * **AKS clusters created *before* May 2019** have certificates that expire after two years. +> * **AKS clusters created *after* May 2019** have Cluster CA certificates that expire after 30 years. +> +> You can verify when your cluster was created using the `kubectl get nodes` command, which shows you the *Age* of your node pools. -To check expiration date of apiserver certificate, run the following command: +## Check certificate expiration dates -```console -curl https://{apiserver-fqdn} -k -v 2>&1 |grep expire -``` +### Check cluster certificate expiration date -To check the expiration date of certificate on VMAS agent node, run the following command: +* Check the expiration date of the cluster certificate using the `kubectl config view` command. -```azurecli -az vm run-command invoke -g MC_rg_myAKSCluster_region -n vm-name --command-id RunShellScript --query 'value[0].message' -otsv --scripts "openssl x509 -in /etc/kubernetes/certs/apiserver.crt -noout -enddate" -``` + ```console + kubectl config view --raw -o jsonpath="{.users[?(@.name == 'clusterUser_rg_myAKSCluster')].user.client-certificate-data}" | base64 -d | openssl x509 -text | grep -A2 Validity + ``` -To check expiration date of certificate on one virtual machine scale set agent node, run the following command: +### Check API server certificate expiration date -```azurecli -az vmss run-command invoke --resource-group "MC_rg_myAKSCluster_region" --name "vmss-name " --command-id RunShellScript --instance-id 1 --scripts "openssl x509 -in /etc/kubernetes/certs/apiserver.crt -noout -enddate" --query "value[0].message" -``` +* Check the expiration date of the API server certificate using the following `curl` command. -## Certificate Auto Rotation + ```console + curl https://{apiserver-fqdn} -k -v 2>&1 |grep expire + ``` -For AKS to automatically rotate non-CA certificates, the cluster must have [TLS Bootstrapping](https://kubernetes.io/docs/reference/access-authn-authz/kubelet-tls-bootstrapping/) which has been enabled by default in all Azure regions. +### Check VMAS agent node certificate expiration date -> [!NOTE] -> If you have an existing cluster you have to upgrade that cluster to enable Certificate Auto-Rotation. -> Do not disable bootstrap to keep your auto-rotation enabled. +* Check the expiration date of the VMAS agent node certificate using the `az vm run-command invoke` command. -> [!NOTE] -> If the cluster is in a stopped state during the auto certificate rotation only the control plane certificates are rotated. In this case the nodepool should be recreated, after certificate rotation, in order to initiate the nodepool certificate rotation. + ```azurecli-interactive + az vm run-command invoke -g MC_rg_myAKSCluster_region -n vm-name --command-id RunShellScript --query 'value[0].message' -otsv --scripts "openssl x509 -in /etc/kubernetes/certs/apiserver.crt -noout -enddate" + ``` -For any AKS clusters created or upgraded after March 2022 Azure Kubernetes Service will automatically rotate non-CA certificates on both the control plane and agent nodes within 80% of the client certificate valid time, before they expire with no downtime for the cluster. +### Check Virtual Machine Scale Set agent node certificate expiration date -### How to check whether current agent node pool is TLS Bootstrapping enabled? +* Check the expiration date of the Virtual Machine Scale Set agent node certificate using the `az vm run-command invoke` command. -To verify if TLS Bootstrapping is enabled on your cluster browse to the following paths: + ```azurecli-interactive + az vmss run-command invoke --resource-group "MC_rg_myAKSCluster_region" --name "vmss-name" --command-id RunShellScript --instance-id 1 --scripts "openssl x509 -in /etc/kubernetes/certs/apiserver.crt -noout -enddate" --query "value[0].message" + ``` -* On a Linux node: */var/lib/kubelet/bootstrap-kubeconfig* or */host/var/lib/kubelet/bootstrap-kubeconfig* -* On a Windows node: *C:\k\bootstrap-config* +## Certificate Auto Rotation -To access agent nodes, see [Connect to Azure Kubernetes Service cluster nodes for maintenance or troubleshooting][aks-node-access] for more information. +For AKS to automatically rotate non-CA certificates, the cluster must have [TLS Bootstrapping](https://kubernetes.io/docs/reference/access-authn-authz/kubelet-tls-bootstrapping/), which is enabled by default in all Azure regions. > [!NOTE]-> The file path may change as Kubernetes version evolves in the future. +> +> * If you have an existing cluster, you have to upgrade that cluster to enable Certificate Auto Rotation. +> * Don't disable Bootstrap to keep auto rotation enabled. +> * If the cluster is in a stopped state during the auto certificate rotation, only the control plane certificates are rotated. In this case, you should recreate the node pool after certificate rotation to initiate the node pool certificate rotation. -Once a region is configured, create a new cluster or upgrade an existing cluster with `az aks upgrade` to set that cluster for auto-certificate rotation. A control plane and node pool upgrade is needed to enable this feature. +For any AKS clusters created or upgraded after March 2022, Azure Kubernetes Service automatically rotates non-CA certificates on both the control plane and agent nodes within 80% of the client certificate valid time before they expire with no downtime for the cluster. -```azurecli -az aks upgrade -g $RESOURCE_GROUP_NAME -n $CLUSTER_NAME -``` +### How to check whether current agent node pool is TLS Bootstrapping enabled? -### Limitation +1. Verify if your cluster has TLS Bootstrapping enabled by browsing to one to the following paths: -Certificate auto-rotation will only be enabled by default for RBAC enabled AKS clusters. + * On a Linux node: */var/lib/kubelet/bootstrap-kubeconfig* or */host/var/lib/kubelet/bootstrap-kubeconfig* + * On a Windows node: *C:\k\bootstrap-config* ++ For more information, see [Connect to Azure Kubernetes Service cluster nodes for maintenance or troubleshooting][aks-node-access]. ++ > [!NOTE] + > The file path may change as Kubernetes versions evolve. ++2. Once a region is configured, create a new cluster or upgrade an existing cluster to set auto rotation for the cluster certificate. You need to upgrade the control plane and node pool to enable this feature. ## Manually rotate your cluster certificates > [!WARNING]-> Rotating your certificates using `az aks rotate-certs` will recreate all of your nodes, VM scale set and their Disks and can cause up to 30 minutes of downtime for your AKS cluster. +> Rotating your certificates using `az aks rotate-certs` recreates all of your nodes, Virtual Machine Scale Sets and Disks and can cause up to *30 minutes of downtime* for your AKS cluster. -Use [az aks get-credentials][az-aks-get-credentials] to sign in to your AKS cluster. This command also downloads and configures the `kubectl` client certificate on your local machine. +1. Connect to your cluster using the [`az aks get-credentials`][az-aks-get-credentials] command. -```azurecli -az aks get-credentials -g $RESOURCE_GROUP_NAME -n $CLUSTER_NAME -``` + ```azurecli-interactive + az aks get-credentials -g $RESOURCE_GROUP_NAME -n $CLUSTER_NAME + ``` -Use `az aks rotate-certs` to rotate all certificates, CAs, and SAs on your cluster. +2. Rotate all certificates, CAs, and SAs on your cluster using the [`az aks rotate-certs`][az-aks-rotate-certs] command. -```azurecli -az aks rotate-certs -g $RESOURCE_GROUP_NAME -n $CLUSTER_NAME -``` + ```azurecli-interactive + az aks rotate-certs -g $RESOURCE_GROUP_NAME -n $CLUSTER_NAME + ``` -> [!IMPORTANT] -> It may take up to 30 minutes for `az aks rotate-certs` to complete. If the command fails before completing, use `az aks show` to verify the status of the cluster is *Certificate Rotating*. If the cluster is in a failed state, rerun `az aks rotate-certs` to rotate your certificates again. + > [!IMPORTANT] + > It may take up to 30 minutes for `az aks rotate-certs` to complete. If the command fails before completing, use `az aks show` to verify the status of the cluster is *Certificate Rotating*. If the cluster is in a failed state, rerun `az aks rotate-certs` to rotate your certificates again. -Verify that the old certificates aren't valid by running any `kubectl` command. If you haven't updated the certificates used by `kubectl`, you'll see an error similar to the following example: +3. Verify the old certificates are no longer valid using any `kubectl` command, such as `kubectl get nodes`. -```console -kubectl get nodes -Unable to connect to the server: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "ca") -``` + ```azurecli-interactive + kubectl get nodes + ``` -To update the certificate used by `kubectl`, run the [az aks get-credentials][az-aks-get-credentials] command: + If you haven't updated the certificates used by `kubectl`, you see an error similar to the following example output: -```azurecli -az aks get-credentials -g $RESOURCE_GROUP_NAME -n $CLUSTER_NAME --overwrite-existing -``` + ```output + Unable to connect to the server: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "ca") + ``` -To verify the certificates have been updated, run the following [kubectl get][kubectl-get] command: +4. Update the certificate used by `kubectl` using the [`az aks get-credentials`][az-aks-get-credentials] command with the `--overwrite-existing` flag. -```console -kubectl get nodes -``` + ```azurecli-interactive + az aks get-credentials -g $RESOURCE_GROUP_NAME -n $CLUSTER_NAME --overwrite-existing + ``` -> [!NOTE] -> If you have any services that run on top of AKS, you might need to update their certificates. +5. Verify the certificates have been updated using the [`kubectl get`][kubectl-get] command. ++ ```azurecli-interactive + kubectl get nodes + ``` ++ > [!NOTE] + > If you have any services that run on top of AKS, you might need to update their certificates. ## Next steps -This article showed you how to automatically rotate your cluster's certificates, CAs, and SAs. You can see [Best practices for cluster security and upgrades in Azure Kubernetes Service (AKS)][aks-best-practices-security-upgrades] for more information on AKS security best practices. +This article showed you how to automatically rotate your cluster certificates, CAs, and SAs. For more information, see [Best practices for cluster security and upgrades in Azure Kubernetes Service (AKS)][aks-best-practices-security-upgrades]. +<!-- LINKS - internal --> [azure-cli-install]: /cli/azure/install-azure-cli [az-aks-get-credentials]: /cli/azure/aks#az_aks_get_credentials-[az-get]: https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#get -[az-extension-add]: /cli/azure/extension#az_extension_add -[az-extension-update]: /cli/azure/extension#az_extension_update [aks-best-practices-security-upgrades]: operator-best-practices-cluster-security.md [aks-node-access]: ./node-access.md+[az-aks-rotate-certs]: /cli/azure/aks#az_aks_rotate_certs ++<!-- LINKS - external --> +[kubectl-get]: https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#get |
aks | Configure Kube Proxy | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/aks/configure-kube-proxy.md | Title: Configure kube-proxy (iptables/IPVS) (preview) + Title: Configure kube-proxy (iptables/IPVS) (Preview) description: Learn how to configure kube-proxy to utilize different load balancing configurations with Azure Kubernetes Service (AKS). Previously updated : 10/25/2022 Last updated : 09/25/2023 #Customer intent: As a cluster operator, I want to utilize a different kube-proxy configuration. -# Configure `kube-proxy` in Azure Kubernetes Service (AKS) (preview) +# Configure `kube-proxy` in Azure Kubernetes Service (AKS) (Preview) -`kube-proxy` is a component of Kubernetes that handles routing traffic for services within the cluster. There are two backends available for Layer 3/4 load balancing in upstream `kube-proxy` - iptables and IPVS. +`kube-proxy` is a component of Kubernetes that handles routing traffic for services within the cluster. There are two backends available for Layer 3/4 load balancing in upstream `kube-proxy`: iptables and IPVS. -- iptables is the default backend utilized in the majority of Kubernetes clusters. It is simple and well supported, but is not as efficient or intelligent as IPVS.-- IPVS utilizes the Linux Virtual Server, a layer 3/4 load balancer built into the Linux kernel. IPVS provides a number of advantages over the default iptables configuration, including state awareness, connection tracking, and more intelligent load balancing.+- **iptables** is the default backend utilized in the majority of Kubernetes clusters. It's simple and well-supported, but not as efficient or intelligent as IPVS. +- **IPVS** uses the Linux Virtual Server, a layer 3/4 load balancer built into the Linux kernel. IPVS provides a number of advantages over the default iptables configuration, including state awareness, connection tracking, and more intelligent load balancing. IPVS *doesn't support Azure Network Policy*. -The AKS managed `kube-proxy` DaemonSet can also be disabled entirely if that is desired to support [bring-your-own CNI][aks-byo-cni]. +For more information, see the [Kubernetes documentation on kube-proxy](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/). -## Prerequisites --* Azure CLI with aks-preview extension 0.5.105 or later. -* If using ARM or the REST API, the AKS API version must be 2022-08-02-preview or later. --## Install the aks-preview Azure CLI extension +> [!NOTE] +> If you want, you can disable the AKS-managed `kube-proxy` DaemonSet to support [bring-your-own CNI][aks-byo-cni]. [!INCLUDE [preview features callout](includes/preview/preview-callout.md)] -To install the aks-preview extension, run the following command: --```azurecli-interactive -az extension add --name aks-preview -``` +## Before you begin -Run the following command to update to the latest version of the extension released: +- If using the Azure CLI, you need the `aks-preview` extension. See [Install the `aks-preview` Azure CLI extension](#install-the-aks-preview-azure-cli-extension). +- If using ARM or the REST API, the AKS API version must be *2022-08-02-preview or later*. +- You need to register the `KubeProxyConfigurationPreview` feature flag. See [Register the `KubeProxyConfigurationPreview` feature flag](#register-the-kubeproxyconfigurationpreview-feature-flag). -```azurecli-interactive -az extension update --name aks-preview -``` +### Install the `aks-preview` Azure CLI extension -## Register the 'KubeProxyConfigurationPreview' feature flag +1. Install the `aks-preview` extension using the [`az extension add`][az-extension-add] command. -Register the `KubeProxyConfigurationPreview` feature flag by using the [az feature register][az-feature-register] command, as shown in the following example: + ```azurecli-interactive + az extension add --name aks-preview + ``` -```azurecli-interactive -az feature register --namespace "Microsoft.ContainerService" --name "KubeProxyConfigurationPreview" -``` +2. Update to the latest version of the extension using the [`az extension update`][az-extension-update] command. -It takes a few minutes for the status to show *Registered*. Verify the registration status by using the [az feature show][az-feature-show] command: + ```azurecli-interactive + az extension update --name aks-preview + ``` -```azurecli-interactive -az feature show --namespace "Microsoft.ContainerService" --name "KubeProxyConfigurationPreview" -``` +### Register the `KubeProxyConfigurationPreview` feature flag -When the status reflects *Registered*, refresh the registration of the *Microsoft.ContainerService* resource provider by using the [az provider register][az-provider-register] command: +1. Register the `KubeProxyConfigurationPreview` feature flag using the [`az feature register`][az-feature-register] command. -```azurecli-interactive -az provider register --namespace Microsoft.ContainerService -``` + ```azurecli-interactive + az feature register --namespace "Microsoft.ContainerService" --name "KubeProxyConfigurationPreview" + ``` -## Configurable options + It takes a few minutes for the status to show *Registered*. -The full `kube-proxy` configuration structure can be found in the [AKS Cluster Schema][aks-schema-kubeproxyconfig]. +2. Verify the registration status using the [`az feature show`][az-feature-show] command. -- `enabled` - whether or not to deploy the `kube-proxy` DaemonSet. Defaults to true.-- `mode` - can be set to `IPTABLES` or `IPVS`. Defaults to `IPTABLES`.-- `ipvsConfig` - if `mode` is `IPVS`, this object contains IPVS-specific configuration properties.- - `scheduler` - which connection scheduler to utilize. Supported values: - - `LeastConnection` - sends connections to the backend pod with the fewest connections - - `RoundRobin` - distributes connections evenly between backend pods - - `tcpFinTimeoutSeconds` - the value used for timeout after a FIN has been received in a TCP session - - `tcpTimeoutSeconds` - the value used for timeout length for idle TCP sessions - - `udpTimeoutSeconds` - the value used for timeout length for idle UDP sessions + ```azurecli-interactive + az feature show --namespace "Microsoft.ContainerService" --name "KubeProxyConfigurationPreview" + ``` -> [!NOTE] -> IPVS load balancing operates in each node independently and is still only aware of connections flowing through the local node. This means that while `LeastConnection` results in more even load under higher number of connections, when low numbers of connections (# connects < 2 * node count) occur traffic may still be relatively unbalanced. --## Utilize `kube-proxy` configuration in a new or existing AKS cluster using Azure CLI +3. When the status reflects *Registered*, refresh the registration of the *Microsoft.ContainerService* resource provider using the [`az provider register`][az-provider-register] command. -`kube-proxy` configuration is a cluster-wide setting. No action is needed to update your services. -->[!WARNING] -> Changing the kube-proxy configuration may cause a slight interruption in cluster service traffic flow. + ```azurecli-interactive + az provider register --namespace Microsoft.ContainerService + ``` -To begin, create a JSON configuration file with the desired settings: +## `kube-proxy` configuration options -### Create a configuration file +You can view the full `kube-proxy` configuration structure in the [AKS Cluster Schema][aks-schema-kubeproxyconfig]. -```json -{ - "enabled": true, - "mode": "IPVS", - "ipvsConfig": { - "scheduler": "LeastConnection", - "TCPTimeoutSeconds": 900, - "TCPFINTimeoutSeconds": 120, - "UDPTimeoutSeconds": 300 - } -} -``` +- **`enabled`**: Determines deployment of the `kube-proxy` DaemonSet. Defaults to `true`. +- **`mode`**: You can set to either `IPTABLES` or `IPVS`. Defaults to `IPTABLES`. +- **`ipvsConfig`**: If `mode` is `IPVS`, this object contains IPVS-specific configuration properties. + - **`scheduler`**: Determines which connection scheduler to use. Supported values include: + - **`LeastConnection`**: Sends connections to the backend pod with the fewest connections. + - **`RoundRobin`**: Evenly distributes connections between backend pods. + - **`tcpFinTimeoutSeconds`**: Sets the timeout length value after a TCP session receives a FIN. + - **`tcpTimeoutSeconds`**: Sets the timeout length value for idle TCP sessions. + - **`udpTimeoutSeconds`**: Sets the timeout length value for idle UDP sessions. -### Deploy a new cluster --Deploy your cluster using `az aks create` and pass in the configuration file: --```bash -az aks create -g <resourceGroup> -n <clusterName> --kube-proxy-config kube-proxy.json -``` --### Update an existing cluster --Configure your cluster using `az aks update` and pass in the configuration file: +> [!NOTE] +> IPVS load balancing operates in each node independently and is only aware of connections flowing through the local node. This means that while `LeastConnection` results in a more even load under a higher number of connections, when a low amount of connections (# connects < 2 * node count) occur, traffic may be relatively unbalanced -```bash -az aks update -g <resourceGroup> -n <clusterName> --kube-proxy-config kube-proxy.json -``` +## Use `kube-proxy` in a new or existing AKS cluster -### Limitations +`kube-proxy` configuration is a cluster-wide setting. You don't need to update your services. -When using kube-proxy IPVS, the following restrictions apply: +> [!WARNING] +> Changing the kube-proxy configuration may cause a slight interruption in cluster service traffic flow. -- Azure Network Policy is not supported.+1. Create a configuration file with the desired `kube-proxy` configuration. For example, the following configuration enables IPVS with the `LeastConnection` scheduler and sets the TCP timeout to 900 seconds. ++ ```json + { + "enabled": true, + "mode": "IPVS", + "ipvsConfig": { + "scheduler": "LeastConnection", + "TCPTimeoutSeconds": 900, + "TCPFINTimeoutSeconds": 120, + "UDPTimeoutSeconds": 300 + } + } + ``` ++2. Create a new cluster or update an existing cluster with the configuration file using the [`az aks create`][az-aks-create] or [`az aks update`][az-aks-update] command with the `--kube-proxy-config` parameter set to the configuration file. ++ ```azurecli-interactive + # Create a new cluster + az aks create -g <resourceGroup> -n <clusterName> --kube-proxy-config kube-proxy.json + + # Update an existing cluster + az aks update -g <resourceGroup> -n <clusterName> --kube-proxy-config kube-proxy.json + ``` ## Next steps -Learn more about utilizing the Standard Load Balancer for inbound traffic at the [AKS Standard Load Balancer documentation](load-balancer-standard.md). --Learn more about using Internal Load Balancer for Inbound traffic at the [AKS Internal Load Balancer documentation](internal-lb.md). +This article covered how to configure `kube-proxy` in Azure Kubernetes Service (AKS). To learn more about load balancing in AKS, see the following articles: -Learn more about Kubernetes services at the [Kubernetes services documentation][kubernetes-services]. +- [Use a standard public load balancer in AKS](load-balancer-standard.md) +- [Use an internal load balancer in AKS](internal-lb.md) <!-- LINKS - External -->-[kubernetes-services]: https://kubernetes.io/docs/concepts/services-networking/service/ [aks-schema-kubeproxyconfig]: /azure/templates/microsoft.containerservice/managedclusters?pivots=deployment-language-bicep#containerservicenetworkprofilekubeproxyconfig <!-- LINKS - Internal --> Learn more about Kubernetes services at the [Kubernetes services documentation][ [az-provider-register]: /cli/azure/provider#az-provider-register [az-feature-register]: /cli/azure/feature#az-feature-register [az-feature-show]: /cli/azure/feature#az-feature-show+[az-extension-add]: /cli/azure/extension#az-extension-add +[az-extension-update]: /cli/azure/extension#az-extension-update +[az-aks-create]: /cli/azure/aks#az-aks-create +[az-aks-update]: /cli/azure/aks#az-aks-update |
aks | Csi Secrets Store Identity Access | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/aks/csi-secrets-store-identity-access.md | Before you begin, you must have the following prerequisites: ## Access with a user-assigned managed identity -1. Access your key vault using the [`az aks show`][az-aks-show] command and the user-assigned managed identity you created when you [enabled a managed identity on your AKS cluster][use-managed-identity]. +1. Access your key vault using the [`az aks show`][az-aks-show] command and the user-assigned managed identity created by the add-on when you [enabled the Azure Key Vault Provider for Secrets Store CSI Driver on your AKS Cluster](./csi-secrets-store-driver.md#create-an-aks-cluster-with-azure-key-vault-provider-for-secrets-store-csi-driver-support). ```azurecli-interactive az aks show -g <resource-group> -n <cluster-name> --query addonProfiles.azureKeyvaultSecretsProvider.identity.clientId -o tsv |
aks | Quick Kubernetes Deploy Terraform | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/aks/learn/quick-kubernetes-deploy-terraform.md | In this article, you learn how to: - **Kubernetes command-line tool (kubectl):** [Download kubectl](https://kubernetes.io/releases/download/). +## Login to your Azure Account ++ ## Implement the Terraform code > [!NOTE] |
aks | Limit Egress Traffic | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/aks/limit-egress-traffic.md | You need to configure Azure Firewall inbound and outbound rules. The main purpos Azure automatically routes traffic between Azure subnets, virtual networks, and on-premises networks. If you want to change any of Azure's default routing, you can create a route table. +> [!IMPORTANT] +> Outbound type of UDR requires a route for 0.0.0.0/0 and a next hop destination of NVA in the route table. +> The route table already has a default 0.0.0.0/0 to the Internet. Without a public IP address for Azure to use for Source Network Address Translation (SNAT), simply adding this route won't provide you outbound Internet connectivity. AKS validates that you don't create a 0.0.0.0/0 route pointing to the Internet but instead to a gateway, NVA, etc. +> When using an outbound type of UDR, a load balancer public IP address for **inbound requests** isn't created unless you configure a service of type *loadbalancer*. AKS never creates a public IP address for **outbound requests** if you set an outbound type of UDR. +> For more information, see [Outbound rules for Azure Load Balancer](../load-balancer/outbound-rules.md#scenario6out). + 1. Create an empty route table to be associated with a given subnet using the [`az network route-table create`][az-network-route-table-create] command. The route table will define the next hop as the Azure Firewall created above. Each subnet can have zero or one route table associated to it. ```azurecli |
api-management | Self Hosted Gateway Enable Azure Ad | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/api-management/self-hosted-gateway-enable-azure-ad.md | Assign the API Management Configuration API Access Validator Service Role to the Create a new Azure AD app. For steps, see [Create an Azure Active Directory application and service principal that can access resources](../active-directory/develop/howto-create-service-principal-portal.md). This app will be used by the self-hosted gateway to authenticate to the API Management instance. -* Generate a [client secret](../active-directory/develop/howto-create-service-principal-portal.md#option-3-create-a-new-application-secret) +* Generate a [client secret](../active-directory/develop/howto-create-service-principal-portal.md#option-3-create-a-new-client-secret) * Take note of the following application values for use in the next section when deploying the self-hosted gateway: application (client) ID, directory (tenant) ID, and client secret #### Step 2: Assign API Management Gateway Configuration Reader Service Role |
attestation | Quickstart Terraform | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/attestation/quickstart-terraform.md | -[Microsoft Azure Attestation](overview.md) is a solution for attesting Trusted Execution Environments (TEEs). This quickstart focuses on the process of deploying a Bicep file to create a Microsoft Azure Attestation policy. +[Microsoft Azure Attestation](overview.md) is a solution for attesting Trusted Execution Environments (TEEs). This quickstart focuses on the process of creating a Microsoft Azure Attestation policy using Terraform. In this article, you learn how to: |
automation | Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/automation/update-management/overview.md | -> - Automation Update management relies on [Log Analytics agent](../../azure-monitor/agents/log-analytics-agent.md) (aka MMA agent), which is on a deprecation path and wonΓÇÖt be supported after **August 31, 2024**. -> - [Azure Update Manager](../../update-center/overview.md) (AUM) is the v2 version of Automation Update management and the future of Update management in Azure. AUM is a native service in Azure and does not rely on [Log Analytics agent](../../azure-monitor/agents/log-analytics-agent.md) or [Azure Monitor agent](../../azure-monitor/agents/agents-overview.md). -> - Follow [guidance](../../update-center/guidance-migration-automation-update-management-azure-update-manager.md) to migrate machines and schedules from Automation Update Management to Azure Update Manager. -> - If you are using Automation Update Management, we recommend that you continue to use the Log Analytics agent and *not* migrate to the Azure Monitor agent until machines and schedules are migrated to Azure Update Manager. -> - The Log Analytics agent wouldn't be deprecated before moving all Automation Update Management customers to Update Manager. +> Azure Log Analytics agent, also known as the Microsoft Monitoring Agent (MMA) will be [retired in August 2024](https://azure.microsoft.com/updates/were-retiring-the-log-analytics-agent-in-azure-monitor-on-31-august-2024/). Azure Automation Update Management solution relies on this agent and may encounter issues once the agent is retired as it does not work with Azure Monitoring Agent (AMA). Therefore, if you are using the Azure Automation Update Management solution, we recommend that you move to Azure Update Manager for your software update needs. All the capabilities of Azure Automation Update management solution will be available on Azure Update Manager before the retirement date. Follow the [guidance](../../update-center/guidance-migration-automation-update-management-azure-update-manager.md) to move your machines and schedules from Automation Update Management to Azure Update Manager. You can use Update Management in Azure Automation to manage operating system updates for your Windows and Linux virtual machines in Azure, physical or VMs in on-premises environments, and in other cloud environments. You can quickly assess the status of available updates and manage the process of installing required updates for your machines reporting to Update Management. |
azure-functions | Functions Host Json V1 | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-functions/functions-host-json-v1.md | Configuration setting for the [SendGrind output binding](functions-bindings-send Configuration setting for [Service Bus triggers and bindings](functions-bindings-service-bus.md). ```json-{ +{ "extensions": "serviceBus": { "maxConcurrentCalls": 16, "prefetchCount": 100, |
azure-functions | Update Java Versions | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-functions/update-java-versions.md | + + Title: Update Java versions in Azure Functions +description: Learn how to update an existing function app in Azure Functions to run on a new version of Java. + Last updated : 09/14/2023+zone_pivot_groups: app-service-platform-windows-linux +++# Update Java versions in Azure Functions ++The Azure Functions supports specific versions of Java. This support changes based on the support or Java versions. As these supported versions change, you need to update your Java function apps. You may also want to update your apps to take advantage of features in newer supported version of Java. For more information, see [Supported versions](functions-reference-java.md#supported-versions) in the Java developer guide. ++The way that you update your function app depends on whether you run on Windows or Linux. This version is for Windows. Choose your OS at the [top](#top) of the article. +The way that you update your function app depends on whether you run on Windows or Linux. This version is for Linux. Choose your OS at the [top](#top) of the article. ++## Prepare to update ++Before you update the Java version in Azure, you should complete these tasks: ++### 1. Verify your functions locally ++Before upgrading the Java version used by your function app in Azure, make sure that you have fully tested and verified your function code locally on the new target version of Java. Examples in this article assume you're updating to Java 17. ++### 2. Move to the latest Functions runtime + +Before updating your Java version, make sure your function app is running on the latest version of the Functions runtime (version 4.x). ++### [Azure portal](#tab/azure-portal) ++Use these steps to determine your Functions runtime version: ++1. In the [Azure portal](https://portal.azure.com), locate your function app and select **Configuration** on the left-hand side under **Settings**. ++1. Select the **Function runtime settings** tab and check the **Runtime version** value to see if your function app is running on version 4.x of the Functions runtime (`~4`). ++ :::image type="content" source="media/update-java-versions/update-functions-version-portal.png" alt-text="Screenshot of how to view the Functions runtime version for your app in the Azure portal."::: ++### [Azure CLI](#tab/azure-cli) ++Use this [`az functionapp config appsettings list`](/cli/azure/functionapp/config/appsettings#az-functionapp-config-appsettings-list) command to check your runtime version: ++```azurecli +az functionapp config appsettings list --name "<FUNCTION_APP_NAME>" --resource-group "<RESOURCE_GROUP_NAME>" +``` +The `FUNCTIONS_EXTENSION_VERSION` setting sets the runtime version. A value of `~4` means that your function app is already running on the latest minor version of the latest major version (4.x). ++++If you need to first update your function app to version 4.x, see [Migrate apps from Azure Functions version 3.x to version 4.x](./migrate-version-3-version-4.md). You should follow the instructions in this article rather than just manually changing the `FUNCTIONS_EXTENSION_VERSION` setting. ++## Update the Java version +You can use the Azure portal, Azure CLI, or Azure PowerShell to update the Java version for your function app. +These procedures apply to all [Functions hosting options](./functions-scale.md). +>[!NOTE] +> You can't change the Java version in the Azure portal when your function app is running on Linux in a [Consumption plan](./consumption-plan.md). Instead use the Azure CLI. +### [Azure portal](#tab/azure-portal) +You can only use these steps for function apps hosted in a [Premium plan](./functions-premium-plan.md) or a [Dedicated (App Service) plan](./dedicated-plan.md). For a [Consumption plan](./consumption-plan.md), you must instead use the Azure CLI. +Use the following steps to update the Java version: ++1. In the [Azure portal](https://portal.azure.com), locate your function app and select **Configuration** on the left-hand side. ++1. In the **General settings** tab, update the **Java version** to `Java 17`. ++ :::image type="content" source="media/update-java-versions/update-java-version-portal.png" alt-text="Screenshot of how to set the desired Java version for a function app in the Azure portal."::: ++1. When notified about a restart, select **Continue**, and then **Save**. ++### [Azure CLI](#tab/azure-cli) ++You can use the Azure CLI to update the Java version for any hosting plan. ++Run the [`az functionapp config set`](/cli/azure/functionapp/config#az-functionapp-config-set) command to update the Java version site setting to `17`: ++```azurecli +az functionapp config set --java-version "17" --name "<APP_NAME>" --resource-group "<RESOURCE_GROUP>" +``` +Run the [`az functionapp config set`](/cli/azure/functionapp/config#az-functionapp-config-set) command to update the Linux site setting with the new Java version for your function app. ++```azurecli +az functionapp config set --linux-fx-version "java|17" --name "<APP_NAME>" --resource-group "<RESOURCE_GROUP>" +``` ++In this example, replace `<APP_NAME>` and `<RESOURCE_GROUP>` with the name of your function app and resource group, respectively. ++++Your function app restarts after you update the Java version. To learn more about Functions support for Java, see [Language runtime support policy](language-support-policy.md). ++## Next steps ++> [!div class="nextstepaction"] +> [Java developer guide](./functions-reference-java.md) + |
azure-maps | About Azure Maps | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-maps/about-azure-maps.md | Azure Maps consists of the following services that can provide geographic contex ### Data registry service -Data is imperative for maps. Use the Data registry service to access geospatial data, used with spatial operations or image composition, previously uploaded to your [Azure Storage]. By bringing customer data closer to the Azure Maps service, you reduce latency and increase productivity. For more information on this service, see [Data registry service]. +Data is imperative for maps. Use the Data registry service to access geospatial data, used with spatial operations or image composition, previously uploaded to your [Azure Storage]. By bringing customer data closer to the Azure Maps service, you reduce latency and increase productivity. For more information, see [Data registry] in the Azure Maps REST API documentation. > [!NOTE] > > **Azure Maps Data service retirement** >-> The Azure Maps Data service (both [v1] and [v2]) is now deprecated and will be retired on 9/16/24. To avoid service disruptions, all calls to the Data service will need to be updated to use the Azure Maps [Data Registry service] by 9/16/24. For more information, see [How to create data registry]. +> The Azure Maps Data service (both [v1] and [v2]) is now deprecated and will be retired on 9/16/24. To avoid service disruptions, all calls to the Data service will need to be updated to use the Azure Maps [Data registry] service by 9/16/24. For more information, see [How to create data registry]. ### Geolocation service Use the Geolocation service to retrieve the two-letter country/region code for an IP address. This service can help you enhance user experience by providing customized application content based on geographic location. -For more information, see the [Geolocation service] documentation. +For more information, see [Geolocation] in the Azure Maps REST API documentation. ### Render service -[Render service] introduces a new version of the [Get Map Tile] API that supports using Azure Maps tiles not only in the Azure Maps SDKs but other map controls as well. It includes raster and vector tile formats, 256x256 or 512x512 tile sizes (where applicable) and numerous map types such as road, weather, contour, or map tiles. For a complete list, see [TilesetID] in the REST API documentation. You're required to display the appropriate copyright attribution on the map anytime you use the Azure Maps Render service, either as basemaps or layers, in any third-party map control. For more information, see [How to use the Get Map Attribution API]. +[Render] service introduces a new version of the [Get Map Tile] API that supports using Azure Maps tiles not only in the Azure Maps SDKs but other map controls as well. It includes raster and vector tile formats, 256x256 or 512x512 tile sizes (where applicable) and numerous map types such as road, weather, contour, or map tiles. For a complete list, see [TilesetID] in the REST API documentation. You're required to display the appropriate copyright attribution on the map anytime you use the Azure Maps Render service, either as basemaps or layers, in any third-party map control. For more information, see [How to use the Get Map Attribution API]. :::image type="content" source="./media/about-azure-maps/intro_map.png" border="false" alt-text="Example of a map from the Render service"::: The Route service offers advanced set features, such as: * Matrices of travel time and distance between a set of origins and destinations. * Finding routes or distances that users can travel based on time or fuel requirements. -For more information on routing capabilities, see the [Route service] documentation. +For more information, see [Route] in the Azure Maps REST API documentation. ### Search service The Search service also provides advanced features such as: * Batch a group of search requests. * Search electric vehicle charging stations and Point of Interest (POI) data by brand name. -For more information on search capabilities, see the [Search service] documentation. +For more information, see [Search] in the Azure Maps REST API documentation. ### Spatial service The Spatial service quickly analyzes location information to help inform customers of ongoing events happening in time and space. It enables near real-time analysis and predictive modeling of events. -The service enables customers to enhance their location intelligence with a library of common geospatial mathematical calculations. Common calculations include closest point, great circle distance, and buffers. For more information about the Spatial service and its various features, see the [Spatial service] documentation. +The service enables customers to enhance their location intelligence with a library of common geospatial mathematical calculations. Common calculations include closest point, great circle distance, and buffers. For more information about the Spatial service and its various features, see [Spatial] in the Azure Maps REST API documentation. ### Timezone service A typical JSON response for a query to the Time zone service looks like the foll } ``` -For more information, see the [Time zone service] documentation. +For more information, see [Timezone] in the Azure Maps REST API documentation. ### Traffic service The Traffic service is a suite of web services that developers can use for web o ![Example of a map with traffic information](media/about-azure-maps/intro_traffic.png) -For more information, see the [Traffic service] documentation. +For more information, see [Traffic] in the Azure Maps REST API documentation. ### Weather service Stay up to date on Azure Maps: [What is Azure Maps Creator?]: about-creator.md [v1]: /rest/api/maps/data [v2]: /rest/api/maps/data-v2-[Data Registry service]: /rest/api/maps/data-registry [How to create data registry]: how-to-create-data-registries.md <! REST API Links >-[Data registry service]: /rest/api/maps/data-registry -[Geolocation service]: /rest/api/maps/geolocation +[Data registry]: /rest/api/maps/data-registry +[Geolocation]: /rest/api/maps/geolocation [Get Map Tile]: /rest/api/maps/render-v2/get-map-tile [Get Weather along route API]: /rest/api/maps/weather/getweatheralongroute-[Render service]: /rest/api/maps/render-v2 +[Render]: /rest/api/maps/render-v2 [REST APIs]: /rest/api/maps/-[Route service]: /rest/api/maps/route -[Search service]: /rest/api/maps/search -[Spatial service]: /rest/api/maps/spatial +[Route]: /rest/api/maps/route +[Search]: /rest/api/maps/search +[Spatial]: /rest/api/maps/spatial [TilesetID]: /rest/api/maps/render-v2/get-map-tile#tilesetid-[Time zone service]: /rest/api/maps/timezone -[Traffic service]: /rest/api/maps/traffic +[Timezone]: /rest/api/maps/timezone +[Traffic]: /rest/api/maps/traffic <! JavaScript API Links > [JavaScript map control]: /javascript/api/azure-maps-control <! External Links > |
azure-maps | About Creator | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-maps/about-creator.md | Creator is a platform for building indoor mapping solutions for all your needs. An [onboarding tool] is provided to prepare your facility's DWGs by identifying the data to use and to positioning your facility on the map. The conversion service then converts the geometry and data from your DWG files into a digital indoor map. -The first step in creating your indoor map is to upload a drawing package into your Azure Maps account. A drawing package contains one or more CAD (computer-aided design) drawings of your facility along with a manifest describing the drawings. The drawings define the elements of the facility while the manifest tells the Azure Maps [Conversion service] how to read the facility drawing files and metadata. For more +The first step in creating your indoor map is to upload a drawing package into your Azure Maps account. A drawing package contains one or more CAD (computer-aided design) drawings of your facility along with a manifest describing the drawings. The drawings define the elements of the facility while the manifest tells the Azure Maps [Conversion] service how to read the facility drawing files and metadata. For more information about manifest properties, see [Manifest file requirements] and for more information on creating and uploading a drawing package, see the [Drawing package guide]. ### Dataset This section provides a high-level overview of the indoor map creation workflow. account. Upload drawing packages using the [Data Upload API]. 1. **Convert**. Once the drawing package is uploaded into your Azure Maps account,- use the [Conversion service] to validate the data in the uploaded drawing + use the [Conversion] service to validate the data in the uploaded drawing package and convert it into map data. 1. **Dataset**. Create a [dataset] from the map data. A dataset is collection This section provides a high-level overview of the indoor map creation workflow. [Azure Maps Creator onboarding tool]: https://azure.github.io/azure-maps-creator-onboarding-tool [Azure Maps Creator REST API]: /rest/api/maps-creator-[Conversion service]: /rest/api/maps/v2/conversion +[Conversion]: /rest/api/maps/v2/conversion [Create a feature stateset]: how-to-creator-feature-stateset.md [Create custom styles for indoor maps]: how-to-create-custom-styles.md [Create dataset using GeoJson package]: how-to-dataset-geojson.md |
azure-maps | Azure Maps Qps Rate Limits | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-maps/azure-maps-qps-rate-limits.md | The following list shows the QPS usage limits for each Azure Maps service by Pri | Traffic service | 50 | 50 | 50 | | Weather service | 50 | 50 | 50 | -<sup>1</sup> The Azure Maps Data service (both [v1] and [v2]) is now deprecated and will be retired on 9/16/24. To avoid service disruptions, all calls to the Data service will need to be updated to use the Azure Maps [Data Registry service] by 9/16/24. For more information, see [How to create data registry]. +<sup>1</sup> The Azure Maps Data service (both [v1] and [v2]) is now deprecated and will be retired on 9/16/24. To avoid service disruptions, all calls to the Data service will need to be updated to use the Azure Maps [Data Registry] service by 9/16/24. For more information, see [How to create data registry]. When QPS limits are reached, an HTTP 429 error is returned. If you're using the Gen 2 or Gen 1 S1 pricing tiers, you can create an Azure Maps *Technical* Support Request in the [Azure portal] to increase a specific QPS limit if needed. QPS limits for the Gen 1 S0 pricing tier can't be increased. When QPS limits are reached, an HTTP 429 error is returned. If you're using the [Manage the pricing tier of your Azure Maps account]: how-to-manage-pricing-tier.md [v1]: /rest/api/maps/data [v2]: /rest/api/maps/data-v2-[Data Registry service]: /rest/api/maps/data-registry +[Data Registry]: /rest/api/maps/data-registry [How to create data registry]: how-to-create-data-registries.md |
azure-maps | How To Search For Address | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-maps/how-to-search-for-address.md | -The [Search service] is a set of RESTful APIs designed to help developers search addresses, places, and business listings by name, category, and other geographic information. In addition to supporting traditional geocoding, services can also reverse geocode addresses and cross streets based on latitudes and longitudes. Latitude and longitude values returned by the search can be used as parameters in other Azure Maps services, such as [Route] and [Weather] services. +The [Search] service is a set of RESTful APIs designed to help developers search addresses, places, and business listings by name, category, and other geographic information. In addition to supporting traditional geocoding, services can also reverse geocode addresses and cross streets based on latitudes and longitudes. Latitude and longitude values returned by the search can be used as parameters in other Azure Maps services, such as [Route] and [Weather]. This article demonstrates how to: This example demonstrates how to search for a cross street based on the coordina [Search Address]: /rest/api/maps/search/getsearchaddress [Search Coverage]: geocoding-coverage.md [Search Polygon API]: /rest/api/maps/search/getsearchpolygon-[Search service]: /rest/api/maps/search +[Search]: /rest/api/maps/search [subscription key]: quick-demo-map-app.md#get-the-subscription-key-for-your-account [URI Parameter reference]: /rest/api/maps/search/getsearchfuzzy#uri-parameters [Weather]: /rest/api/maps/weather |
azure-maps | Migrate From Bing Maps Web Services | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-maps/migrate-from-bing-maps-web-services.md | In Azure Maps, pushpins can also be added to a static map image by specifying th More styles can be used by adding more `pins` parameters to the URL with a different style and set of locations. -Regarding pin locations, Azure Maps requires the coordinates to be in `longitude latitude` format whereas Bing Maps uses `latitude,longitude` format. Also note that **there is a space, not a comma** separating longitude and latitude in Azure Maps. +Regarding pin locations, Azure Maps requires the coordinates to be in `longitude,latitude` format whereas Bing Maps uses `latitude,longitude` format. Also note that **there is a space, not a comma** separating longitude and latitude in Azure Maps. The `iconType` value specifies the type of pin to create and can have the following values: In Azure Maps, lines and polygons can also be added to a static map image by spe > `&path=pathStyles||pathLocation1|pathLocation2|...` -When it comes to path locations, Azure Maps requires the coordinates to be in `longitude latitude` format whereas Bing Maps uses `latitude,longitude` format. Also note that **there is a space, not a comma separating** longitude and latitude in Azure Maps. Azure Maps doesn't support encoded paths currently. +When it comes to path locations, Azure Maps requires the coordinates to be in `longitude,latitude` format whereas Bing Maps uses `latitude,longitude` format. Also note that **there is a space, not a comma separating** longitude and latitude in Azure Maps. Azure Maps doesn't support encoded paths currently. Path styles in Azure Maps are added with the format `optionNameValue`, with multiple styles separated by pipe (`|`) characters like this `optionName1Value1|optionName2Value2`. Note the option names and values aren't separated. The following style option names can be used to style paths in Azure Maps: |
azure-maps | Migrate From Google Maps Web Services | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-maps/migrate-from-google-maps-web-services.md | Add markers to a static map image by specifying the `pins` parameter in the URL. To use other styles, add extra `pins` parameters to the URL with a different style and set of locations. -In Azure Maps, the pin location needs to be in the "longitude latitude" format. Google Maps uses "latitude,longitude" format. A space, not a comma, separates longitude and latitude in the Azure Maps format. +In Azure Maps, the pin location needs to be in the "longitude,latitude" format. Google Maps uses "latitude,longitude" format. A space, not a comma, separates longitude and latitude in the Azure Maps format. The `iconType` specifies the type of pin to create. It can have the following values: Add lines and polygons to a static map image by specifying the `path` parameter &path=pathStyles||pathLocation1|pathLocation2|... ``` -When it comes to path locations, Azure Maps requires the coordinates to be in "longitude latitude" format. Google Maps uses "latitude,longitude" format. A space, not a comma, separates longitude and latitude in the Azure Maps format. Azure Maps doesn't support encoded paths or addresses for points. +When it comes to path locations, Azure Maps requires the coordinates to be in "longitude,latitude" format. Google Maps uses "latitude,longitude" format. A space, not a comma, separates longitude and latitude in the Azure Maps format. Azure Maps doesn't support encoded paths or addresses for points. Add path styles with the `optionNameValue` format. Separate multiple styles by pipe (\|) characters, like this `optionName1Value1|optionName2Value2`. The option names and values aren't separated. Use the following style option names to style paths in Azure Maps: |
azure-maps | Understanding Azure Maps Transactions | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-maps/understanding-azure-maps-transactions.md | The following table summarizes the Azure Maps services that generate transaction | [Traffic] | Yes | One request = 1 transaction (except tiles)<br>15 tiles = 1 transaction | <ul><li>Location Insights Traffic (Gen2 pricing)</li><li>Standard S1 Traffic Transactions (Gen1 S1 pricing)</li><li>Standard Geolocation Transactions (Gen1 S0 pricing)</li><li>Maps Traffic Tiles (Gen2 pricing)</li><li>Standard S1 Tile Transactions (Gen1 S1 pricing)</li><li>Standard Tile Transactions (Gen1 S0 pricing)</li></ul> | | [Weather] | Yes | One request = 1 transaction | <ul><li>Location Insights Weather (Gen2 pricing)</li><li>Standard S1 Weather Transactions (Gen1 S1 pricing)</li><li>Standard Weather Transactions (Gen1 S0 pricing)</li></ul> | -<sup>1</sup> The Azure Maps Data service (both [v1] and [v2]) is now deprecated and will be retired on 9/16/24. To avoid service disruptions, all calls to the Data service will need to be updated to use the Azure Maps [Data Registry service] by 9/16/24. For more information, see [How to create data registry]. +<sup>1</sup> The Azure Maps Data service (both [v1] and [v2]) is now deprecated and will be retired on 9/16/24. To avoid service disruptions, all calls to the Data service will need to be updated to use the Azure Maps [Data Registry] service by 9/16/24. For more information, see [How to create data registry]. <!-- In Bing Maps, any time a synchronous Truck Routing request is made, three transactions are counted. Does this apply also to Azure Maps?--> The following table summarizes the Azure Maps services that generate transaction [Data registry]: /rest/api/maps/data-registry [v1]: /rest/api/maps/data [v2]: /rest/api/maps/data-v2-[Data Registry service]: /rest/api/maps/data-registry [How to create data registry]: how-to-create-data-registries.md [Dataset]: /rest/api/maps/v2/dataset [Feature State]: /rest/api/maps/v2/feature-state |
azure-monitor | Api Filtering Sampling | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/app/api-filtering-sampling.md | Insert a telemetry initializer by adding the onInit callback function in the [Ja ```html <script type="text/javascript"> !function(v,y,T){<!-- Removed the JavaScript (Web) SDK Loader Script code for brevity -->}(window,document,{-src: "https://js.monitor.azure.com/scripts/b/ai.2.min.js", +src: "https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js", crossOrigin: "anonymous", onInit: function (sdk) { sdk.addTelemetryInitializer(function (envelope) { |
azure-monitor | App Insights Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/app/app-insights-overview.md | Autoinstrumentation is available for [Azure App Service](azure-web-apps-nodejs.m The [Application Insights SDK](nodejs.md) is an alternative. We also have an [OpenTelemetry](opentelemetry-enable.md?tabs=nodejs) offering available. -### [JavaScript](#tab/javascript) --JavaScript requires the [Application Insights SDK](javascript.md). - ### [Python](#tab/python) -Python applications can be monitored by using [OpenCensus Python SDK via the Azure Monitor exporters](opencensus-python.md). +Python applications can be monitored by using the [Azure Monitor OpenTelemetry Distro](opentelemetry-enable.md?tabs=python). -An extension is available for monitoring [Azure Functions](opencensus-python.md#integrate-with-azure-functions). +### [JavaScript](#tab/javascript) -An [OpenTelemetry](opentelemetry-enable.md?tabs=python) offering is also available. +JavaScript requires the [Application Insights SDK](javascript.md). An [OpenTelemetry](opentelemetry-enable.md?tabs=python) offering is also availab This section outlines supported scenarios. -* [C#|VB (.NET)](./asp-net.md) +### Automatic instrumentation (enable without code changes) +* [Autoinstrumentation supported environments and languages](codeless-overview.md#supported-environments-languages-and-resource-providers) ++### Manual instrumentation ++#### OpenTelemetry Distro ++* [ASP.NET](opentelemetry-enable.md?tabs=net) +* [Java](opentelemetry-enable.md?tabs=java) +* [Node.js](opentelemetry-enable.md?tabs=nodejs) +* [Python](opentelemetry-enable.md?tabs=python) +* [ASP.NET Core](opentelemetry-enable.md?tabs=aspnetcore) (preview) ++#### Application Insights SDK (Classic API) ++* [ASP.NET](./asp-net.md) * [Java](./opentelemetry-enable.md?tabs=java)-* [JavaScript](./javascript.md) * [Node.js](./nodejs.md) * [Python](./opencensus-python.md)+* [ASP.NET Core](./asp-net-core.md) ++#### Client-side JavaScript SDK ++* [JavaScript](./javascript.md) + * [React](./javascript-framework-extensions.md) + * [React Native](./javascript-framework-extensions.md) + * [Angular](./javascript-framework-extensions.md) ### Supported platforms and frameworks This section lists all supported platforms and frameworks. * [Azure Spring Apps](../../spring-apps/how-to-application-insights.md) * [Azure Cloud Services](./azure-web-apps-net-core.md), including both web and worker roles -#### Autoinstrumentation (enable without code changes) -* [ASP.NET: For web apps hosted with IIS](./application-insights-asp-net-agent.md) -* [ASP.NET Core: For web apps hosted with IIS](./application-insights-asp-net-agent.md) -* [Java](./opentelemetry-enable.md?tabs=java) --#### Manual instrumentation/SDK (some code changes required) -* [ASP.NET](./asp-net.md) -* [ASP.NET Core](./asp-net-core.md) -* [Node.js](./nodejs.md) -* [Python](./opencensus-python.md) -* [JavaScript: Web](./javascript.md) - * [React](./javascript-framework-extensions.md) - * [React Native](./javascript-framework-extensions.md) - * [Angular](./javascript-framework-extensions.md) --> [!NOTE] -> OpenTelemetry-based instrumentation is available for [C#, Node.js, and Python](opentelemetry-enable.md). Review the limitations noted at the beginning of each language's official documentation. If you require a full-feature experience, use the existing Application Insights SDKs. --### Logging frameworks -* [ILogger](./ilogger.md) +#### Logging frameworks +* [`ILogger`](./ilogger.md) * [Log4Net, NLog, or System.Diagnostics.Trace](./asp-net-trace-logs.md)-* [Log4J, Logback, or java.util.logging](./opentelemetry-add-modify.md?tabs=java#logs) +* [`Log4J`, Logback, or java.util.logging](./opentelemetry-add-modify.md?tabs=java#logs) * [LogStash plug-in](https://github.com/Azure/azure-diagnostics-tools/tree/master/Logstash/logstash-output-applicationinsights) * [Azure Monitor](/archive/blogs/msoms/application-insights-connector-in-oms) -### Export and data analysis +#### Export and data analysis * [Power BI](https://powerbi.microsoft.com/blog/explore-your-application-insights-data-with-power-bi/) * [Power BI for workspace-based resources](../logs/log-powerbi.md) ### Unsupported SDKs-Several other community-supported Application Insights SDKs exist. Azure Monitor only provides support when you use the supported instrumentation options listed in this article. +Many community-supported Application Insights SDKs exist. Azure Monitor only provides support when you use the supported instrumentation options listed in this article. -We're constantly assessing opportunities to expand our support for other languages. For the latest SDK news, see [Azure updates for Application Insights](https://azure.microsoft.com/updates/?query=application%20insights). +We're constantly assessing opportunities to expand our support for other languages. For the latest news, see [Azure updates for Application Insights](https://azure.microsoft.com/updates/?query=application%20insights). From server web apps: * HTTP requests. * [Dependencies](./asp-net-dependencies.md). Calls to SQL databases, HTTP calls to external services, Azure Cosmos DB, Azure Table Storage, Azure Blob Storage, and Azure Queue Storage. * [Exceptions](./asp-net-exceptions.md) and stack traces.-* [Performance counters](./performance-counters.md): If you use the [Azure Monitor Application Insights agent](./application-insights-asp-net-agent.md), [Azure monitoring for VMs or virtual machine scale sets](./azure-vm-vmss-apps.md), or the [Application Insights collectd writer](/previous-versions/azure/azure-monitor/app/deprecated-java-2x#collectd-linux-performance-metrics-in-application-insights-deprecated). +* [Performance counters](./performance-counters.md): Performance counters are available when using: +- [Azure Monitor Application Insights agent](application-insights-asp-net-agent.md) +- [Azure monitoring for VMs or virtual machine scale sets](./azure-vm-vmss-apps.md) +- [Application Insights `collectd` writer](/previous-versions/azure/azure-monitor/app/deprecated-java-2x#collectd-linux-performance-metrics-in-application-insights-deprecated). * [Custom events and metrics](./api-custom-events-metrics.md) that you code. * [Trace logs](./asp-net-trace-logs.md) if you configure the appropriate collector. You can [write PowerShell scripts](./powershell.md) by using Azure Resource Moni You can't set up a metrics explorer report or set up continuous export. -### How can I query Application Insights telemetery? +### How can I query Application Insights telemetry? Use the [REST API](/rest/api/application-insights/) to run [Log Analytics](../logs/log-query-overview.md) queries. Post general questions to the Microsoft Q&A [answers forum](/answers/topics/2422 ### Stack Overflow -Post coding questions to [Stack Overflow](https://stackoverflow.com/questions/tagged/azure-application-insights) by using an Application Insights tag. +Post coding questions to [Stack Overflow](https://stackoverflow.com/questions/tagged/azure-application-insights) by using an `azure-application-insights` tag. ### Feedback Community |
azure-monitor | Data Model Complete | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/app/data-model-complete.md | PageView Telemetry includes URL and you could parse the UTM parameter using a re Occasionally, this data might be missing or inaccurate if the user or enterprise disables sending User Agent in browser settings. The [UA Parser regexes](https://github.com/ua-parser/uap-core/blob/master/regexes.yaml) might not include all device information. Or Application Insights might not have adopted the latest updates. +### Why would a custom measurement succeed without error but the log doesn't show up? ++This can occur if you're using string values. Only numeric values work with custom measurements. + ## Next steps Learn how to use the [Application Insights API for custom events and metrics](./api-custom-events-metrics.md), including: |
azure-monitor | Java Get Started Supplemental | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/app/java-get-started-supplemental.md | For more information, see [Using Azure Monitor Application Insights with Spring ## Java Application servers -The following sections show how to set the Application Insights Java agent path for different application servers. You can find the configuration options [here](./java-standalone-config.md). +For information on setting up the Application Insights Java agent, see [Enabling Azure Monitor OpenTelemetry for Java](./opentelemetry-enable.md?tabs=java). The following sections provide additional details which may be helpful when configuring the `-javaagent:...` JVM arg on different application servers. ### Tomcat 8 (Linux) |
azure-monitor | Javascript Feature Extensions | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/app/javascript-feature-extensions.md | Users can set up the Click Analytics Auto-Collection plug-in via JavaScript (Web }; // Application Insights JavaScript (Web) SDK Loader Script code !function(v,y,T){<!-- Removed the JavaScript (Web) SDK Loader Script code for brevity -->}(window,document,{- src: "https://js.monitor.azure.com/scripts/b/ai.2.min.js", + src: "https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js", crossOrigin: "anonymous", cfg: configObj // configObj is defined above. }); |
azure-monitor | Javascript Sdk Upgrade | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/app/javascript-sdk-upgrade.md | If you're using the current application insights PRODUCTION SDK (1.0.20) and wan - Download via CDN scenario: Update the JavaScript (Web) SDK Loader Script that you currently use to point to the following URL: ```- "https://js.monitor.azure.com/scripts/b/ai.2.min.js" + "https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js" ``` - npm scenario: Call `downloadAndSetup` to download the full ApplicationInsights script from CDN and initialize it with a connection string: If you're using the current application insights PRODUCTION SDK (1.0.20) and wan ```ts appInsights.downloadAndSetup({ connectionString: "Copy connection string from Application Insights Resource Overview",- url: "https://js.monitor.azure.com/scripts/b/ai.2.min.jss" + url: "https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js" }); ``` |
azure-monitor | Javascript Sdk | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/app/javascript-sdk.md | -The Microsoft Azure Monitor Application Insights JavaScript SDK collects usage data which allows you to monitor and analyze the performance of JavaScript web applications. This is commonly referred to as Real User Monitoring or RUM. +The Microsoft Azure Monitor Application Insights JavaScript SDK collects usage data, which allows you to monitor and analyze the performance of JavaScript web applications. This is commonly referred to as Real User Monitoring or RUM. -The Application Insights JavaScript SDK has a base SDK and several plugins for additional capabilities. +The Application Insights JavaScript SDK has a base SDK and several plugins for more capabilities. :::image type="content" source="media/javascript-sdk/conceptual-diagram-javascript-sdk.png" alt-text="Conceptual diagram that shows the Application Insights JavaScript SDK, its plugins/extensions, and their relationship to each other." lightbox="media/javascript-sdk/conceptual-diagram-javascript-sdk.png"::: We collect page views by default. But if you want to also collect clicks by default, consider adding the [Click Analytics Auto-Collection plug-in](./javascript-feature-extensions.md): -- If you're adding a [framework extension](./javascript-framework-extensions.md), which you can [add](#optional-add-advanced-sdk-configuration) after you follow the steps to get started below, you'll have the option to add Click Analytics when you add the framework extension. +- If you're adding a [framework extension](./javascript-framework-extensions.md), which you can [add](#optional-add-advanced-sdk-configuration) after you follow the steps to get started below, you can optionally add Click Analytics when you add the framework extension. - If you're not adding a framework extension, [add the Click Analytics plug-in](./javascript-feature-extensions.md) after you follow the steps to get started. We provide the [Debug plugin](https://github.com/microsoft/ApplicationInsights-JS/blob/main/extensions/applicationinsights-debugplugin-js/README.md) and [Performance plugin](https://github.com/microsoft/ApplicationInsights-JS/blob/main/extensions/applicationinsights-perfmarkmeasure-js/README.md) for debugging/testing. In rare cases, it's possible to build your own extension by adding a [custom plugin](https://github.com/microsoft/ApplicationInsights-JS/blob/e4be62c0aa9318b540157118b729bb0c4d8b6c6e/API-reference.md#custom-extension). Two methods are available to add the code to enable Application Insights via the Preferably, you should add it as the first script in your `<head>` section so that it can monitor any potential issues with all of your dependencies. + If Internet Explorer 8 is detected, JavaScript SDK v2.x is automatically loaded. + ```html <script type="text/javascript">- !function(v,y,T){var S=v.location,k="script",D="instrumentationKey",C="ingestionendpoint",I="disableExceptionTracking",E="ai.device.",b="toLowerCase",w=(D[b](),"crossOrigin"),N="POST",e="appInsightsSDK",t=T.name||"appInsights",n=((T.name||v[e])&&(v[e]=t),v[t]||function(l){var u=!1,d=!1,g={initialize:!0,queue:[],sv:"6",version:2,config:l};function m(e,t){var n={},a="Browser";return n[E+"id"]=a[b](),n[E+"type"]=a,n["ai.operation.name"]=S&&S.pathname||"_unknown_",n["ai.internal.sdkVersion"]="javascript:snippet_"+(g.sv||g.version),{time:(a=new Date).getUTCFullYear()+"-"+i(1+a.getUTCMonth())+"-"+i(a.getUTCDate())+"T"+i(a.getUTCHours())+":"+i(a.getUTCMinutes())+":"+i(a.getUTCSeconds())+"."+(a.getUTCMilliseconds()/1e3).toFixed(3).slice(2,5)+"Z",iKey:e,name:"Microsoft.ApplicationInsights."+e.replace(/-/g,"")+"."+t,sampleRate:100,tags:n,data:{baseData:{ver:2}}};function i(e){e=""+e;return 1===e.length?"0"+e:e}}var e,n,f=l.url||T.src;function a(e){var t,n,a,i,o,s,r,c,p;u=!0,g.queue=[],d||(d=!0,i=f,r=(c=function(){var e,t={},n=l.connectionString;if(n)for(var a=n.split(";"),i=0;i<a.length;i++){var o=a[i].split("=");2===o.length&&(t[o[0][b]()]=o[1])}return t[C]||(t[C]="https://"+((e=(n=t.endpointsuffix)?t.location:null)?e+".":"")+"dc."+(n||"services.visualstudio.com")),t}()).instrumentationkey||l[D]||"",c=(c=c[C])?c+"/v2/track":l.endpointUrl,(p=[]).push((t="SDK LOAD Failure: Failed to load Application Insights SDK script (See stack for details)",n=i,o=c,(s=(a=m(r,"Exception")).data).baseType="ExceptionData",s.baseData.exceptions=[{typeName:"SDKLoadFailed",message:t.replace(/\./g,"-"),hasFullStack:!1,stack:t+"\nSnippet failed to load ["+n+"] -- Telemetry is disabled\nHelp Link: https://go.microsoft.com/fwlink/?linkid=2128109\nHost: "+(S&&S.pathname||"_unknown_")+"\nEndpoint: "+o,parsedStack:[]}],a)),p.push((s=i,t=c,(o=(n=m(r,"Message")).data).baseType="MessageData",(a=o.baseData).message='AI (Internal): 99 message:"'+("SDK LOAD Failure: Failed to load Application Insights SDK script (See stack for details) ("+s+")").replace(/\"/g,"")+'"',a.properties={endpoint:t},n)),i=p,r=c,JSON&&((o=v.fetch)&&!T.useXhr?o(r,{method:N,body:JSON.stringify(i),mode:"cors"}):XMLHttpRequest&&((s=new XMLHttpRequest).open(N,r),s.setRequestHeader("Content-type","application/json"),s.send(JSON.stringify(i)))))}function i(e,t){d||setTimeout(function(){!t&&g.core||a()},500)}f&&((n=y.createElement(k)).src=f,!(o=T[w])&&""!==o||"undefined"==n[w]||(n[w]=o),n.onload=i,n.onerror=a,n.onreadystatechange=function(e,t){"loaded"!==n.readyState&&"complete"!==n.readyState||i(0,t)},e=n,T.ld<0?y.getElementsByTagName("head")[0].appendChild(e):setTimeout(function(){y.getElementsByTagName(k)[0].parentNode.appendChild(e)},T.ld||0));try{g.cookie=y.cookie}catch(h){}function t(e){for(;e.length;)!function(t){g[t]=function(){var e=arguments;u||g.queue.push(function(){g[t].apply(g,e)})}}(e.pop())}var s,r,o="track",c="TrackPage",p="TrackEvent",o=(t([o+"Event",o+"PageView",o+"Exception",o+"Trace",o+"DependencyData",o+"Metric",o+"PageViewPerformance","start"+c,"stop"+c,"start"+p,"stop"+p,"addTelemetryInitializer","setAuthenticatedUserContext","clearAuthenticatedUserContext","flush"]),g.SeverityLevel={Verbose:0,Information:1,Warning:2,Error:3,Critical:4},(l.extensionConfig||{}).ApplicationInsightsAnalytics||{});return!0!==l[I]&&!0!==o[I]&&(t(["_"+(s="onerror")]),r=v[s],v[s]=function(e,t,n,a,i){var o=r&&r(e,t,n,a,i);return!0!==o&&g["_"+s]({message:e,url:t,lineNumber:n,columnNumber:a,error:i,evt:v.event}),o},l.autoExceptionInstrumented=!0),g}(T.cfg));function a(){T.onInit&&T.onInit(n)}(v[t]=n).queue&&0===n.queue.length?(n.queue.push(a),n.trackPageView({})):a()}(window,document,{ - src: "https://js.monitor.azure.com/scripts/b/ai.2.min.js", + !(function (cfg){function e(){cfg.onInit&&cfg.onInit(i)}var S,u,D,t,n,i,C=window,x=document,w=C.location,I="script",b="ingestionendpoint",E="disableExceptionTracking",A="ai.device.";"instrumentationKey"[S="toLowerCase"](),u="crossOrigin",D="POST",t="appInsightsSDK",n=cfg.name||"appInsights",(cfg.name||C[t])&&(C[t]=n),i=C[n]||function(l){var d=!1,g=!1,f={initialize:!0,queue:[],sv:"7",version:2,config:l};function m(e,t){var n={},i="Browser";function a(e){e=""+e;return 1===e.length?"0"+e:e}return n[A+"id"]=i[S](),n[A+"type"]=i,n["ai.operation.name"]=w&&w.pathname||"_unknown_",n["ai.internal.sdkVersion"]="javascript:snippet_"+(f.sv||f.version),{time:(i=new Date).getUTCFullYear()+"-"+a(1+i.getUTCMonth())+"-"+a(i.getUTCDate())+"T"+a(i.getUTCHours())+":"+a(i.getUTCMinutes())+":"+a(i.getUTCSeconds())+"."+(i.getUTCMilliseconds()/1e3).toFixed(3).slice(2,5)+"Z",iKey:e,name:"Microsoft.ApplicationInsights."+e.replace(/-/g,"")+"."+t,sampleRate:100,tags:n,data:{baseData:{ver:2}},ver:4,seq:"1",aiDataContract:undefined}}var h=-1,v=0,y=["js.monitor.azure.com","js.cdn.applicationinsights.io","js.cdn.monitor.azure.com","js0.cdn.applicationinsights.io","js0.cdn.monitor.azure.com","js2.cdn.applicationinsights.io","js2.cdn.monitor.azure.com","az416426.vo.msecnd.net"],k=l.url||cfg.src;if(k){if((n=navigator)&&(~(n=(n.userAgent||"").toLowerCase()).indexOf("msie")||~n.indexOf("trident/"))&&~k.indexOf("ai.3")&&(k=k.replace(/(\/)(ai\.3\.)([^\d]*)$/,function(e,t,n){return t+"ai.2"+n})),!1!==cfg.cr)for(var e=0;e<y.length;e++)if(0<k.indexOf(y[e])){h=e;break}var i=function(e){var a,t,n,i,o,r,s,c,p,u;f.queue=[],g||(0<=h&&v+1<y.length?(a=(h+v+1)%y.length,T(k.replace(/^(.*\/\/)([\w\.]*)(\/.*)$/,function(e,t,n,i){return t+y[a]+i})),v+=1):(d=g=!0,o=k,c=(p=function(){var e,t={},n=l.connectionString;if(n)for(var i=n.split(";"),a=0;a<i.length;a++){var o=i[a].split("=");2===o.length&&(t[o[0][S]()]=o[1])}return t[b]||(e=(n=t.endpointsuffix)?t.location:null,t[b]="https://"+(e?e+".":"")+"dc."+(n||"services.visualstudio.com")),t}()).instrumentationkey||l.instrumentationKey||"",p=(p=p[b])?p+"/v2/track":l.endpointUrl,(u=[]).push((t="SDK LOAD Failure: Failed to load Application Insights SDK script (See stack for details)",n=o,r=p,(s=(i=m(c,"Exception")).data).baseType="ExceptionData",s.baseData.exceptions=[{typeName:"SDKLoadFailed",message:t.replace(/\./g,"-"),hasFullStack:!1,stack:t+"\nSnippet failed to load ["+n+"] -- Telemetry is disabled\nHelp Link: https://go.microsoft.com/fwlink/?linkid=2128109\nHost: "+(w&&w.pathname||"_unknown_")+"\nEndpoint: "+r,parsedStack:[]}],i)),u.push((s=o,t=p,(r=(n=m(c,"Message")).data).baseType="MessageData",(i=r.baseData).message='AI (Internal): 99 message:"'+("SDK LOAD Failure: Failed to load Application Insights SDK script (See stack for details) ("+s+")").replace(/\"/g,"")+'"',i.properties={endpoint:t},n)),o=u,c=p,JSON&&((r=C.fetch)&&!cfg.useXhr?r(c,{method:D,body:JSON.stringify(o),mode:"cors"}):XMLHttpRequest&&((s=new XMLHttpRequest).open(D,c),s.setRequestHeader("Content-type","application/json"),s.send(JSON.stringify(o))))))},a=function(e,t){g||setTimeout(function(){!t&&f.core||i()},500),d=!1},T=function(e){var n=x.createElement(I),e=(n.src=e,cfg[u]);return!e&&""!==e||"undefined"==n[u]||(n[u]=e),n.onload=a,n.onerror=i,n.onreadystatechange=function(e,t){"loaded"!==n.readyState&&"complete"!==n.readyState||a(0,t)},cfg.ld&&cfg.ld<0?x.getElementsByTagName("head")[0].appendChild(n):setTimeout(function(){x.getElementsByTagName(I)[0].parentNode.appendChild(n)},cfg.ld||0),n};T(k)}try{f.cookie=x.cookie}catch(p){}function t(e){for(;e.length;)!function(t){f[t]=function(){var e=arguments;d||f.queue.push(function(){f[t].apply(f,e)})}}(e.pop())}var r,s,n="track",o="TrackPage",c="TrackEvent",n=(t([n+"Event",n+"PageView",n+"Exception",n+"Trace",n+"DependencyData",n+"Metric",n+"PageViewPerformance","start"+o,"stop"+o,"start"+c,"stop"+c,"addTelemetryInitializer","setAuthenticatedUserContext","clearAuthenticatedUserContext","flush"]),f.SeverityLevel={Verbose:0,Information:1,Warning:2,Error:3,Critical:4},(l.extensionConfig||{}).ApplicationInsightsAnalytics||{});return!0!==l[E]&&!0!==n[E]&&(t(["_"+(r="onerror")]),s=C[r],C[r]=function(e,t,n,i,a){var o=s&&s(e,t,n,i,a);return!0!==o&&f["_"+r]({message:e,url:t,lineNumber:n,columnNumber:i,error:a,evt:C.event}),o},l.autoExceptionInstrumented=!0),f}(cfg.cfg),(C[n]=i).queue&&0===i.queue.length?(i.queue.push(e),i.trackPageView({})):e();})({ + src: "https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js", // name: "appInsights", // ld: 0, // useXhr: 1, crossOrigin: "anonymous", // onInit: null,+ // cr: 0, cfg: { // Application Insights Configuration connectionString: "YOUR_CONNECTION_STRING" }}); Two methods are available to add the code to enable Application Insights via the | useXhr | boolean | Optional | This setting is used only for reporting SDK load failures. For example, this setting is useful when the JavaScript (Web) SDK Loader Script is preventing the HTML page from loading, causing fetch() to be unavailable.<br><br>Reporting first attempts to use fetch() if available and then fallback to XHR. Set this setting to `true` to bypass the fetch check. This setting is only required if your application is being used in an environment where fetch would fail to send the failure events such as if the JavaScript (Web) SDK Loader Script isn't loading successfully. | crossOrigin | string | Optional | By including this setting, the script tag added to download the SDK includes the crossOrigin attribute with this string value. Use this setting when you need to provide support for CORS. When not defined (the default), no crossOrigin attribute is added. Recommended values are not defined (the default), "", or "anonymous". For all valid values, see the [cross origin HTML attribute](https://developer.mozilla.org/docs/Web/HTML/Attributes/crossorigin) documentation. | onInit | function(aiSdk) { ... } | Optional | This callback function is called after the main SDK script has been successfully loaded and initialized from the CDN (based on the src value). This callback function is useful when you need to insert a telemetry initializer. It's passed one argument, which is a reference to the SDK instance that's being called for and is also called before the first initial page view. If the SDK has already been loaded and initialized, this callback is still called. NOTE: During the processing of the sdk.queue array, this callback is called. You CANNOT add any more items to the queue because they're ignored and dropped. (Added as part of JavaScript (Web) SDK Loader Script version 5--the sv:"5" value within the script). |+ | cr | boolean | Optional | If the SDK fails to load and the endpoint value defined for `src` is the public CDN location, this configuration option attempts to immediately load the SDK from one of the following backup CDN endpoints:<ul><li>js.monitor.azure.com</li><li>js.cdn.applicationinsights.io</li><li>js.cdn.monitor.azure.com</li><li>js0.cdn.applicationinsights.io</li><li>js0.cdn.monitor.azure.com</li><li>js2.cdn.applicationinsights.io</li><li>js2.cdn.monitor.azure.com</li><li>az416426.vo.msecnd.net</li></ul>NOTE: az416426.vo.msecnd.net is partially supported, so it's not recommended.<br><br>If the SDK successfully loads from a backup CDN endpoint, it loads from the first available one, which is determined when the server performs a successful load check. If the SDK fails to load from any of the backup CDN endpoints, the SDK Failure error message appears.<br><br>When not defined, the default value is `true`. If you donΓÇÖt want to load the SDK from the backup CDN endpoints, set this configuration option to `false`.<br><br>If youΓÇÖre loading the SDK from your own privately hosted CDN endpoint, this configuration option is not applicable. #### [npm package](#tab/npmpackage) To paste the connection string in your environment, follow these steps: 1. Replace the placeholder `"YOUR_CONNECTION_STRING"` in the JavaScript code with your [connection string](./sdk-connection-string.md) copied to the clipboard. + The `connectionString` format must follow "InstrumentationKey=xxxx;....". If the string provided does not meet this format, the SDK load process fails. + The connection string isn't considered a security token or key. For more information, see [Do new Azure regions require the use of connection strings?](./sdk-connection-string.md#do-new-azure-regions-require-the-use-of-connection-strings). ### (Optional) Add SDK configuration If you want to use the extra features provided by plugins for specific framework It might take a few minutes for data to show up in the portal. If the only data you see showing up is a load failure exception, see [Troubleshoot SDK load failure for JavaScript web apps](/troubleshoot/azure/azure-monitor/app-insights/javascript-sdk-troubleshooting#troubleshoot-sdk-load-failure-for-javascript-web-apps). + In some cases, if multiple instances of different versions of Application Insights are running on the same page, errors can occur during initialization. For these cases and the error message that appears, see [Running multiple versions of the Application Insights JavaScript SDK in one session](https://github.com/microsoft/ApplicationInsights-JS/blob/main/versionConflict.md). If you've encountered one of these errors, try changing the namespace by using the `name` setting. For more information, see [JavaScript (Web) SDK Loader Script configuration](#javascript-web-sdk-loader-script-configuration). + :::image type="content" source="media/javascript-sdk/confirm-data-flowing.png" alt-text="Screenshot of the Application Insights Transaction search pane in the Azure portal with the Page View option selected. The page views are highlighted." lightbox="media/javascript-sdk/confirm-data-flowing.png"::: 1. If you want to query data to confirm data is flowing: |
azure-monitor | Opentelemetry Add Modify | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/app/opentelemetry-add-modify.md | Dependencies - [Redis-4](https://github.com/open-telemetry/opentelemetry-js-contrib/tree/main/plugins/node/opentelemetry-instrumentation-redis-4) - [Azure SDK](https://github.com/Azure/azure-sdk-for-js/tree/main/sdk/instrumentation/opentelemetry-instrumentation-azure-sdk) -Auto instrumentation of Logs is currently only supported when using `applicationinsights` v3 Beta package. (https://www.npmjs.com/package/applicationinsights/v/beta) +Automatic instrumentation of Logs is currently only supported when using `applicationinsights` v3 Beta package. (https://www.npmjs.com/package/applicationinsights/v/beta) + Logs - [Node.js console](https://nodejs.org/api/console.html) - [Bunyan](https://github.com/trentm/node-bunyan#readme) To add a community instrumentation library (not officially supported/included in > Instrumenting a [supported instrumentation library](.\opentelemetry-add-modify.md?tabs=python#included-instrumentation-libraries) manually with `instrument()` in conjunction with the distro `configure_azure_monitor()` is not recommended. This is not a supported scenario and you may get undesired behavior for your telemetry. ```python+# Import the `configure_azure_monitor()`, `SQLAlchemyInstrumentor`, `create_engine`, and `text` functions from the appropriate packages. from azure.monitor.opentelemetry import configure_azure_monitor from opentelemetry.instrumentation.sqlalchemy import SQLAlchemyInstrumentor from sqlalchemy import create_engine, text +# Configure OpenTelemetry to use Azure Monitor. configure_azure_monitor() +# Create a SQLAlchemy engine. engine = create_engine("sqlite:///:memory:")-# SQLAlchemy instrumentation is not officially supported by this package -# However, you can use the OpenTelemetry instrument() method manually in -# conjunction with configure_azure_monitor ++# SQLAlchemy instrumentation is not officially supported by this package, however, you can use the OpenTelemetry `instrument()` method manually in conjunction with `configure_azure_monitor()`. SQLAlchemyInstrumentor().instrument( engine=engine, ) -# Database calls using the SqlAlchemy library will be automatically captured +# Database calls using the SQLAlchemy library will be automatically captured. with engine.connect() as conn: result = conn.execute(text("select 'hello world'")) print(result.all()) public class Program { #### [Python](#tab/python) ```python+# Import the `configure_azure_monitor()` and `metrics` functions from the appropriate packages. from azure.monitor.opentelemetry import configure_azure_monitor from opentelemetry import metrics +# Configure OpenTelemetry to use Azure Monitor with the specified connection string. +# Replace `<your-connection-string>` with the connection string to your Azure Monitor Application Insights resource. configure_azure_monitor( connection_string="<your-connection-string>", )++# Get a meter provider and a meter with the name "otel_azure_monitor_histogram_demo". meter = metrics.get_meter_provider().get_meter("otel_azure_monitor_histogram_demo") +# Record three values to the histogram. histogram = meter.create_histogram("histogram") histogram.record(1.0, {"test_key": "test_value"}) histogram.record(100.0, {"test_key2": "test_value"}) histogram.record(30.0, {"test_key": "test_value2"}) +# Wait for background execution. input() ``` public class Program { #### [Python](#tab/python) ```python+# Import the `configure_azure_monitor()` and `metrics` functions from the appropriate packages. from azure.monitor.opentelemetry import configure_azure_monitor from opentelemetry import metrics +# Configure OpenTelemetry to use Azure Monitor with the specified connection string. +# Replace `<your-connection-string>` with the connection string to your Azure Monitor Application Insights resource. configure_azure_monitor( connection_string="<your-connection-string>", )+# Get a meter provider and a meter with the name "otel_azure_monitor_counter_demo". meter = metrics.get_meter_provider().get_meter("otel_azure_monitor_counter_demo") +# Create a counter metric with the name "counter". counter = meter.create_counter("counter")++# Add three values to the counter. +# The first argument to the `add()` method is the value to add. +# The second argument is a dictionary of dimensions. +# Dimensions are used to group related metrics together. counter.add(1.0, {"test_key": "test_value"}) counter.add(5.0, {"test_key2": "test_value"}) counter.add(3.0, {"test_key": "test_value2"}) +# Wait for background execution. input() ``` public class Program { #### [Python](#tab/python) ```python+# Import the necessary packages. from typing import Iterable from azure.monitor.opentelemetry import configure_azure_monitor from opentelemetry import metrics from opentelemetry.metrics import CallbackOptions, Observation +# Configure OpenTelemetry to use Azure Monitor with the specified connection string. +# Replace `<your-connection-string>` with the connection string to your Azure Monitor Application Insights resource. configure_azure_monitor( connection_string="<your-connection-string>", )++# Get a meter provider and a meter with the name "otel_azure_monitor_gauge_demo". meter = metrics.get_meter_provider().get_meter("otel_azure_monitor_gauge_demo") +# Define two observable gauge generators. +# The first generator yields a single observation with the value 9. +# The second generator yields a sequence of 10 observations with the value 9 and a different dimension value for each observation. def observable_gauge_generator(options: CallbackOptions) -> Iterable[Observation]: yield Observation(9, {"test_key": "test_value"}) def observable_gauge_sequence(options: CallbackOptions) -> Iterable[Observation] ) return observations +# Create two observable gauges using the defined generators. gauge = meter.create_observable_gauge("gauge", [observable_gauge_generator]) gauge2 = meter.create_observable_gauge("gauge2", [observable_gauge_sequence]) +# Wait for background execution. input() ``` You can use `opentelemetry-api` to update the status of a span and record except The OpenTelemetry Python SDK is implemented in such a way that exceptions thrown are automatically captured and recorded. See the following code sample for an example of this behavior. ```python+# Import the necessary packages. from azure.monitor.opentelemetry import configure_azure_monitor from opentelemetry import trace +# Configure OpenTelemetry to use Azure Monitor with the specified connection string. +# Replace `<your-connection-string>` with the connection string to your Azure Monitor Application Insights resource. configure_azure_monitor( connection_string="<your-connection-string>", )++# Get a tracer for the current module. tracer = trace.get_tracer("otel_azure_monitor_exception_demo") # Exception events try:+ # Start a new span with the name "hello". with tracer.start_as_current_span("hello") as span: # This exception will be automatically recorded raise Exception("Custom exception message.") within the context manager and use `record_exception()` directly as shown in the ```python ...+# Start a new span with the name "hello" and disable exception recording. with tracer.start_as_current_span("hello", record_exception=False) as span: try:+ # Raise an exception. raise Exception("Custom exception message.") except Exception as ex: # Manually record exception The code example shows how to use the `tracer.start_as_current_span()` method to ```python ...+# Import the necessary packages. from opentelemetry import trace +# Get a tracer for the current module. tracer = trace.get_tracer(__name__) +# Start a new span with the name "my first span" and make it the current span. # The "with" context manager starts, makes the span current, and ends the span within it's context with tracer.start_as_current_span("my first span") as span: try:- # Do stuff within the context of this + # Do stuff within the context of this span. + # All telemetry generated within this scope will be attributed to this span. except Exception as ex:+ # Record the exception on the span. span.record_exception(ex) ... If your method represents a background job not already captured by autoinstrumen ```python ...+# Import the necessary packages. from opentelemetry import trace from opentelemetry.trace import SpanKind +# Get a tracer for the current module. tracer = trace.get_tracer(__name__)++# Start a new span with the name "my request span" and the kind set to SpanKind.SERVER. with tracer.start_as_current_span("my request span", kind=SpanKind.SERVER) as span:+ # Do stuff within the context of this span. ... ``` Not available in .NET. If you want to add custom events or access the Application Insights API, replace the @azure/monitor-opentelemetry package with the `applicationinsights` [v3 Beta package](https://www.npmjs.com/package/applicationinsights/v/beta). It offers the same methods and interfaces, and all sample code for @azure/monitor-opentelemetry applies to the v3 Beta package. -To send custom telemetry with the Application Insights Classic API, use the `applicationinsights` [v3 Beta package](https://www.npmjs.com/package/applicationinsights/v/beta). +You need to use the `applicationinsights` v3 Beta package to send custom telemetry using the Application Insights classic API. (https://www.npmjs.com/package/applicationinsights/v/beta) ```javascript const { TelemetryClient } = require("applicationinsights"); Use a custom processor: ```python ...+# Import the necessary packages. from azure.monitor.opentelemetry import configure_azure_monitor from opentelemetry import trace +# Configure OpenTelemetry to use Azure Monitor with the specified connection string. +# Replace `<your-connection-string>` with the connection string to your Azure Monitor Application Insights resource. configure_azure_monitor( connection_string="<your-connection-string>", )++# Create a SpanEnrichingProcessor instance. span_enrich_processor = SpanEnrichingProcessor()-# Add the processor shown below to the current `TracerProvider` ++# Add the span enrich processor to the current TracerProvider. trace.get_tracer_provider().add_span_processor(span_enrich_processor) ... ``` trace.get_tracer_provider().add_span_processor(span_enrich_processor) Add `SpanEnrichingProcessor.py` to your project with the following code: ```python+# Import the SpanProcessor class from the opentelemetry.sdk.trace module. from opentelemetry.sdk.trace import SpanProcessor class SpanEnrichingProcessor(SpanProcessor): def on_end(self, span):+ # Prefix the span name with the string "Updated-". span._name = "Updated-" + span.name+ # Add the custom dimension "CustomDimension1" with the value "Value1". span._attributes["CustomDimension1"] = "Value1"+ # Add the custom dimension "CustomDimension2" with the value "Value2". span._attributes["CustomDimension2"] = "Value2" ``` Use the add [custom property example](#add-a-custom-property-to-a-span), but rep Use the add [custom property example](#add-a-custom-property-to-a-span), but replace the following lines of code in `SpanEnrichingProcessor.py`: ```python+# Set the `http.client_ip` attribute of the span to the specified IP address. span._attributes["http.client_ip"] = "<IP Address>" ``` Use the add [custom property example](#add-a-custom-property-to-a-span), but rep Use the add [custom property example](#add-a-custom-property-to-a-span), but replace the following lines of code: ```python+# Set the `enduser.id` attribute of the span to the specified user ID. span._attributes["enduser.id"] = "<User ID>" ``` The Python [logging](https://docs.python.org/3/howto/logging.html) library is [a ```python ...+# Create a warning log message with the properties "key1" and "value1". logger.warning("WARNING: Warning log with properties", extra={"key1": "value1"}) ... Use the add [custom property example](#add-a-custom-property-to-a-span), but rep ```python ...+ # Import the Flask and Azure Monitor OpenTelemetry SDK libraries. import flask from azure.monitor.opentelemetry import configure_azure_monitor - # Configure Azure monitor collection telemetry pipeline + # Configure OpenTelemetry to use Azure Monitor with the specified connection string. + # Replace `<your-connection-string>` with the connection string to your Azure Monitor Application Insights resource. configure_azure_monitor( connection_string="<your-connection-string>", )+ + # Create a Flask application. app = flask.Flask(__name__) - # Requests sent to this endpoint will not be tracked due to - # flask_config configuration + # Define a route. Requests sent to this endpoint will not be tracked due to + # flask_config configuration. @app.route("/ignore") def ignore(): return "Request received but not tracked." Use the add [custom property example](#add-a-custom-property-to-a-span), but rep ```python ...+ # Import the necessary libraries. from azure.monitor.opentelemetry import configure_azure_monitor from opentelemetry import trace + # Configure OpenTelemetry to use Azure Monitor with the specified connection string. + # Replace `<your-connection-string>` with the connection string to your Azure Monitor Application Insights resource. configure_azure_monitor( connection_string="<your-connection-string>", )+ + # Add a SpanFilteringProcessor to the tracer provider. trace.get_tracer_provider().add_span_processor(SpanFilteringProcessor()) ... ``` Use the add [custom property example](#add-a-custom-property-to-a-span), but rep Add `SpanFilteringProcessor.py` to your project with the following code: ```python+ # Import the necessary libraries. from opentelemetry.trace import SpanContext, SpanKind, TraceFlags from opentelemetry.sdk.trace import SpanProcessor + # Define a custom span processor called `SpanFilteringProcessor`. class SpanFilteringProcessor(SpanProcessor): - # prevents exporting spans from internal activities + # Prevents exporting spans from internal activities. def on_start(self, span):+ # Check if the span is an internal activity. if span._kind is SpanKind.INTERNAL:+ # Create a new span context with the following properties: + # * The trace ID is the same as the trace ID of the original span. + # * The span ID is the same as the span ID of the original span. + # * The is_remote property is set to `False`. + # * The trace flags are set to `DEFAULT`. + # * The trace state is the same as the trace state of the original span. span._context = SpanContext( span.context.trace_id, span.context.span_id, Get the request trace ID and the span ID in your code: Get the request trace ID and the span ID in your code: - ```python - from opentelemetry import trace +```python +# Import the necessary libraries. +from opentelemetry import trace - trace_id = trace.get_current_span().get_span_context().trace_id - span_id = trace.get_current_span().get_span_context().span_id - ``` +# Get the trace ID and span ID of the current span. +trace_id = trace.get_current_span().get_span_context().trace_id +span_id = trace.get_current_span().get_span_context().span_id +``` |
azure-monitor | Opentelemetry Configuration | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/app/opentelemetry-configuration.md | Use one of the following two ways to configure the connection string: - Pass into `configure_azure_monitor`: ```python+# Import the `configure_azure_monitor()` function from the `azure.monitor.opentelemetry` package. from azure.monitor.opentelemetry import configure_azure_monitor +# Configure OpenTelemetry to use Azure Monitor with the specified connection string. +# Replace `<your-connection-string>` with the connection string of your Azure Monitor Application Insights resource. configure_azure_monitor( connection_string="<your-connection-string>", ) useAzureMonitor(options); #### [Python](#tab/python) ```python+# Import the `ManagedIdentityCredential` class from the `azure.identity` package. from azure.identity import ManagedIdentityCredential+# Import the `configure_azure_monitor()` function from the `azure.monitor.opentelemetry` package. from azure.monitor.opentelemetry import configure_azure_monitor +# Configure OpenTelemetry to use Azure Monitor with a managed identity credential. +# This will allow OpenTelemetry to authenticate to Azure Monitor without requiring you to provide a connection string. configure_azure_monitor( credential=ManagedIdentityCredential(), ) To override the default directory, you should set `storage_directory` to the dir For example: ```python ...+# Configure OpenTelemetry to use Azure Monitor with the specified connection string and storage directory. +# Replace `your-connection-string` with the connection string to your Azure Monitor Application Insights resource. +# Replace `C:\\SomeDirectory` with the directory where you want to store the telemetry data before it is sent to Azure Monitor. configure_azure_monitor( connection_string="your-connection-string", storage_directory="C:\\SomeDirectory", To disable this feature, you should set `disable_offline_storage` to `True`. Def For example: ```python ...+# Configure OpenTelemetry to use Azure Monitor with the specified connection string and disable offline storage. +# Replace `your-connection-string` with the connection string to your Azure Monitor Application Insights resource. configure_azure_monitor( connection_string="your-connection-string", disable_offline_storage=True, For more information about Java, see the [Java supplemental documentation](java- 1. Add the following code snippet. This example assumes you have an OpenTelemetry Collector with an OTLP receiver running. For details, see this [README](https://github.com/Azure/azure-sdk-for-python/tree/main/sdk/monitor/azure-monitor-opentelemetry-exporter/samples/traces#collector). ```python+ # Import the `configure_azure_monitor()`, `trace`, `OTLPSpanExporter`, and `BatchSpanProcessor` classes from the appropriate packages. from azure.monitor.opentelemetry import configure_azure_monitor from opentelemetry import trace from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import OTLPSpanExporter from opentelemetry.sdk.trace.export import BatchSpanProcessor + # Configure OpenTelemetry to use Azure Monitor with the specified connection string. + # Replace `<your-connection-string>` with the connection string to your Azure Monitor Application Insights resource. configure_azure_monitor( connection_string="<your-connection-string>", )+ + # Get the tracer for the current module. tracer = trace.get_tracer(__name__) + # Create an OTLP span exporter that sends spans to the specified endpoint. + # Replace `http://localhost:4317` with the endpoint of your OTLP collector. otlp_exporter = OTLPSpanExporter(endpoint="http://localhost:4317")+ + # Create a batch span processor that uses the OTLP span exporter. span_processor = BatchSpanProcessor(otlp_exporter)+ + # Add the batch span processor to the tracer provider. trace.get_tracer_provider().add_span_processor(span_processor) + # Start a new span with the name "test". with tracer.start_as_current_span("test"): print("Hello world!") ``` |
azure-monitor | Container Insights Onboard | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/containers/container-insights-onboard.md | - Title: Enable Container insights description: This article describes how to enable and configure Container insights so that you can understand how your container is performing and what performance-related issues have been identified. If you're going to configure the cluster to [collect Prometheus metrics](contain ### Permissions -To enable container monitoring, you require the following permissions: +To enable Container insights, you require the following permissions: -- You must be a member of the [Log Analytics contributor](../logs/manage-access.md#azure-rbac) role.-- You must be a member of the [*Owner* group](../../role-based-access-control/built-in-roles.md#owner) on any AKS cluster resources.+- You must have at least [Contributor](../../role-based-access-control/built-in-roles.md#contributor) access to the AKS cluster. To view data after container monitoring is enabled, you require the following permissions: -- You must be a member of the [Log Analytics reader](../logs/manage-access.md#azure-rbac) role if you aren't already a member of the [Log Analytics contributor](../logs/manage-access.md#azure-rbac) role.+- You must have [Monitoring Reader](../roles-permissions-security.md#monitoring-reader) or [Monitoring Contributor](../roles-permissions-security.md#monitoring-contributor) role. ### Kubelet secure port The following table lists the extra firewall configuration required for managed After you've enabled monitoring, you can begin analyzing the performance of your Kubernetes clusters that are hosted on AKS, Azure Stack, or another environment. To learn how to use Container insights, see [View Kubernetes cluster performance](container-insights-analyze.md).+ |
azure-monitor | Profiler Aspnetcore Linux | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-aspnetcore-linux.md | description: Learn how to enable Profiler on your ASP.NET Core web application h ms.devlang: csharp Previously updated : 08/30/2023 Last updated : 09/22/2023 # Customer Intent: As a .NET developer, I'd like to enable Application Insights Profiler for my .NET web application hosted in Linux |
azure-monitor | Profiler Azure Functions | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-azure-functions.md | Title: Profile Azure Functions app with Application Insights Profiler description: Enable Application Insights Profiler for Azure Functions app. ms.contributor: charles.weininger Previously updated : 07/15/2022- Last updated : 09/22/2023+ # Profile live Azure Functions app with Application Insights |
azure-monitor | Profiler Bring Your Own Storage | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-bring-your-own-storage.md | |
azure-monitor | Profiler Cloudservice | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-cloudservice.md | Title: Enable Profiler for Azure Cloud Services | Microsoft Docs description: Profile Azure Cloud Services in real time with Application Insights Profiler. Previously updated : 07/07/2023 Last updated : 09/22/2023 # Enable Profiler for Azure Cloud Services |
azure-monitor | Profiler Containers | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-containers.md | Title: Profile Azure containers with Application Insights Profiler description: Learn how to enable the Application Insights Profiler for your ASP.NET Core application running in Azure containers. ms.contributor: charles.weininger Previously updated : 08/30/2023- Last updated : 09/22/2023+ # Customer Intent: As a .NET developer, I'd like to learn how to enable Profiler on my ASP.NET Core application running in my container. |
azure-monitor | Profiler Data | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-data.md | Title: Generate load and view Application Insights Profiler data description: Generate load to your Azure service to view the Profiler data ms.contributor: charles.weininger Previously updated : 04/11/2023 Last updated : 09/22/2023 |
azure-monitor | Profiler Overview | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-overview.md | Title: Profile production apps in Azure with Application Insights Profiler + Title: Analyze application performance traces with Application Insights Profiler description: Identify the hot path in your web server code with a low-footprint profiler. ms.contributor: charles.weininger Previously updated : 07/15/2022- Last updated : 09/21/2023+ # Profile production applications in Azure with Application Insights Profiler -Diagnosing performance issues can be difficult, especially when your application is running on a production environment in the cloud. The cloud is dynamic. Machines come and go, and user input and other conditions are constantly changing. There's also potential for high scale. Slow responses in your application could be caused by infrastructure, framework, or application code handling the request in the pipeline. +Diagnosing your application's performance issues can be difficult, especially when running on a production environment in the dynamic cloud. Slow responses in your application could be caused by infrastructure, framework, or application code handling the request in the pipeline. -With Application Insights Profiler, you can capture and view performance traces for your application in all these dynamic situations. The process occurs automatically at scale and doesn't negatively affect your users. Profiler captures the following information so that you can easily identify performance issues while your app is running in Azure: +With Application Insights Profiler, you can capture, identify, and view performance traces for your application running in Azure, regardless of the scenario. The Profiler trace process occurs automatically, at scale, and doesn't negatively affect your users. The Profiler identifies: -- Identifies the median, fastest, and slowest response times for each web request made by your customers.-- Helps you identify the "hot" code path spending the most time handling a particular web request.+- The median, fastest, and slowest response times for each web request made by your customers. +- The "hot" code path spending the most time handling a particular web request. -Enable the Profiler on all your Azure applications to catch issues early and prevent your customers from being widely affected. When you enable Profiler, it gathers data with these triggers: +Enable the Profiler on all your Azure applications to gather data with the following triggers: - **Sampling trigger**: Starts Profiler randomly about once an hour for two minutes. - **CPU trigger**: Starts Profiler when the CPU usage percentage is over 80 percent. - **Memory trigger**: Starts Profiler when memory usage is above 80 percent. -Each of these triggers can be configured, enabled, or disabled on the [Configure Profiler page](./profiler-settings.md#trigger-settings). +Each of these triggers can be [configured, enabled, or disabled](./profiler-settings.md#trigger-settings). ## Overhead and sampling algorithm -Profiler randomly runs two minutes per hour on each virtual machine hosting the application with Profiler enabled for capturing traces. When Profiler is running, it adds from 5 percent to 15 percent CPU overhead to the server. +Profiler randomly runs two minutes per hour on each virtual machine hosting applications with Profiler enabled. When Profiler is running, it adds from 5 percent to 15 percent CPU overhead to the server. ## Supported in Profiler Profiler works with .NET applications deployed on the following Azure services. | [Azure Container Instances for Linux](profiler-containers.md) | No | Yes | No | | Kubernetes | No | Yes | No | | [Azure Functions](./profiler-azure-functions.md) | Yes | Yes | No |-| Azure Spring Cloud | N/A | No | No | | [Azure Service Fabric](profiler-servicefabric.md) | Yes | Yes | No | If you've enabled Profiler but aren't seeing traces, see the [Troubleshooting guide](profiler-troubleshooting.md). |
azure-monitor | Profiler Servicefabric | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-servicefabric.md | Title: Enable Profiler for Azure Service Fabric applications description: Profile live Azure Service Fabric apps with Application Insights. Previously updated : 07/15/2022 Last updated : 09/22/2023 # Enable Profiler for Azure Service Fabric applications |
azure-monitor | Profiler Settings | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-settings.md | Title: Configure Application Insights Profiler | Microsoft Docs description: Use the Application Insights Profiler settings pane to see Profiler status and start profiling sessions ms.contributor: Charles.Weininger Previously updated : 08/09/2022 Last updated : 09/22/2023 # Configure Application Insights Profiler To open the Application Insights Profiler settings pane, select **Performance** You can view Profiler traces across your Azure resources via two methods: -- By the **Profiler** button:+- The **Profiler** button: Select **Profiler**. :::image type="content" source="./media/profiler-overview/profiler-button-inline.png" alt-text="Screenshot that shows the Profiler button on the Performance pane." lightbox="media/profiler-settings/profiler-button.png"::: -- By operation:+- Operations: 1. Select an operation from the **Operation name** list. **Overall** is highlighted by default. 1. Select **Profiler traces**. Within Profiler, you can configure and view Profiler. The **Application Insights **Recent profiling sessions** | Displays information about past profiling sessions, which you can sort by using the filters at the top of the page. ## Profile now+ Select **Profile now** to start a profiling session on demand. When you select this link, all Profiler agents that are sending data to this Application Insights instance start to capture a profile. After 5 to 10 minutes, the profile session is shown in the list. To manually trigger a Profiler session, you need, at minimum, *write* access on your role for the Application Insights component. In most cases, you get write access automatically. If you're having issues, you need the **Application Insights Component Contributor** subscription scope role added. For more information, see [Resources, roles, and access control in Application Insights](../app/resources-roles-access-control.md). CPU % | Percentage of CPU used while Profiler was running. Memory % | Percentage of memory used while Profiler was running. ## Next steps+ [Enable Profiler and view traces](profiler-overview.md?toc=/azure/azure-monitor/toc.json) [profiler-on-demand]: ./media/profiler-settings/profiler-on-demand.png |
azure-monitor | Profiler Trackrequests | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-trackrequests.md | Title: Write code to track requests with Application Insights | Microsoft Docs description: Write code to track requests with Application Insights so you can get profiles for your requests. Previously updated : 08/09/2022 Last updated : 09/22/2023 # Write code to track requests with Application Insights -Application Insights needs to track requests for your application to provide profiles for your application on the **Performance** page in the Azure portal. --For applications built on already-instrumented frameworks (like ASP.NET and ASP.NET Core), Application Insights can automatically track requests. +Application Insights needs to track requests for your application to provide profiles for your application on the **Performance** page in the Azure portal. For applications built on already-instrumented frameworks (like ASP.NET and ASP.NET Core), Application Insights can automatically track requests. For other applications (like Azure Cloud Services worker roles and Azure Service Fabric stateless APIs), you need to track requests with code that tells Application Insights where your requests begin and end. Requests telemetry is then sent to Application Insights, which you can view on the **Performance** page. Profiles are collected for those requests. |
azure-monitor | Profiler Vm | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-vm.md | Title: Enable Profiler for web apps on an Azure virtual machine description: Profile web apps running on an Azure virtual machine or a virtual machine scale set by using Application Insights Profiler Previously updated : 07/18/2022 Last updated : 09/22/2023 -In this article, you learn how to run Application Insights Profiler on your Azure virtual machine (VM) or Azure virtual machine scale set via three different methods. With any of these methods, you: +In this article, you learn how to run Application Insights Profiler on your Azure virtual machine (VM) or Azure virtual machine scale set via three different methods: ++- Visual Studio and Azure Resource Manager +- PowerShell +- Azure Resource Explorer ++With any of these methods, you: - Configure the Azure Diagnostics extension to run Profiler. - Install the Application Insights SDK on a VM. In this article, you learn how to run Application Insights Profiler on your Azur ## Prerequisites -You need: - - A functioning [ASP.NET Core application](/aspnet/core/getting-started). - An [Application Insights resource](../app/create-workspace-resource.md). - To review the Azure Resource Manager templates (ARM templates) for the Azure Diagnostics extension: You need: You can enable Profiler by any of three ways: -- Within your ASP.NET Core application by using an Azure Resource Manager template and Visual Studio. We recommend this method.+- Within your ASP.NET Core application by using an Azure Resource Manager template and Visual Studio. **Recommended.** - By using a PowerShell command via the Azure CLI. - By using Azure Resource Explorer. |
azure-monitor | Profiler | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler.md | Title: Enable Profiler for Azure App Service apps | Microsoft Docs description: Profile live apps on Azure App Service with Application Insights Profiler. Previously updated : 05/01/2023- Last updated : 09/21/2023+ # Enable Profiler for Azure App Service apps -Application Insights Profiler is preinstalled as part of the Azure App Service runtime. You can run Profiler on ASP.NET and ASP.NET Core apps running on App Service by using the Basic service tier or higher. Follow these steps even if you've included the Application Insights SDK in your application at build time. +Application Insights Profiler is preinstalled as part of the Azure App Service runtime. You can run Profiler on ASP.NET and ASP.NET Core apps running on App Service by using the Basic service tier or higher. Follow these steps, even if you included the Application Insights SDK in your application at build time. To enable Profiler on Linux, walk through the [ASP.NET Core Azure Linux web apps instructions](profiler-aspnetcore-linux.md). > [!NOTE]-> Codeless installation of Application Insights Profiler follows the .NET Core support policy. -> For more information about supported runtime, see [.NET Core Support Policy](https://dotnet.microsoft.com/platform/support/policy/dotnet-core). +> Codeless installation of Application Insights Profiler follows the .NET Core support policy. For more information about supported runtime, see [.NET Core Support Policy](https://dotnet.microsoft.com/platform/support/policy/dotnet-core). ## Prerequisites -You need: - - An [Azure App Service ASP.NET/ASP.NET Core app](../../app-service/quickstart-dotnetcore.md). - An [Application Insights resource](/previous-versions/azure/azure-monitor/app/create-new-resource) connected to your App Service app. -## Verify the Always on setting is enabled +## Verify the "Always on" setting is enabled 1. In the Azure portal, go to your App Service instance. 1. Under **Settings** on the left pane, select **Configuration**. |
azure-resource-manager | Async Operations | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-resource-manager/management/async-operations.md | There are two different ways to monitor the status the asynchronous operation. Y If `Azure-AsyncOperation` isn't one of the header values, then look for: -* `Location` - URL for determining when an operation has completed. Only use this value only when `Azure-AsyncOperation` isn't returned. +* `Location` - URL for determining when an operation has completed. Use this value only when `Azure-AsyncOperation` isn't returned. * `Retry-After` - The number of seconds to wait before checking the status of the asynchronous operation. > [!NOTE] If the request is still running, you receive a status code 202. If the request h ## Next steps * For documentation about each REST operation, see [REST API documentation](/rest/api/azure/).-* For information about deploying templates through the Resource Manager REST API, see [Deploy resources with Resource Manager templates and Resource Manager REST API](../templates/deploy-rest.md). +* For information about deploying templates through the Resource Manager REST API, see [Deploy resources with Resource Manager templates and Resource Manager REST API](../templates/deploy-rest.md). |
backup | Save Backup Passphrase Securely In Azure Key Vault | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/backup/save-backup-passphrase-securely-in-azure-key-vault.md | Based on the Key Vault permission model (either role-based access permissions or To assign the permissions, follow these steps: 1. Go to your *Azure Key Vault* > **Settings** > **Access Configuration** to ensure that the permission model is **RBAC**.- ++ :::image type="content" source="./media/save-backup-passphrase-securely-in-azure-key-vault/open-access-configuration.png" alt-text="Screenshot shows how to open access configuration under settings." lightbox="./media/save-backup-passphrase-securely-in-azure-key-vault/open-access-configuration.png"::: + 2. Select **Access control (IAM)** > **+Add** to add role assignment. 3. The Recovery Services vault identity requires the **Set permission on Secret** to create and add the passphrase as a Secret to the Key Vault. You can select a *built-in role* such as **Key Vault Secrets Officer** that has the permission (along with other permissions not required for this feature) or [create a custom role](../key-vault/general/rbac-guide.md?tabs=azurepowershell#creating-custom-roles) with only Set permission on Secret. - Select **Details** to view the permissions granted by the role and ensure Set permission on Secret is available. + Under **Details**, select **View** to view the permissions granted by the role and ensure *Set* permission on *Secret* is available. + :::image type="content" source="./media/save-backup-passphrase-securely-in-azure-key-vault/view-permission-details.png" alt-text="Screenshot shows how to view the permission details." lightbox="./media/save-backup-passphrase-securely-in-azure-key-vault/view-permission-details.png"::: ++ :::image type="content" source="./media/save-backup-passphrase-securely-in-azure-key-vault/check-set-permission-availability-on-secret.png" alt-text="Screenshot shows how to check the Set permission availability." lightbox="./media/save-backup-passphrase-securely-in-azure-key-vault/check-set-permission-availability-on-secret.png"::: + 4. Select **Next** to proceed to select Members for assignment. 5. Select **Managed identity** and then **+ Select members**. choose the **Subscription** of the target Recovery Services vault, select Recovery Services vault under **System-assigned managed identity**. Search and select the *name of the Recovery Services vault*.++ :::image type="content" source="./media/save-backup-passphrase-securely-in-azure-key-vault/add-members-in-managed-identity.png" alt-text="Screenshot shows how to add members in managed identity." lightbox="./media/save-backup-passphrase-securely-in-azure-key-vault/add-members-in-managed-identity.png"::: 6. Select **Next**, review the assignment, and select **Review + assign**.- -7. Go to **Access control (IAM)** in the Key Vault, select **Role assignments** and ensure that the Recovery Services vault is listed. ++ :::image type="content" source="./media/save-backup-passphrase-securely-in-azure-key-vault/review-and-assign-permissions.png" alt-text="Screenshot shows how to review and assign permissions." lightbox="./media/save-backup-passphrase-securely-in-azure-key-vault/review-and-assign-permissions.png"::: ++7. Go to **Access control (IAM)** in the Key Vault, select **Role assignments** and ensure that the Recovery Services vault is listed. ++ :::image type="content" source="./media/save-backup-passphrase-securely-in-azure-key-vault/recovery-services-vault-listed-in-access-control.png" alt-text="Screenshot shows the Recovery Services vault is listed in access control." lightbox="./media/save-backup-passphrase-securely-in-azure-key-vault/recovery-services-vault-listed-in-access-control.png"::: # [PowerShell](#tab/powershell) |
chaos-studio | Chaos Studio Target Selection | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/chaos-studio/chaos-studio-target-selection.md | + + Title: Target selection in Azure Chaos Studio Preview +description: Understand two different ways to select experiment targets in Azure Chaos Studio Preview. ++++ Last updated : 09/25/2023++++# Target selection in Azure Chaos Studio Preview ++Every chaos experiment is made up of a different combination of faults and targets, building up to a unique outage scenario to test your system's resilience against. You may want to select a fixed set of targets for your chaos experiment, or provide a rule in which all matching fault-onboarded resources are included as targets in your experiment. Chaos Studio enables you to do both by providing both manual and query-based target selection. ++## List-based manual target selection ++List-based manual target selection allows you to select a fixed set of onboarded targets for a particular fault in your chaos experiment. Depending on the selected fault, you may select one or more onboarded resources to target. The aforementioned resources are added to the experiment upon creation time. In order to modify the list, you must navigate to the experiment's page and add or remove fault targets manually. An example of manual target selection is shown below. ++[ ![Screenshot that shows the list-based manual target selection option in the Azure portal.](images/manual-target-selection.png) ](images/manual-target-selection.png#lightbox) ++## Query-based dynamic target selection ++Query-based dynamic target selection allows you to input a KQL query that will select all onboarded targets that match the query result set. Using your query, you may filter targets based on common Azure resource parameters including type, region, name, and more. Upon experiment creation time, only the query itself will be added to your chaos experiment. ++The inputted query will run and add onboarded targets that match its result set upon experiment execution time. Thus, any resources onboarded to Chaos Studio after experiment creation time that match the query result set upon experiment execution time will be targeted by your experiment. You may preview your query's result set when adding it to your experiment, but be aware that it may not match the result set at experiment execution time. An example of a possible dynamic target query is shown below. ++[ ![Screenshot that shows the query-based dynamic target selection option in the Azure portal.](images/dynamic-target-selection-preview.png) ](images/dynamic-target-selection-preview.png#lightbox) ++## Next steps +Now that you understand both ways to select targets within a chaos experiment, you're ready to: ++- [Create and run your first experiment](chaos-studio-tutorial-service-direct-portal.md) |
communication-services | Call Recording | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/communication-services/concepts/voice-video-calling/call-recording.md | -For example, you can record 1:1 or 1:N scenarios for audio and video calls enabled by [Calling Client SDK](./calling-sdk-features.md). +For example, you can record 1:1 or 1:N audio and video calls: ![Diagram showing a call that it's being recorded.](../media/call-recording-client.png) But also, you can use Call Recording to record complex PSTN or VoIP inbound and Regardless of how you established the call, Call Recording allows you to produce mixed or unmixed media files that are stored for 48 hours on a built-in temporary storage. You can retrieve the files and take them to the long-term storage solution of your choice. Call Recording supports all Azure Communication Services data regions. -![Diagram showing call recording architecture using calling client sdk.](../media/call-recording-with-call-automation.png) +![Diagram showing call recording architecture.](../media/call-recording-with-call-automation.png) ## Call Recording that supports your business needs Call Recording supports multiple media outputs and content types to address your business needs and use cases. You might use mixed formats for scenarios such as keeping records, meeting notes, coaching and training, or even compliance and adherence. Or, you can use unmixed audio format to address quality assurance use cases or even more complex scenarios like advanced analytics or AI-based (Artificial Intelligence) sophisticated post-call processes. |
communication-services | Calling Sdk Features | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/communication-services/concepts/voice-video-calling/calling-sdk-features.md | The Azure Communication Services Calling SDK supports the following streaming co | Limit | Web | Windows/Android/iOS | | - | | -- | | **Maximum # of outgoing local streams that can be sent simultaneously** | 1 video and 1 screen sharing | 1 video + 1 screen sharing |-| **Maximum # of incoming remote streams that can be rendered simultaneously** | 9 videos + 1 screen sharing WebSDK version [1.16.3](https://github.com/Azure/Communication/blob/master/releasenotes/acs-javascript-calling-library-release-notes.md#1163-stable-2023-08-24) or greater | 9 videos + 1 screen sharing | +| **Maximum # of incoming remote streams that can be rendered simultaneously** | 9 videos + 1 screen sharing on desktop browsers*, 4 videos + 1 screen sharing on web mobile browsers | 9 videos + 1 screen sharing | +\* Starting from ACS Web Calling SDK version [1.16.3](https://github.com/Azure/Communication/blob/master/releasenotes/acs-javascript-calling-library-release-notes.md#1163-stable-2023-08-24) While the Calling SDK don't enforce these limits, your users may experience performance degradation if they're exceeded. Use the API of [Optimal Video Count](../../how-tos/calling-sdk/manage-video.md?pivots=platform-web#remote-video-quality) to determine how many current incoming video streams your web environment can support. ## Calling SDK timeouts |
confidential-computing | Vmss Deployment From Hardened Linux Image | https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/confidential-computing/vmss-deployment-from-hardened-linux-image.md | + + Title: Deploy a virtual machine scale set using a hardened Linux image +description: Learn how to use vmss to deploy a scale set using the hardened linux image. +++m ++ Last updated : 9/12/2023+++++# Deploy a virtual machine scale set using a hardened Linux image ++**Applies to:** :heavy_check_mark: Hardened Linux Images ++Virtual machine scale set deployments using images from Azure marketplace can be done following the steps described for standard [VMSS deployments](/azure/virtual-machine-scale-sets/flexible-virtual-machine-scale-sets-cli). ++However, if you have chosen to create a hardened linux image by removing the Azure guest agents, it's crucial to comprehend what functionalities the VM loses before you decide to remove the Azure Linux Agent, and how it affects vmss deployment. ++This "how to" document describes the steps to deploy a virtual machine scale set instance while comprehending the functional limitations of the hardened image on deploying the vmss instance. +## Prerequisites ++- Azure subscription - If you don't have an Azure subscription, [create a free Azure account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin. +- If your free trial accounts don't have access to the VMs used in this tutorial, one option is to use a [pay as you go subscription](https://azure.microsoft.com/pricing/purchase-options/pay-as-you-go/). +- A hardened linux image - you can create one from this [article](harden-a-linux-image-to-remove-azure-guest-agent.md). + +### VMSS confidential VM deployment from a hardened Linux image ++Steps to deploy a scale set using VMSS and a hardened image are as follows: ++1. Follow the steps to harden a Linux image. ++ [Harden a Linux image to remove Azure guest agent](harden-a-linux-image-to-remove-azure-guest-agent.md). + + [Harden a Linux image to remove sudo users](harden-the-linux-image-to-remove-sudo-users.md). ++2. Log in to the Azure CLI. ++ Make sure that you've installed the latest [Azure CLI](/cli/azure/install-azure-cli) and are logged in to an Azure account with [az login](/cli/azure/reference-index). ++3. Launch Azure Cloud Shell. ++ The [Azure Cloud Shell](https://shell.azure.com/cli) is a free interactive shell that you can use to run the steps in this article. It has common Azure tools preinstalled and configured to use with your account. ++ To open the Cloud Shell, just select Try it from the upper right corner of a code block. You can also open Cloud Shell in a separate browser tab by going to https://shell.azure.com/bash. Select Copy to copy the blocks of code, paste it into the Cloud Shell, and select Enter to run i |