Updates from: 09/26/2023 01:21:29
Service Microsoft Docs article Related commit history on GitHub Change details
active-directory Inbound Provisioning Api Concepts https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-concepts.md
Title: API-driven inbound provisioning concepts description: An overview of API-driven inbound provisioning. -+ Last updated 09/15/2023-+
active-directory Inbound Provisioning Api Configure App https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-configure-app.md
Title: Configure API-driven inbound provisioning app description: Learn how to configure API-driven inbound provisioning app. -+ Last updated 09/15/2023-+
If you're configuring inbound user provisioning to on-premises Active Directory,
## Create your API-driven provisioning app 1. Log in to the [Microsoft Entra admin center](<https://entra.microsoft.com>) as at least an [Application Administrator](https://go.microsoft.com/fwlink/?linkid=2247823).
-2. Browse to **Microsoft Entra ID** > **Applications** > **Enterprise applications**.
+2. Browse to **Identity** > **Applications** > **Enterprise applications**.
3. Click on **New application** to create a new provisioning application. [![Screenshot of Microsoft Entra Admin Center.](media/inbound-provisioning-api-configure-app/provisioning-entra-admin-center.png)](media/inbound-provisioning-api-configure-app/provisioning-entra-admin-center.png#lightbox) 4. Enter **API-driven** in the search field, then select the application for your setup:
active-directory Inbound Provisioning Api Curl Tutorial https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-curl-tutorial.md
Title: Quickstart API-driven inbound provisioning with cURL description: Learn how to get started with API-driven inbound provisioning using cURL. -+ Last updated 09/15/2023-+
active-directory Inbound Provisioning Api Custom Attributes https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-custom-attributes.md
Title: Extend API-driven provisioning to sync custom attributes description: Learn how to extend API-driven inbound provisioning to sync custom attributes. -+ Last updated 09/15/2023-+
You have configured API-driven provisioning app. You're provisioning app is succ
In this step, we'll add the two attributes "HireDate" and "JobCode" that are not part of the standard SCIM schema to the provisioning app and use them in the provisioning data flow.
-1. Log in to your [Microsoft Entra admin center](https://entra.microsoft.com) as at least an [Application Administrator](https://go.microsoft.com/fwlink/?linkid=2247823).
-1. Browse to **Enterprise applications** and open your API-driven provisioning app.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least an [Application Administrator](https://go.microsoft.com/fwlink/?linkid=2247823).
+1. Browse to **Identity** > **Applications** > **Enterprise applications**.
+1. Open your API-driven provisioning app.
1. Open the **Provisioning** blade. 1. Click on the **Edit Provisioning** button. 1. Expand the **Mappings** section and click on the attribute mapping link. <br>
- :::image type="content" border="true" source="./media/inbound-provisioning-api-custom-attributes/edit-attribute-mapping.png" alt-text="Screenshot of edit attribute mapping." lightbox="./media/inbound-provisioning-api-custom-attributes/edit-attribute-mapping.png":::
+ :::image type="content" border="true" source="./media/inbound-provisioning-api-custom-attributes/edit-attribute-mapping.png" alt-text="Screenshot of edit attribute mapping." lightbox="./media/inbound-provisioning-api-custom-attributes/edit-attribute-mapping.png":::
1. Scroll down the **Attribute Mappings** page. Select **Show advanced options** and click on the **Edit attribute list for API** link.
- :::image type="content" border="true" source="./media/inbound-provisioning-api-custom-attributes/edit-api-attribute-list.png" alt-text="Screenshot of edit API attribute list." lightbox="./media/inbound-provisioning-api-custom-attributes/edit-api-attribute-list.png":::
+ :::image type="content" border="true" source="./media/inbound-provisioning-api-custom-attributes/edit-api-attribute-list.png" alt-text="Screenshot of edit API attribute list." lightbox="./media/inbound-provisioning-api-custom-attributes/edit-api-attribute-list.png":::
1. Scroll down to the end of the **Edit Attribute List** page. 1. Add the following two attributes to the list as SCIM schema extensions. You can use your own SCIM schema namespace. <br> `urn:ietf:params:scim:schemas:extension:contoso:1.0:User:HireDate` <br> `urn:ietf:params:scim:schemas:extension:contoso:1.0:User:JobCode` <br>
- :::image type="content" border="true" source="./media/inbound-provisioning-api-custom-attributes/add-custom-attributes.png" alt-text="Screenshot of adding custom attributes." lightbox="./media/inbound-provisioning-api-custom-attributes/add-custom-attributes.png":::
-1. **Save** your changes
+ :::image type="content" border="true" source="./media/inbound-provisioning-api-custom-attributes/add-custom-attributes.png" alt-text="Screenshot of adding custom attributes." lightbox="./media/inbound-provisioning-api-custom-attributes/add-custom-attributes.png":::
+1. **Save** your changes
> [!NOTE] > If you'd like to add only a few additional attributes to the provisioning app, use Microsoft Entra admin center to extend the schema. If you'd like to add more custom attributes (let's say 20+ attributes), then we recommend using the [`UpdateSchema` mode of the CSV2SCIM PowerShell script](inbound-provisioning-api-powershell.md#extending-provisioning-job-schema) which automates the above manual process.
active-directory Inbound Provisioning Api Faqs https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-faqs.md
Title: Frequently asked questions (FAQs) about API-driven inbound provisioning description: Learn more about the capabilities and integration scenarios supported by API-driven inbound provisioning. -+ Last updated 09/15/2023-+
active-directory Inbound Provisioning Api Grant Access https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-grant-access.md
Title: Grant access to inbound provisioning API description: Learn how to grant access to the inbound provisioning API. -+ Last updated 09/15/2023-+
active-directory Inbound Provisioning Api Graph Explorer https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-graph-explorer.md
Title: Quickstart API-driven inbound provisioning with Graph Explorer description: Learn how to get started quickly with API-driven inbound provisioning using Graph Explorer -+ Last updated 09/15/2023-+
active-directory Inbound Provisioning Api Issues https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-issues.md
Title: Troubleshoot inbound provisioning API description: Learn how to troubleshoot issues with the inbound provisioning API.-+
active-directory Inbound Provisioning Api Logic Apps https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-logic-apps.md
Title: API-driven inbound provisioning with Azure Logic Apps (Public preview) description: Learn how to implement API-driven inbound provisioning with Azure Logic Apps. -+ Last updated 09/15/2023-+
active-directory Inbound Provisioning Api Postman https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-postman.md
Title: Quickstart API-driven inbound provisioning with Postman description: Learn how to get started quickly with API-driven inbound provisioning using Postman -+ Last updated 09/15/2023-+
active-directory Inbound Provisioning Api Powershell https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/inbound-provisioning-api-powershell.md
Title: API-driven inbound provisioning with PowerShell script (Public preview) description: Learn how to implement API-driven inbound provisioning with a PowerShell script. -+ Last updated 09/15/2023-+
active-directory Insufficient Access Rights Error Troubleshooting https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/insufficient-access-rights-error-troubleshooting.md
Title: Troubleshoot insufficient access rights error description: Learn how to troubleshoot InsufficientAccessRights error when provisioning to on-premises Active Directory.-+
active-directory On Premises Powershell Connector https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/on-premises-powershell-connector.md
Last updated 05/11/2023
- # Provisioning users into applications using PowerShell The following documentation provides configuration and tutorial information demonstrating how the generic PowerShell connector and the ECMA Connector Host can be used to integrate Microsoft Entra ID with external systems that offer Windows PowerShell based APIs. For additional information see [Windows PowerShell Connector technical reference](/microsoft-identity-manager/reference/microsoft-identity-manager-2016-connector-powershell) - ## Prerequisites for provisioning via PowerShell+ The following sections detail the prerequisites for this tutorial. ### Download the PowerShell setup files
-Download the PowerShell setup files from GitHub. The setup files consist of the configuration file, the input file, schema file and the scripts used. The files are located [here for download](https://github.com/microsoft/MIMPowerShellConnectors/tree/master/src/ECMA2HostCSV).
+[Download the PowerShell setup files from our GitHub repository](https://github.com/microsoft/MIMPowerShellConnectors/tree/master/src/ECMA2HostCSV). The setup files consist of the configuration file, the input file, schema file and the scripts used.
### On-premises prerequisites
The connector provides a bridge between the capabilities of the ECMA Connector H
`Set-ExecutionPolicy -ExecutionPolicy RemoteSigned` - Deploying this connector requires one or more PowerShell scripts. Some Microsoft products may provide scripts for use with this connector, and the support statement for those scripts would be provided by that product. If you are developing your own scripts for use with this connector, you'll need to have familiarity with the [Extensible Connectivity Management Agent API](/previous-versions/windows/desktop/forefront-2010/hh859557(v=vs.100)?redirectedfrom=MSDN) to develop and maintain those scripts. If you are integrating with third party systems using your own scripts in a production environment, we recommend you work with the third party vendor or a deployment partner for help, guidance and support for this integration. -- ### Cloud requirements - A Microsoft Entra tenant with Microsoft Entra ID P1 or Premium P2 (or EMS E3 or E5). [!INCLUDE [active-directory-p1-license.md](../../../includes/active-directory-p1-license.md)]
The connector provides a bridge between the capabilities of the ECMA Connector H
If you have already downloaded the provisioning agent and configured it for another on-premises application, then continue reading in the next section.
- 1. In the Azure portal, select **Microsoft Entra ID**.
- 2. On the left, select **Microsoft Entra Connect**.
- 3. On the left, select **Cloud sync**.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Hybrid Identity Administrator](../roles/permissions-reference.md#hybrid-identity-administrator).
+1. Browse to **Identity** > **Hybrid management** > **Azure AD Connect** > **Cloud Sync** > **Agents**.
:::image type="content" source="../../../includes/media/active-directory-cloud-sync-how-to-install/new-ux-1.png" alt-text="Screenshot of new UX screen." lightbox="../../../includes/media/active-directory-cloud-sync-how-to-install/new-ux-1.png":::
- 4. On the left, select **Agent**.
- 5. Select **Download on-premises agent**, and select **Accept terms & download**.
+1. Select **Download on-premises agent**, review the terms of service, then select **Accept terms & download**.
- >[!NOTE]
- >Please use different provisioning agents for on-premises application provisioning and Microsoft Entra Connect Cloud Sync / HR-driven provisioning. All three scenarios should not be managed on the same agent.
+ > [!NOTE]
+ > Please use different provisioning agents for on-premises application provisioning and Azure AD Connect Cloud Sync / HR-driven provisioning. All three scenarios should not be managed on the same agent.
- 6. Open the provisioning agent installer, agree to the terms of service, and select **next**.
- 7. When the provisioning agent wizard opens, continue to the **Select Extension** tab and select **On-premises application provisioning** when prompted for the extension you want to enable.
- 8. The provisioning agent uses the operating system's web browser to display a popup window for you to authenticate to Microsoft Entra ID, and potentially also your organization's identity provider. If you are using Internet Explorer as the browser on Windows Server, then you may need to add Microsoft web sites to your browser's trusted site list to allow JavaScript to run correctly.
- 9. Provide credentials for a Microsoft Entra administrator when you're prompted to authorize. The user is required to have the Hybrid Identity Administrator or Global Administrator role.
- 10. Select **Confirm** to confirm the setting. Once installation is successful, you can select **Exit**, and also close the Provisioning Agent Package installer.
+1. Open the provisioning agent installer, agree to the terms of service, and select **next**.
+1. When the provisioning agent wizard opens, continue to the **Select Extension** tab and select **On-premises application provisioning** when prompted for the extension you want to enable.
+1. The provisioning agent uses the operating system's web browser to display a popup window for you to authenticate to Azure AD, and potentially also your organization's identity provider. If you are using Internet Explorer as the browser on Windows Server, then you may need to add Microsoft web sites to your browser's trusted site list to allow JavaScript to run correctly.
+1. Provide credentials for an Azure AD administrator when you're prompted to authorize. The user is required to have the Hybrid Identity Administrator or Global Administrator role.
+1. Select **Confirm** to confirm the setting. Once installation is successful, you can select **Exit**, and also close the Provisioning Agent Package installer.
## Configure the On-premises ECMA app [!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)]
- 1. Sign in to the [Azure portal](https://portal.azure.com) as an administrator.
- 2. Go to **Enterprise applications** and select **New application**.
- 3. Search for the **On-premises ECMA app** application, give the app a name, and select **Create** to add it to your tenant.
- 4. Navigate to the **Provisioning** page of your application.
- 5. Select **Get started**.
- 6. On the **Provisioning** page, change the mode to **Automatic**.
- 7. On the **On-Premises Connectivity** section, select the agent that you just deployed and select **Assign Agent(s)**.
- 8. Keep this browser window open, as you complete the next step of configuration using the configuration wizard.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator).
+1. Browse to **Identity** > **Applications** > **Enterprise applications**.
+1. Select **New application**.
+1. Search for the **On-premises ECMA app** application, give the app a name, and select **Create** to add it to your tenant.
+1. Navigate to the **Provisioning** page of your application.
+1. Select **Get started**.
+1. On the **Provisioning** page, change the mode to **Automatic**.
+1. On the **On-Premises Connectivity** section, select the agent that you just deployed and select **Assign Agent(s)**.
+1. Keep this browser window open, as you complete the next step of configuration using the configuration wizard.
+
+## Place the InputFile.txt and Schema.xml file in locations
- ## Place the InputFile.txt and Schema.xml file in locations
- Before you can create the PowerShell connector for this tutorial, you need to copy the InputFile.txt and Schema.xml file into the correct locations. These files are the ones you needed to download in section [Download the PowerShell setup files](#download-the-powershell-setup-files).
+Before you can create the PowerShell connector for this tutorial, you need to copy the InputFile.txt and Schema.xml file into the correct locations. These files are the ones you needed to download in section [Download the PowerShell setup files](#download-the-powershell-setup-files).
|File|location| |--|--|
If you have already downloaded the provisioning agent and configured it for anot
## Configure the Microsoft Entra ECMA Connector Host certificate
- 1. On the Windows Server where the provisioning agent is installed, right click the **Microsoft ECMA2Host Configuration Wizard** from the start menu, and run as administrator. Running as a Windows administrator is necessary for the wizard to create the necessary Windows event logs.
- 2. After the ECMA Connector Host Configuration starts, if it's the first time you have run the wizard, it will ask you to create a certificate. Leave the default port **8585** and select **Generate certificate** to generate a certificate. The autogenerated certificate will be self-signed as part of the trusted root. The certificate SAN matches the host name.
- 3. Select **Save**.
-
+1. On the Windows Server where the provisioning agent is installed, right click the **Microsoft ECMA2Host Configuration Wizard** from the start menu, and run as administrator. Running as a Windows administrator is necessary for the wizard to create the necessary Windows event logs.
+2. After the ECMA Connector Host Configuration starts, if it's the first time you have run the wizard, it will ask you to create a certificate. Leave the default port **8585** and select **Generate certificate** to generate a certificate. The autogenerated certificate will be self-signed as part of the trusted root. The certificate SAN matches the host name.
+3. Select **Save**.
## Create the PowerShell Connector ### General Screen
- 1. Launch the Microsoft ECMA2Host Configuration Wizard from the start menu.
- 2. At the top, select **Import** and select the configuration.xml file from step 1.
- 3. The new connector should be created and appear in red. Click **Edit**.
- 4. Generate a secret token used for authenticating Microsoft Entra ID to the connector. It should be 12 characters minimum and unique for each application. If you do not already have a secret generator, you can use a PowerShell command such as the following to generate an example random string.
+1. Launch the Microsoft ECMA2Host Configuration Wizard from the start menu.
+2. At the top, select **Import** and select the configuration.xml file from step 1.
+3. The new connector should be created and appear in red. Click **Edit**.
+4. Generate a secret token used for authenticating Microsoft Entra ID to the connector. It should be 12 characters minimum and unique for each application. If you do not already have a secret generator, you can use a PowerShell command such as the following to generate an example random string.
```powershell -join (((48..90) + (96..122)) * 16 | Get-Random -Count 16 | % {[char]$_}) ```
- 5. On the **Properties** page, all of the information should be populated. The table is provided as reference. Click **Next**.
+5. On the **Properties** page, all of the information should be populated. The table is provided as reference. Click **Next**.
- |Property|Value|
- |--|--|
- |Name|The name you chose for the connector, which should be unique across all connectors in your environment. For example, `PowerShell`.|
- |Autosync timer (minutes)|120|
- |Secret Token|Enter your secret token here. It should be 12 characters minimum.|
- |Extension DLL|For the PowerShell connector, select **Microsoft.IAM.Connector.PowerShell.dll**.|
+ |Property|Value|
+ |--|--|
+ |Name|The name you chose for the connector, which should be unique across all connectors in your environment. For example, `PowerShell`.|
+ |Autosync timer (minutes)|120|
+ |Secret Token|Enter your secret token here. It should be 12 characters minimum.|
+ |Extension DLL|For the PowerShell connector, select **Microsoft.IAM.Connector.PowerShell.dll**.|
:::image type="content" source="media/on-premises-powershell-connector/powershell-1.png" alt-text="Screenshot of general screen." lightbox="media/on-premises-powershell-connector/powershell-1.png"::: ### Connectivity+ The connectivity tab allows you to supply configuration parameters for connecting to a remote system. Configure the connectivity tab with the information provided in the table.
+- On the **Connectivity** page, all of the information should be populated. The table is provided as reference. Click **Next**.
- :::image type="content" source="media/on-premises-powershell-connector/powershell-2.png" alt-text="Screenshot of the connectivity screen." lightbox="media/on-premises-powershell-connector/powershell-2.png":::
|Parameter|Value|Purpose| |-|--|--|
The connectivity tab allows you to supply configuration parameters for connectin
### Capabilities+ The capabilities tab defines the behavior and functionality of the connector. The selections made on this tab cannot be modified when the connector has been created. Configure the capabilities tab with the information provided in the table. - On the **Capabilities** page, all of the information should be populated. The table is provided as reference. Click **Next**.
- :::image type="content" source="media/on-premises-powershell-connector/powershell-4.png" alt-text="Screenshot of the capabilities screen." lightbox="media/on-premises-powershell-connector/powershell-4.png":::
|Parameter|Value|Purpose| |-|--|--|
The capabilities tab defines the behavior and functionality of the connector. Th
|Delete-Add As Replace|Checked|Not supported. This will be ignored.| |Enable Export Password in First Pass|Unchecked|Not supported. This will be ignored.| - ### Global Parameters+ The Global Parameters tab enables you to configure the Windows PowerShell scripts that are run by the connector. You can also configure global values for custom configuration settings defined on the Connectivity tab. Configure the global parameters tab with the information provided in the table.
+- On the **Global Parameters** page, all of the information should be populated. The table is provided as reference. Click **Next**.
:::image type="content" source="media/on-premises-powershell-connector/powershell-5.png" alt-text="Screenshot of the global screen." lightbox="media/on-premises-powershell-connector/powershell-5.png":::
The Global Parameters tab enables you to configure the Windows PowerShell script
|Encoding_Global|\<Blank> (defaults to UTF8)| ### Partitions, Run Profiles, Export, FullImport+ Keep the defaults and click **next**. ### Object types+ Configure the object types tab with the information provided in the table. - On the **Object types** page, all of the information should be populated. The table is provided as reference. Click **Next**.
Configure the object types tab with the information provided in the table.
|DN|AzureObjectID| ### Select Attributes+ Ensure that the following attributes are selected: - On the **Select Attributes** page, all of the information should be populated. The table is provided as reference. Click **Next**.
On the Deprovisioning page, you can specify if you wish to have Microsoft Entra
Follow these steps to confirm that the connector host has started and has identified any existing users from the target system.
- 1. On the server running the Microsoft Entra ECMA Connector Host, select **Start**.
- 2. Select **run** if needed, then enter **services.msc** in the box.
- 3. In the **Services** list, ensure that **Microsoft ECMA2Host** is present and running. If it is not running, select **Start**.
- 4. On the server running the Microsoft Entra ECMA Connector Host, launch PowerShell.
- 5. Change to the folder where the ECMA host was installed, such as `C:\Program Files\Microsoft ECMA2Host`.
- 6. Change to the subdirectory `Troubleshooting`.
- 7. Run the script `TestECMA2HostConnection.ps1` in the directory as shown, and provide as arguments the connector name and the `ObjectTypePath` value `cache`. If your connector host is not listening on TCP port 8585, then you may also need to provide the `-Port` argument as well. When prompted, type the secret token configured for that connector.
+1. On the server running the Microsoft Entra ECMA Connector Host, select **Start**.
+2. Select **run** if needed, then enter **services.msc** in the box.
+3. In the **Services** list, ensure that **Microsoft ECMA2Host** is present and running. If it is not running, select **Start**.
+4. On the server running the Microsoft Entra ECMA Connector Host, launch PowerShell.
+5. Change to the folder where the ECMA host was installed, such as `C:\Program Files\Microsoft ECMA2Host`.
+6. Change to the subdirectory `Troubleshooting`.
+7. Run the script `TestECMA2HostConnection.ps1` in the directory as shown, and provide as arguments the connector name and the `ObjectTypePath` value `cache`. If your connector host is not listening on TCP port 8585, then you may also need to provide the `-Port` argument as well. When prompted, type the secret token configured for that connector.
``` PS C:\Program Files\Microsoft ECMA2Host\Troubleshooting> $cout = .\TestECMA2HostConnection.ps1 -ConnectorName PowerShell -ObjectTypePath cache; $cout.length -gt 9 Supply values for the following parameters: SecretToken: ************ ```
- 8. If the script displays an error or warning message, then check that the service is running, and the connector name and secret token match those values you configured in the configuration wizard.
- 9. If the script displays the output `False`, then the connector has not seen any entries in the source target system for existing users. If this is a new target system installation, then this behavior is to be expected, and you can continue at the next section.
- 10. However, if the target system already contains one or more users but the script displayed `False`, then this status indicates the connector could not read from the target system. If you attempt to provision, then Microsoft Entra ID may not correctly match users in that source directory with users in Microsoft Entra ID. Wait several minutes for the connector host to finish reading objects from the existing target system, and then rerun the script. If the output continues to be `False`, then check the configuration of your connector and the permissions in the target system are allowing the connector to read existing users.
+8. If the script displays an error or warning message, then check that the service is running, and the connector name and secret token match those values you configured in the configuration wizard.
+9. If the script displays the output `False`, then the connector has not seen any entries in the source target system for existing users. If this is a new target system installation, then this behavior is to be expected, and you can continue at the next section.
+10. However, if the target system already contains one or more users but the script displayed `False`, then this status indicates the connector could not read from the target system. If you attempt to provision, then Microsoft Entra ID may not correctly match users in that source directory with users in Microsoft Entra ID. Wait several minutes for the connector host to finish reading objects from the existing target system, and then rerun the script. If the output continues to be `False`, then check the configuration of your connector and the permissions in the target system are allowing the connector to read existing users.
<a name='test-the-connection-from-azure-ad-to-the-connector-host'></a> ## Test the connection from Microsoft Entra ID to the connector host
- 1. Return to the web browser window where you were configuring the application provisioning in the portal.
- >[!NOTE]
- >If the window had timed out, then you need to re-select the agent.
- 1. Sign in to the [Azure portal](https://portal.azure.com).
- 2. Go to **Enterprise applications** and the **On-premises ECMA app** application.
- 3. Click on **Provisioning**.
- 4. If **Get started** appears, then change the mode to **Automatic**, on the **On-Premises Connectivity** section, select the agent that you just deployed and select **Assign Agent(s)**, and wait 10 minutes. Otherwise go to **Edit Provisioning**.
- 2. Under the **Admin credentials** section, enter the following URL. Replace the `connectorName` portion with the name of the connector on the ECMA host, such as `PowerShell`. If you provided a certificate from your certificate authority for the ECMA host, then replace `localhost` with the host name of the server where the ECMA host is installed.
+1. Return to the web browser window where you were configuring the application provisioning in the portal.
- |Property|Value|
- |--|--|
- |Tenant URL|https://localhost:8585/ecma2host_connectorName/scim|
+ > [!NOTE]
+ > If the window had timed out, then you need to re-select the agent.
+
+ 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator).
+ 1. Browse to **Identity** > **Applications** > **Enterprise applications**.
+ 1. Select the **On-premises ECMA app** application.
+ 1. Select **Provisioning**.
+ 1. If **Get started** appears, then change the mode to **Automatic**, on the **On-Premises Connectivity** section, select the agent that you just deployed and select **Assign Agent(s)**, and wait 10 minutes. Otherwise go to **Edit Provisioning**.
- 3. Enter the **Secret Token** value that you defined when you created the connector.
- >[!NOTE]
- >If you just assigned the agent to the application, please wait 10 minutes for the registration to complete. The connectivity test won't work until the registration completes. Forcing the agent registration to complete by restarting the provisioning agent on your server can speed up the registration process. Go to your server, search for **services** in the Windows search bar, identify the **Microsoft Entra Connect Provisioning Agent** service, right-click the service, and restart.
- 4. Select **Test Connection**, and wait one minute.
- 5. After the connection test is successful and indicates that the supplied credentials are authorized to enable provisioning, select **Save**.
+1. Under the **Admin credentials** section, enter the following URL. Replace the `connectorName` portion with the name of the connector on the ECMA host, such as `PowerShell`. If you provided a certificate from your certificate authority for the ECMA host, then replace `localhost` with the host name of the server where the ECMA host is installed.
-## Configure the application connection in the Azure portal
+ |Property|Value|
+ |--|--|
+ |Tenant URL|https://localhost:8585/ecma2host_connectorName/scim|
+
+1. Enter the **Secret Token** value that you defined when you created the connector.
+
+ > [!NOTE]
+ > If you just assigned the agent to the application, please wait 10 minutes for the registration to complete. The connectivity test won't work until the registration completes. Forcing the agent registration to complete by restarting the provisioning agent on your server can speed up the registration process. Go to your server, search for **services** in the Windows search bar, identify the **Azure AD Connect Provisioning Agent** service, right-click the service, and restart.
+
+1. Select **Test Connection**, and wait one minute.
+1. After the connection test is successful and indicates that the supplied credentials are authorized to enable provisioning, select **Save**.
+
+## Configure the application connection
Return to the web browser window where you were configuring the application provisioning.
->[!NOTE]
->If the window had timed out, then you need to re-select the agent.
-
- 1. Sign in to the [Azure portal](https://portal.azure.com).
- 2. Go to **Enterprise applications** and the **On-premises ECMA app** application.
- 3. Select on **Provisioning**.
- 4. If **Get started** appears, then change the mode to **Automatic**, on the **On-Premises Connectivity** section, select the agent that you deployed and select **Assign Agent(s)**. Otherwise go to **Edit Provisioning**.
- 5. Under the **Admin credentials** section, enter the following URL. Replace the `{connectorName}` portion with the name of the connector on the ECMA connector host, such as **CSV**. The connector name is case sensitive and should be the same case as was configured in the wizard. You can also replace `localhost` with your machine hostname.
-
- |Property|Value|
- |--|--|
- |Tenant URL| `https://localhost:8585/ecma2host_CSV/scim`|
- 6. Enter the **Secret Token** value that you defined when you created the connector.
- >[!NOTE]
- >If you just assigned the agent to the application, please wait 10 minutes for the registration to complete. The connectivity test won't work until the registration completes. Forcing the agent registration to complete by restarting the provisioning agent on your server can speed up the registration process. Go to your server, search for **services** in the Windows search bar, identify the **Microsoft Entra Connect Provisioning Agent Service**, right-click the service, and restart.
- 7. Select **Test Connection**, and wait one minute.
- 8. After the connection test is successful and indicates that the supplied credentials are authorized to enable provisioning, select **Save**.
+> [!NOTE]
+> If the window had timed out, then you need to re-select the agent.
+
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator).
+1. Browse to **Identity** > **Applications** > **Enterprise applications**.
+1. Select the **On-premises ECMA app** application.
+1. Select **Provisioning**.
+1. If **Get started** appears, then change the mode to **Automatic**, on the **On-Premises Connectivity** section, select the agent that you deployed and select **Assign Agent(s)**. Otherwise go to **Edit Provisioning**.
+1. Under the **Admin credentials** section, enter the following URL. Replace the `{connectorName}` portion with the name of the connector on the ECMA connector host, such as **CSV**. The connector name is case sensitive and should be the same case as was configured in the wizard. You can also replace `localhost` with your machine hostname.
+
+ |Property|Value|
+ |--|--|
+ |Tenant URL| `https://localhost:8585/ecma2host_CSV/scim`|
+
+1. Enter the **Secret Token** value that you defined when you created the connector.
+
+ > [!NOTE]
+ > If you just assigned the agent to the application, please wait 10 minutes for the registration to complete. The connectivity test won't work until the registration completes. Forcing the agent registration to complete by restarting the provisioning agent on your server can speed up the registration process. Go to your server, search for **services** in the Windows search bar, identify the **Azure AD Connect Provisioning Agent Service**, right-click the service, and restart.
+
+1. Select **Test Connection**, and wait one minute.
+1. After the connection test is successful and indicates that the supplied credentials are authorized to enable provisioning, select **Save**.
## Configure attribute mappings
Now you need to map attributes between the representation of the user in Microso
You'll use the Azure portal to configure the mapping between the Microsoft Entra user's attributes and the attributes that you previously selected in the ECMA Host configuration wizard.
- 1. In the Microsoft Entra portal, under **Enterprise applications**, select the **On-premises ECMA app** application, and then the **Provisioning** page.
- 2. Select **Edit provisioning**, and wait 10 seconds.
- 3. Expand **Mappings** and select **Provision Microsoft Entra Users**. If this is the first time you've configured the attribute mappings for this application, there will be only one mapping present, for a placeholder.
- 4. To confirm that the schema is available in Microsoft Entra ID, select the **Show advanced options** checkbox and select **Edit attribute list for ScimOnPremises**. Ensure that all the attributes selected in the configuration wizard are listed. If not, then wait several minutes for the schema to refresh, and then reload the page. Once you see the attributes listed, then cancel from this page to return to the mappings list.
- 5. Now, on the click on the **userPrincipalName** PLACEHOLDER mapping. This mapping is added by default when you first configure on-premises provisioning.
- Change the value to match the following:
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator).
+1. Browse to **Identity** > **Applications** > **Enterprise applications**.
+1. Select the **On-premises ECMA app** application.
+1. Select **Provisioning**.
+1. Select **Edit provisioning**, and wait 10 seconds.
+1. Expand **Mappings** and select **Provision Azure Active Directory Users**. If this is the first time you've configured the attribute mappings for this application, there will be only one mapping present, for a placeholder.
+1. To confirm that the schema is available in Azure AD, select the **Show advanced options** checkbox and select **Edit attribute list for ScimOnPremises**. Ensure that all the attributes selected in the configuration wizard are listed. If not, then wait several minutes for the schema to refresh, and then reload the page. Once you see the attributes listed, then cancel from this page to return to the mappings list.
+1. Now, on the click on the **userPrincipalName** PLACEHOLDER mapping. This mapping is added by default when you first configure on-premises provisioning. Change the value to match the following:
- |Mapping type|Source attribute|Target attribute|
- |--|--|--|
- |Direct|userPrincipalName|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:UserName|
- 4. Now select **Add New Mapping**, and repeat the next step for each mapping.
- 5. Specify the source and target attributes for each of the mappings in the following table.
-
-
- |Mapping type|Source attribute|Target attribute|
- |--|--|--|
- |Direct|objectId|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:AzureObjectID|
- |Direct|userPrincipalName|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:UserName|
- |Direct|displayName|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:DisplayName|
- |Direct|employeeId|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:EmployeeId|
- |Direct|jobTitle|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:Title|
- |Direct|mail|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:Email|
- |Expression|Switch([IsSoftDeleted],, "False", "True", "True", "False")|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:IsActive|
+ |Mapping type|Source attribute|Target attribute|
+ |--|--|--|
+ |Direct|userPrincipalName|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:UserName|
+
+1. Now select **Add New Mapping**, and repeat the next step for each mapping.
+1. Specify the source and target attributes for each of the mappings in the following table.
+
+ |Mapping type|Source attribute|Target attribute|
+ |--|--|--|
+ |Direct|objectId|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:AzureObjectID|
+ |Direct|userPrincipalName|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:UserName|
+ |Direct|displayName|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:DisplayName|
+ |Direct|employeeId|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:EmployeeId|
+ |Direct|jobTitle|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:Title|
+ |Direct|mail|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:Email|
+ |Expression|Switch([IsSoftDeleted],, "False", "True", "True", "False")|urn:ietf:params:scim:schemas:extension:ECMA2Host:2.0:User:IsActive|
+ :::image type="content" source="media/on-premises-powershell-connector/powershell-8.png" alt-text="Screenshot of attribute mappings." lightbox="media/on-premises-powershell-connector/powershell-8.png":::
- 6. Once all of the mappings have been added, select **Save**.
+1. Once all of the mappings have been added, select **Save**.
## Assign users to an application
If there are existing users in the InputFile.txt, then you should create applica
Otherwise, if there are no current users of the application, then select a test user from Microsoft Entra who will be provisioned to the application.
- 1. Ensure that the user selected has all the properties, mapped to the required attributes of the schema.
- 2. In the Azure portal, select **Enterprise applications**.
- 3. Select the **On-premises ECMA app** application.
- 4. On the left, under **Manage**, select **Users and groups**.
- 5. Select **Add user/group**.
- 6. Under **Users**, select **None Selected**.
- 7. Select users from the right and select the **Select** button.
- 8. Now select **Assign**.
+1. Ensure that the user selected has all the properties, mapped to the required attributes of the schema.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator).
+1. Browse to **Identity** > **Applications** > **Enterprise applications**.
+1. Select the **On-premises ECMA app** application.
+1. On the left, under **Manage**, select **Users and groups**.
+1. Select **Add user/group**.
+1. Under **Users**, select **None Selected**.
+1. Select users from the right and select the **Select** button.
+1. Now select **Assign**.
## Test provisioning Now that your attributes are mapped and users are assigned, you can test on-demand provisioning with one of your users.
- 1. In the Azure portal, select **Enterprise applications**.
- 2. Select the **On-premises ECMA app** application.
- 3. On the left, select **Provisioning**.
- 4. Select **Provision on demand**.
- 5. Search for one of your test users, and select **Provision**.
- 6. After several seconds, then the message **Successfully created user in target system** appears, with a list of the user attributes.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator).
+1. Browse to **Identity** > **Applications** > **Enterprise applications**.
+1. Select the **On-premises ECMA app** application.
+1. Select **Provisioning**.
+1. Select **Provision on demand**.
+1. Search for one of your test users, and select **Provision**.
+1. After several seconds, then the message **Successfully created user in target system** appears, with a list of the user attributes.
## Start provisioning users 1. After on-demand provisioning is successful, change back to the provisioning configuration page. Ensure that the scope is set to only assigned users and groups, turn provisioning **On**, and select **Save**. 2. Wait several minutes for provisioning to start. It might take up to 40 minutes. After the provisioning job has been completed, as described in the next section, if you're done testing, you can change the provisioning status to **Off**, and select **Save**. This action stops the provisioning service from running in the future. - ## Next steps - [App provisioning](user-provisioning.md)
active-directory On Premises Scim Provisioning https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/on-premises-scim-provisioning.md
The Microsoft Entra provisioning service supports a [SCIM 2.0](https://techcommu
If you have already downloaded the provisioning agent and configured it for another on-premises application, then continue reading in the next section.
- 1. In the Azure portal, select **Microsoft Entra ID**.
- 2. On the left, select **Microsoft Entra Connect**.
- 3. On the left, select **Cloud sync**.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Hybrid Identity Administrator](../roles/permissions-reference.md#hybrid-identity-administrator).
+1. Browse to **Identity** > **Hybrid management** > **Azure AD Connect** > **Cloud Sync** > **Agents**.
- :::image type="content" source="../../../includes/media/active-directory-cloud-sync-how-to-install/new-ux-1.png" alt-text="Screenshot of new UX screen." lightbox="../../../includes/media/active-directory-cloud-sync-how-to-install/new-ux-1.png":::
+ :::image type="content" source="../../../includes/media/active-directory-cloud-sync-how-to-install/new-ux-1.png" alt-text="Screenshot of new UX screen." lightbox="../../../includes/media/active-directory-cloud-sync-how-to-install/new-ux-1.png":::
- 4. On the left, select **Agent**.
- 5. Select **Download on-premises agent**, and select **Accept terms & download**.
+1. Select **Download on-premises agent**, and select **Accept terms & download**.
>[!NOTE] >Please use different provisioning agents for on-premises application provisioning and Microsoft Entra Connect Cloud Sync / HR-driven provisioning. All three scenarios should not be managed on the same agent.
If you have already downloaded the provisioning agent and configured it for anot
## Provisioning to SCIM-enabled application Once the agent is installed, no further configuration is necessary on-premises, and all provisioning configurations are then managed from the portal. Repeat the below steps for every on-premises application being provisioned via SCIM.
- 1. In the Azure portal navigate to the Enterprise applications and add the **On-premises SCIM app** from the [gallery](../../active-directory/manage-apps/add-application-portal.md).
- 2. From the left hand menu navigate to the **Provisioning** option and select **Get started**.
- 3. Select **Automatic** from the dropdown list and expand the **On-Premises Connectivity** option.
- 4. Select the agent that you installed from the dropdown list and select **Assign Agent(s)**.
- 5. Now either wait 10 minutes or restart the **Microsoft Entra Connect Provisioning Agent** before proceeding to the next step & testing the connection.
- 6. In the **Tenant URL** field, provide the SCIM endpoint URL for your application. The URL is typically unique to each target application and must be resolvable by DNS. An example for a scenario where the agent is installed on the same host as the application is https://localhost:8585/scim ![Screenshot that shows assigning an agent.](./media/on-premises-scim-provisioning/scim-2.png)
- 7. Select **Test Connection**, and save the credentials. The application SCIM endpoint must be actively listening for inbound provisioning requests, otherwise the test will fail. Use the steps [here](on-premises-ecma-troubleshoot.md#troubleshoot-test-connection-issues) if you run into connectivity issues.
- >[!NOTE]
-> If the test connection fails, you will see the request made. Please note that while the URL in the test connection error message is truncated, the actual request sent to the application contains the entire URL provided above.
-
- 8. Configure any [attribute mappings](customize-application-attributes.md) or [scoping](define-conditional-rules-for-provisioning-user-accounts.md) rules required for your application.
- 9. Add users to scope by [assigning users and groups](../../active-directory/manage-apps/add-application-portal-assign-users.md) to the application.
- 10. Test provisioning a few users [on demand](provision-on-demand.md).
- 11. Add more users into scope by assigning them to your application.
- 12. Go to the **Provisioning** pane, and select **Start provisioning**.
- 13. Monitor using the [provisioning logs](../../active-directory/reports-monitoring/concept-provisioning-logs.md).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator).
+1. Browse to **Identity** > **Applications** > **Enterprise applications**.
+1. Add the **On-premises SCIM app** from the [gallery](../../active-directory/manage-apps/add-application-portal.md).
+1. From the left hand menu navigate to the **Provisioning** option and select **Get started**.
+1. Select **Automatic** from the dropdown list and expand the **On-Premises Connectivity** option.
+1. Select the agent that you installed from the dropdown list and select **Assign Agent(s)**.
+1. Now either wait 10 minutes or restart the **Microsoft Azure AD Connect Provisioning Agent** before proceeding to the next step & testing the connection.
+1. In the **Tenant URL** field, provide the SCIM endpoint URL for your application. The URL is typically unique to each target application and must be resolvable by DNS. An example for a scenario where the agent is installed on the same host as the application is https://localhost:8585/scim
+
+ ![Screenshot that shows assigning an agent.](./media/on-premises-scim-provisioning/scim-2.png)
+
+1. Select **Test Connection**, and save the credentials. The application SCIM endpoint must be actively listening for inbound provisioning requests, otherwise the test will fail. Use the steps [here](on-premises-ecma-troubleshoot.md#troubleshoot-test-connection-issues) if you run into connectivity issues.
+
+ > [!NOTE]
+ > If the test connection fails, you will see the request made. Please note that while the URL in the test connection error message is truncated, the actual request sent to the application contains the entire URL provided above.
+
+1. Configure any [attribute mappings](customize-application-attributes.md) or [scoping](define-conditional-rules-for-provisioning-user-accounts.md) rules required for your application.
+1. Add users to scope by [assigning users and groups](../../active-directory/manage-apps/add-application-portal-assign-users.md) to the application.
+1. Test provisioning a few users [on demand](provision-on-demand.md).
+1. Add more users into scope by assigning them to your application.
+1. Go to the **Provisioning** pane, and select **Start provisioning**.
+1. Monitor using the [provisioning logs](../../active-directory/reports-monitoring/concept-provisioning-logs.md).
The following video provides an overview of on-premises provisioning.+ > [!VIDEO https://www.youtube.com/embed/QdfdpaFolys] ## Additional requirements
active-directory Plan Cloud Hr Provision https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/plan-cloud-hr-provision.md
You also need a valid Microsoft Entra ID P1 or higher subscription license for e
### Prerequisites -- Microsoft Entra ID [hybrid identity administrator](../roles/permissions-reference.md#hybrid-identity-administrator) to configure the Microsoft Entra Connect provisioning agent.-- Microsoft Entra ID [application administrator](../roles/permissions-reference.md#application-administrator) role to configure the provisioning app in the Azure portal
+- [Hybrid Identity Administrator](../roles/permissions-reference.md#hybrid-identity-administrator) role to configure the Connect provisioning agent.
+- [Application Administrator](../roles/permissions-reference.md#application-administrator) role to configure the provisioning app.
- A test and production instance of the cloud HR app. - Administrator permissions in the cloud HR app to create a system integration user and make changes to test employee data for testing purposes. - For user provisioning to Active Directory, a server running Windows Server 2016 or greater is required to host the Microsoft Entra Connect provisioning agent. This server should be a tier 0 server based on the Active Directory administrative tier model.
active-directory Provision On Demand https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/provision-on-demand.md
Use on-demand provisioning to provision a user or group in seconds. Among other
::: zone pivot="app-provisioning"
-2. Browse to **Identity** > **Applications** > **Enterprise applications** > **All applications**.
+2. Browse to **Identity** > **Applications** > **Enterprise applications** > select your application.
+3. Select **Provisioning**.
-3. Select your application, and then go to the provisioning configuration page.
::: zone-end ::: zone pivot="cross-tenant-synchronization" 2. Browse to **Identity** > **External Identities** > **Cross-tenant Synchronization** > **Configurations**- 3. Select your configuration, and then go to the **Provisioning** configuration page.+ ::: zone-end 4. Configure provisioning by providing your admin credentials.
Use on-demand provisioning to provision a user or group in seconds. Among other
5. Select **Provision on demand**. 6. Search for a user by first name, last name, display name, user principal name, or email address. Alternatively, you can search for a group and pick up to five users. + > [!NOTE] > For Cloud HR provisioning app (Workday/SuccessFactors to AD/Azure AD), the input value is different. > For Workday scenario, please provide "WorkerID" or "WID" of the user in Workday.
active-directory Skip Out Of Scope Deletions https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/skip-out-of-scope-deletions.md
Because this configuration is widely used with the *Workday to Active Directory
[!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)]
-1. Sign in to the [Azure portal](https://portal.azure.com), and navigate to the Properties section of your provisioning application. For example, if you want to export your *Workday to AD User Provisioning application* mapping navigate to the Properties section of that app.
-1. In the Properties section of your provisioning app, copy the GUID value associated with the *Object ID* field. This value is also called the **ServicePrincipalId** of your app and it's used in Graph Explorer operations.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator).
+1. Browse to **Identity** > **Applications** > **Enterprise applications**.
+1. Select your application and go to Properties section of your provisioning app. In this example we are using Workday.
+1. Copy the GUID value in the *Object ID* field. This value is also called the **ServicePrincipalId** of your app and it's used in Graph Explorer operations.
![Screenshot of Workday App Service Principal ID.](./media/skip-out-of-scope-deletions/wd_export_01.png)
active-directory Use Scim To Provision Users And Groups https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/use-scim-to-provision-users-and-groups.md
Use the general guidelines when implementing a SCIM endpoint to ensure compatibi
* `id` is a required property for all resources. Every response that returns a resource should ensure each resource has this property, except for `ListResponse` with zero elements. * Values sent should be stored in the same format they were sent. Invalid values should be rejected with a descriptive, actionable error message. Transformations of data shouldn't happen between data from Microsoft Entra ID and data stored in the SCIM application. (for example. A phone number sent as 55555555555 shouldn't be saved/returned as +5 (555) 555-5555) * It isn't necessary to include the entire resource in the **PATCH** response.
-* Don't require a case-sensitive match on structural elements in SCIM, in particular **PATCH** `op` operation values, as defined in [section 3.5.2](https://tools.ietf.org/html/rfc7644#section-3.5.2). Microsoft Entra ID emits the values of `op` as **Add**, **Replace**, and **Remove**.
-* Microsoft Entra ID makes requests to fetch a random user and group to ensure that the endpoint and the credentials are valid. It's also done as a part of the **Test Connection** flow in the [Azure portal](https://portal.azure.com).
+* Don't require a case-sensitive match on structural elements in SCIM, in particular **PATCH** `op` operation values, as defined in [section 3.5.2](https://tools.ietf.org/html/rfc7644#section-3.5.2). Azure AD emits the values of `op` as **Add**, **Replace**, and **Remove**.
+* Microsoft Azure AD makes requests to fetch a random user and group to ensure that the endpoint and the credentials are valid. It's also done as a part of the **Test Connection** flow.
* Support HTTPS on your SCIM endpoint. * Custom complex and multivalued attributes are supported but Microsoft Entra ID doesn't have many complex data structures to pull data from in these cases. Name/value attributes can be mapped to easily, but flowing data to complex attributes with three or more subattributes isn't supported. * The "type" subattribute values of multivalued complex attributes must be unique. For example, there can't be two different email addresses with the "work" subtype.
Use the general guidelines when implementing a SCIM endpoint to ensure compatibi
* Response to a query/filter request should always be a `ListResponse`. * Microsoft Azure AD only uses the following operators: `eq`, `and`
-* The attribute that the resources can be queried on should be set as a matching attribute on the application in the [Microsoft Entra admin center](https://entra.microsoft.com), see [Customizing User Provisioning Attribute Mappings](customize-application-attributes.md).
+* The attribute that the resources can be queried on should be set as a matching attribute on the application, see [Customizing User Provisioning Attribute Mappings](customize-application-attributes.md).
### /Users:
Use the general guidelines when implementing a SCIM endpoint to ensure compatibi
* If a value isn't present, don't send null values. * Property values should be camel cased (for example, readWrite). * Must return a list response.
-* The Microsoft Entra provisioning service makes the /schemas request when you save the provisioning configuration in the Azure portal. The request is also made when you open the edit provisioning page in the Azure portal. Other attributes discovered are surfaced to customers in the attribute mappings under the target attribute list. Schema discovery only leads to more target attributes being added. Attributes aren't removed.
+* The Microsoft Entra provisioning service makes the /schemas request when you save the provisioning configuration. The request is also made when you open the edit provisioning page. Other attributes discovered are surfaced to customers in the attribute mappings under the target attribute list. Schema discovery only leads to more target attributes being added. Attributes aren't removed.
### User provisioning and deprovisioning
It's recommended, but not required, that you support multiple secrets for easy r
1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator). 1. Browse to **Identity** > **Applications** > **Enterprise applications** > **Application** > **Provisioning** and select **Authorize**.
- 1. Microsoft Entra admin center redirects user to the Authorization URL (sign in page for the third party app).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator).
+1. Browse to **Identity** > **Applications** > **Enterprise applications**.
+1. Select your application and go to **Provisioning**.
+1. Select **Authorize**.
+
+ 1. Users are redirected to the Authorization URL (sign in page for the third party app).
1. Admin provides credentials to the third party application.
- 1. Third party app redirects user back to Microsoft Entra admin center and provides the grant code
+ 1. The third party app redirects user back and provides the grant code
- 1. Microsoft Entra provisioning service calls the token URL and provides the grant code. The third party application responds with the access token, refresh token, and expiry date
+ 1. The Provisioning Service calls the token URL and provides the grant code. The third party application responds with the access token, refresh token, and expiry date
1. When the provisioning cycle begins, the service checks if the current access token is valid and exchanges it for a new token if needed. The access token is provided in each request made to the app and the validity of the request is checked before each request.
active-directory User Provisioning Sync Attributes For Mapping https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/user-provisioning-sync-attributes-for-mapping.md
You can use Microsoft Graph and PowerShell to extend the user schema for users i
Once schema extensions are created, these extension attributes are automatically discovered when you next visit the provisioning page in the Microsoft Entra admin center, in most cases.
-When you've more than 1000 service principals, you may find extensions missing in the source attribute list. If an attribute you've created doesn't automatically appear, then verify the attribute was created and add it manually to your schema. To verify it was created, use Microsoft Graph and [Graph Explorer](/graph/graph-explorer/graph-explorer-overview). To add it manually to your schema, see [Editing the list of supported attributes](customize-application-attributes.md#editing-the-list-of-supported-attributes).
+When you have more than 1000 service principals, you may find extensions missing in the source attribute list. If an attribute you've created doesn't automatically appear, then verify the attribute was created and add it manually to your schema. To verify it was created, use Microsoft Graph and [Graph Explorer](/graph/graph-explorer/graph-explorer-overview). To add it manually to your schema, see [Editing the list of supported attributes](customize-application-attributes.md#editing-the-list-of-supported-attributes).
### Create an extension attribute for cloud only users using Microsoft Graph You can extend the schema of Microsoft Entra users using [Microsoft Graph](/graph/overview).
First, list the apps in your tenant to get the ID of the app you're working on.
GET https://graph.microsoft.com/v1.0/applications ```
-Next, create the extension attribute. Replace the **ID** property below with the **ID** retrieved in the previous step. You'll need to use the **"ID"** attribute and not the "appId". To learn more, see [Create extensionProperty]/graph/api/application-post-extensionproperty).
+Next, create the extension attribute. Replace the **ID** property below with the **ID** retrieved in the previous step. You need to use the **"ID"** attribute and not the "appId". To learn more, see [Create extensionProperty]/graph/api/application-post-extensionproperty).
```json POST https://graph.microsoft.com/v1.0/applications/{id}/extensionProperties
Content-type: application/json
"extension_inputAppId_extensionName": "extensionValue" } ```
-Finally, verify the attribute for the user. To learn more, see [Get a user](/graph/api/user-get). Note that the Graph v1.0 does not by default return any of a user's directory extension attributes, unless the attributes are specified in the request as one of the properties to return.
+Finally, verify the attribute for the user. To learn more, see [Get a user](/graph/api/user-get). Graph v1.0 doesn't by default return any of a user's directory extension attributes, unless the attributes are specified in the request as one of the properties to return.
```json GET https://graph.microsoft.com/v1.0/users/{id}?$select=displayName,extension_inputAppId_extensionName
GET https://graph.microsoft.com/v1.0/users/{id}?$select=displayName,extension_in
### Create an extension attribute on a cloud only user using PowerShell Create a custom extension using PowerShell and assign a value to a user.
-```
+```PowerShell
#Connect to your Azure AD tenant Connect-AzureAD
Get-AzureADUser -ObjectId 0ccf8df6-62f1-4175-9e55-73da9e742690 | Select -ExpandP
``` ## Create an extension attribute using cloud sync
-Cloud sync will automatically discover your extensions in on-premises Active Directory when you go to add a new mapping. Use the steps below to auto-discover these attributes and set up a corresponding mapping to Microsoft Entra ID.
+Cloud sync will automatically discover your extensions in on-premises Active Directory when you go to add a new mapping. Use the steps below to autodiscover these attributes and set up a corresponding mapping to Azure AD.
1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Hybrid Identity Administrator](../roles/permissions-reference.md#hybrid-identity-administrator).
-2. Browse to **Identity** > **Hybrid management** > **Microsoft Entra Connect**.
-3. Select **Manage Microsoft Entra cloud sync**.
-
-4. Select the configuration you wish to add the extension attribute and mapping.
-5. Under **Manage attributes** select **click to edit mappings**.
-6. Click **Add attribute mapping**. The attributes will automatically be discovered.
-7. The new attributes will be available in the drop-down under **source attribute**.
-8. Fill in the type of mapping you want and click **Apply**.
+1. Browse to **Identity** > **Hybrid management** > **Azure AD Connect** > **Cloud Sync**.
+1. Select the configuration you wish to add the extension attribute and mapping.
+1. Under **Manage attributes** select **click to edit mappings**.
+1. Select **Add attribute mapping**. The attributes will automatically be discovered.
+1. The new attributes are available in the drop-down under **source attribute**.
+1. Fill in the type of mapping you want and select **Apply**.
+ [![Custom attribute mapping](media/user-provisioning-sync-attributes-for-mapping/schema-1.png)](media/user-provisioning-sync-attributes-for-mapping/schema-1.png#lightbox) For more information, see [Cloud Sync Custom Attribute Mapping](../hybrid/cloud-sync/custom-attribute-mapping.md)
For more information, see [Cloud Sync Custom Attribute Mapping](../hybrid/cloud-
If users who will access the applications originate in on-premises Active Directory, then you must sync the attributes with the users from Active Directory to Microsoft Entra ID. You will need to perform the following tasks before configuring provisioning to your application.
-1. Check with the on-premises Active Directory domain admins whether the required attributes are part of the AD DS schema, and if they are not, extend the AD DS schema in the domains where those users have accounts.
+1. Check with the on-premises Active Directory domain admins whether the required attributes are part of the AD DS schema, and if they aren't, extend the AD DS schema in the domains where those users have accounts.
1. Open the Microsoft Entra Connect wizard, choose Tasks, and then choose **Customize synchronization options**. ![Microsoft Entra Connect wizard Additional tasks page](./media/user-provisioning-sync-attributes-for-mapping/active-directory-connect-customize.png)
-2. Sign in as a Microsoft Entra Global Administrator.
+2. Sign in as a [Global Administrator](../roles/permissions-reference.md#global-administrator).
3. On the **Optional Features** page, select **Directory extension attribute sync**.
active-directory Workday Integration Reference https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/workday-integration-reference.md
Let's say you want to retrieve the following data sets from Workday and use them
The above data sets aren't included by default. To retrieve these data sets:
-1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) and open your Workday to AD/Azure AD user provisioning app.
-1. In the Provisioning blade, edit the mappings and open the Workday attribute list from the advanced section.
-1. Add the following attributes definitions and mark them as "Required". These attributes aren't mapped to any attribute in AD or Microsoft Entra ID. They serve as signals to the connector to retrieve the Cost Center, Cost Center Hierarchy and Pay Group information.
+
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator).
+1. Browse to **Identity** > **Applications** > **Enterprise applications**.
+1. Select your Workday to AD/Azure AD user provisioning application.
+1. Select **Provisioning**.
+1. Edit the mappings and open the Workday attribute list from the advanced section.
+1. Add the following attributes definitions and mark them as "Required". These attributes aren't mapped to any attribute in AD or Azure AD. They serve as signals to the connector to retrieve the Cost Center, Cost Center Hierarchy and Pay Group information.
> [!div class="mx-tdCol2BreakAll"] >| Attribute Name | XPATH API expression |
active-directory Workday Retrieve Pronoun Information https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-provisioning/workday-retrieve-pronoun-information.md
Once you confirm that pronoun data is available in the *Get_Workers* response, g
<a name='updating-azure-ad-provisioning-app-to-retrieve-pronouns'></a>
-To retrieve pronouns from Workday, update your Microsoft Entra provisioning app to query Workday using v38.1 of the Workday Web Services. We recommend testing this configuration first in your test/sandbox environment before implementing the change in production.
+To retrieve pronouns from Workday, update your Azure AD provisioning app to query Workday using v38.1 of the Workday Web Services. We recommend testing this configuration first in your test/sandbox environment before implementing the change in production.
+ 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator).
-1. Open your *Workday to AD User provisioning* app OR *Workday to Microsoft Entra ID User provisioning* app.
+1. Browse to **Identity** > **Applications** > **Enterprise applications**.
+1. Select your Workday to AD/Azure AD user provisioning application and go to **Provisioning** .
1. In the **Admin Credentials** section, update the **Tenant URL** to include the Workday Web Service version v38.1 as shown. >[!div class="mx-imgBorder"]
active-directory Application Proxy Configure Native Client Application https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-proxy/application-proxy-configure-native-client-application.md
The required info in the sample code can be found in the Microsoft Entra admin c
| Info required | How to find it in the Microsoft Entra admin center | | | |
-| \<Tenant ID> | **Microsoft Entra ID** > **Properties** > **Directory ID** |
+| \<Tenant ID> | **Identity** > **Overview** > **Properties** |
| \<App ID of the Native app> | **Application registration** > *your native application* > **Overview** > **Application ID** | | \<Scope> | **Application registration** > *your native application* > **API permissions** > Click on the Permission API (user_impersonation) > A panel with the caption **user_impersonation** appears on the right hand side. > The scope is the URL in the edit box. | \<Proxy App URL> | the External URL and path to the API
active-directory Application Proxy Configure Single Sign On Password Vaulting https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-proxy/application-proxy-configure-single-sign-on-password-vaulting.md
You should already have published and tested your app with Application Proxy. If
1. Select **Users and Groups**. 1. Assign users to the application with selecting **Add user**. 1. If you want to predefine credentials for a user, check the box front of the user name and select **Update credentials**.
-1. Select **Microsoft Entra ID** > **App registrations** > **All applications**.
+1. Browse to **Identity** > **Applications** > **App registrations** > **All applications**.
1. From the list, select the app that you configured with Password SSO. 1. Select **Branding**. 1. Update the **Home page URL** with the **Sign on URL** from the Password SSO page and select **Save**.
active-directory Application Proxy Integrate With Teams https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/app-proxy/application-proxy-integrate-with-teams.md
Your users can add cloud apps to their Teams channels [using tabs](https://suppo
If you haven't already, [configure Application Proxy for your tenant and install the connector](../app-proxy/application-proxy-add-on-premises-application.md). Then, publish your on-premises application for remote access. When you're publishing the app, make note of the external URL because it's used to add the app to Teams.
-If you already have your apps published but don't remember their external URLs, look them up in the [Microsoft Entra admin center](https://portal.azure.com). Sign in, then navigate to **Microsoft Entra ID** > **Enterprise applications** > **All applications** > select your app > **Application proxy**.
+If you already have your apps published but don't remember their external URLs, look them up in the [Microsoft Entra admin center](https://entra.microsoft.com). Sign in, then browse to **Identity** > **Applications** > **Enterprise applications** > select your app > **Application proxy**.
## Add your app to Teams
active-directory 4 Secure Access Groups https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/architecture/4-secure-access-groups.md
Learn more:
* [Overview of Microsoft 365 Groups for administrators](/microsoft-365/admin/create-groups/office-365-groups?view=o365-worldwide&preserve-view=true) * [Create a group in the Microsoft 365 admin center](/microsoft-365/admin/create-groups/create-groups?view=o365-worldwide&preserve-view=true)
-* [Azure portal](https://portal.azure.com/)
+* [Microsoft Entra admin center](https://entra.microsoft.com)
* [Microsoft 365 admin center](https://admin.microsoft.com/) ### Microsoft 365 Groups roles
active-directory 9 Secure Access Teams Sharepoint https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/architecture/9-secure-access-teams-sharepoint.md
Sharing in Microsoft 365 is partially governed by the **External Identities, Ext
Learn more:
-* [Azure portal](https://portal.azure.com/)
-* [External Identities in Microsoft Entra ID](../external-identities/external-identities-overview.md)
+* [Microsoft Entra admin center](https://entra.microsoft.com)
+* [External Identities in Azure AD](../external-identities/external-identities-overview.md)
### Guest user access Guest users are invited to have access to resources.
-1. Sign in to the **Azure portal**
-1. Browse to **Microsoft Entra ID** > **External Identities** > **External collaboration settings**.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com).
+1. Browse to **Identity** > **External Identities** > **External collaboration settings**.
1. Find the **Guest user access** options. 1. To prevent guest-user access to other guest-user details, and to prevent enumeration of group membership, select **Guest users have limited access to properties and memberships of directory objects**.
active-directory How To Authentication Methods Manage https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/authentication/how-to-authentication-methods-manage.md
If you aren't using SSPR and aren't yet using the Authentication methods policy,
### Review the legacy MFA policy
-Start by documenting which methods are available in the legacy MFA policy. Sign in to the [Azure portal](https://portal.azure.com) as a [Global Administrator](../roles/permissions-reference.md#global-administrator). Go to **Microsoft Entra ID** > **Users** > **All users** > **Per-user MFA** > **service settings** to view the settings. These settings are tenant-wide, so there's no need for user or group information.
+Start by documenting which methods are available in the legacy MFA policy. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as a [Global Administrator](../roles/permissions-reference.md#global-administrator). Go to **Identity** > **Users** > **All users** > **Per-user MFA** > **service settings** to view the settings. These settings are tenant-wide, so there's no need for user or group information.
:::image type="content" border="false" source="media/how-to-authentication-methods-manage/legacy-mfa-policy.png" alt-text="Screenshot the shows the legacy Microsoft Entra multifactor authentication policy." lightbox="media/how-to-authentication-methods-manage/legacy-mfa-policy.png":::
For each method, note whether or not it's enabled for the tenant. The following
### Review the legacy SSPR policy
-To get the authentication methods available in the legacy SSPR policy, go to **Microsoft Entra ID** > **Users** > **Password reset** > **Authentication methods**. The following table lists the available methods in the legacy SSPR policy and corresponding methods in the Authentication method policy.
+To get the authentication methods available in the legacy SSPR policy, go to **Identity** > **Users** > **Password reset** > **Authentication methods**. The following table lists the available methods in the legacy SSPR policy and corresponding methods in the Authentication method policy.
:::image type="content" border="false" source="media/how-to-authentication-methods-manage/legacy-sspr-policy.png" alt-text="Screenshot that shows the legacy Microsoft Entra SSPR policy." lightbox="media/how-to-authentication-methods-manage/legacy-sspr-policy.png":::
active-directory Howto Mfa Mfasettings https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/authentication/howto-mfa-mfasettings.md
To block a user, complete the following steps.
[Watch a short video that describes this process.](https://www.youtube.com/watch?v=WdeE1On4S1o&feature=youtu.be)
-1. Browse to **Microsoft Entra ID** > **Security** > **multifactor authentication** > **Block/unblock users**.
+1. Browse to **Protection** > **Multifactor authentication** > **Block/unblock users**.
1. Select **Add** to block a user. 1. Enter the user name for the blocked user in the format `username@domain.com`, and then provide a comment in the **Reason** box. 1. Select **OK** to block the user.
To block a user, complete the following steps.
To unblock a user, complete the following steps:
-1. Go to **Microsoft Entra ID** > **Security** > **multifactor authentication** > **Block/unblock users**.
+1. Go to **Protection** > **Multifactor authentication** > **Block/unblock users**.
1. In the **Action** column next to the user, select **Unblock**. 1. Enter a comment in the **Reason for unblocking** box. 1. Select **OK** to unblock the user.
To enable **Report suspicious activity** from the Authentication methods **Setti
When a user reports a MFA prompt as suspicious, the event shows up in the Sign-ins report (as a sign-in that was rejected by the user), in the Audit logs, and in the Risk detections report. -- To view the risk detections report, select **Microsoft Entra ID** > **Security** > **Identity Protection** > **Risk detection**. The risk event is part of the standard **Risk Detections** report, and will appear as Detection Type **User Reported Suspicious Activity**, Risk level **High**, Source **End user reported**.
+- To view the risk detections report, select **Protection** > **Identity Protection** > **Risk detection**. The risk event is part of the standard **Risk Detections** report, and will appear as Detection Type **User Reported Suspicious Activity**, Risk level **High**, Source **End user reported**.
-- To view fraud reports in the Sign-ins report, select **Microsoft Entra ID** > **Sign-in logs** > **Authentication Details**. The fraud report is part of the standard **Microsoft Entra Sign-ins** report and appears in the Result Detail as MFA denied, Fraud Code Entered.
+- To view fraud reports in the Sign-ins report, select **Identity** > **Monitoring & health** > **Sign-in logs** > **Authentication Details**. The fraud report is part of the standard **Azure AD Sign-ins** report and appears in the Result Detail as MFA denied, Fraud Code Entered.
-- To view fraud reports in the Audit logs, select **Microsoft Entra ID** > **Audit logs**. The fraud report appears under Activity type Fraud reported - user is blocked for MFA or Fraud reported - no action taken based on the tenant-level settings for fraud report.
+- To view fraud reports in the Audit logs, select **Identity** > **Monitoring & health** > **Audit logs**. The fraud report appears under Activity type Fraud reported - user is blocked for MFA or Fraud reported - no action taken based on the tenant-level settings for fraud report.
### Manage suspicious activity events
You can configure Microsoft Entra ID to send email notifications when users repo
To configure fraud alert notifications:
-1. Go to **Microsoft Entra ID** > **Security** > **multifactor authentication** > **Notifications**.
+1. Go to **Protection** > **Multi-Factor Authentication** > **Notifications**.
1. Enter the email address to send the notification to. 1. To remove an existing email address, select **...** next to the email address, and then select **Delete**. 1. Select **Save**.
The following table lists more numbers for different countries.
To configure your own caller ID number, complete the following steps:
-1. Go to **Microsoft Entra ID** > **Security** > **multifactor authentication** > **Phone call settings**.
+1. Go to **Protection** > **Multifactor authentication** > **Phone call settings**.
1. Set the **MFA caller ID number** to the number you want users to see on their phones. Only US-based numbers are allowed. 1. Select **Save**.
You can use the following sample scripts to create your own custom messages. The
To use your own custom messages, complete the following steps:
-1. Go to **Microsoft Entra ID** > **Security** > **multifactor authentication** > **Phone call settings**.
+1. Go to **Protection** > **Multifactor authentication** > **Phone call settings**.
1. Select **Add greeting**. 1. Choose the **Type** of greeting, such as **Greeting (standard)** or **Authentication successful**. 1. Select the **Language**. See the previous section on [custom message language behavior](#custom-message-language-behavior).
active-directory Howto Mfa Server Settings https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/authentication/howto-mfa-server-settings.md
Caching is primarily used when on-premises systems, such as VPN, send multiple v
To set up caching, complete the following steps:
-1. Browse to **Microsoft Entra ID** > **Security** > **MFA** > **Caching rules**.
+1. Browse to **Protection** > **Multifactor authentication** > **Caching rules**.
1. Select **Add**. 1. Select the **cache type** from the drop-down list. Enter the maximum number of **cache seconds**. 1. If necessary, select an authentication type and specify an application.
active-directory Concept Conditional Access Grant https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/conditional-access/concept-conditional-access-grant.md
The following client apps support this setting. This list isn't exhaustive and i
- Microsoft Cortana - Microsoft Edge - Microsoft Excel-- Microsoft Flow Mobile
+- Microsoft Power Automate
- Microsoft Launcher - Microsoft Lists - Microsoft Office
The following client apps support this setting. This list isn't exhaustive and i
- Nine Mail - Email and Calendar - Notate for Intune - Provectus - Secure Contacts-- Yammer (Android, iOS, and iPadOS)
+- Viva Engage (Android, iOS, and iPadOS)
> [!NOTE] > Kaizala, Skype for Business, and Visio don't support the **Require app protection policy** grant. If you require these apps to work, use the **Require approved apps** grant exclusively. Using the "or" clause between the two grants will not work for these three applications.
active-directory Policy Migration Mfa https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/conditional-access/policy-migration-mfa.md
Title: Migrate a classic Conditional Access policy
-description: This article shows how to migrate a classic Conditional Access policy in the Azure portal.
+description: This article shows how to migrate a classic Conditional Access policy.
active-directory Require Tou https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/conditional-access/require-tou.md
The scenario in this quickstart uses:
In the previous section, you created a Conditional Access policy requiring terms of use be accepted.
-To test your policy, try to sign in to the [Azure portal](https://portal.azure.com) using your test account. You should see a dialog that requires you to accept your terms of use.
+To test your policy, try to sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) using your test account. You should see a dialog that requires you to accept your terms of use.
:::image type="content" source="./media/require-tou/57.png" alt-text="Screenshot of a dialog box titled Identity Security Protection terms of use, with Decline and Accept buttons and a button labeled My TOU." border="false":::
active-directory Howto Add App Roles In Apps https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/howto-add-app-roles-in-apps.md
Previously updated : 09/27/2022 Last updated : 09/25/2023
If you have not already done so, you'll need to assign yourself as the applicati
> > Ensure that both the API application and the application you want to add permissions to both have an owner, otherwise the API will not be listed when requesting API permissions.
-## Assign users and groups to roles
-
-Once you've added app roles in your application, you can assign users and groups to the roles. Assignment of users and groups to roles can be done through the portal's UI, or programmatically using [Microsoft Graph](/graph/api/user-post-approleassignments). When the users assigned to the various app roles sign in to the application, their tokens will have their assigned roles in the `roles` claim.
-
-To assign users and groups to roles by using the Microsoft Entra admin center:
-
-1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Cloud Application Administrator](../roles/permissions-reference.md#cloud-application-administrator).
-1. If you have access to multiple tenants, use the **Directories + subscriptions** filter :::image type="icon" source="./media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant that contains the app registration to which you want to add an app role.
-1. Browse to **Identity** > **Applications** > **Enterprise applications**.
-1. Select **All applications** to view a list of all your applications. If your application doesn't appear in the list, use the filters at the top of the **All applications** list to restrict the list, or scroll down the list to locate your application.
-1. Select the application in which you want to assign users or security group to roles.
-1. Under **Manage**, select **Users and groups**.
-1. Select **Add user** to open the **Add Assignment** pane.
-1. Select the **Users and groups** selector from the **Add Assignment** pane. A list of users and security groups is displayed. You can search for a certain user or group and select multiple users and groups that appear in the list.
-1. Once you've selected users and groups, select the **Select** button to proceed.
-1. Select **Select a role** in the **Add assignment** pane. All the roles that you've defined for the application are displayed.
-1. Choose a role and select the **Select** button.
-1. Select the **Assign** button to finish the assignment of users and groups to the app.
-
-Confirm that the users and groups you added appear in the **Users and groups** list.
- ## Assign app roles to applications
-Once you've added app roles in your application, you can assign an app role to a client app by using the Microsoft Entra admin center or programmatically by using [Microsoft Graph](/graph/api/user-post-approleassignments).
+Once you've added app roles in your application, you can assign an app role to a client app by using the Microsoft Entra admin center or programmatically by using [Microsoft Graph](/graph/api/user-post-approleassignments). This is not to be confused with [assigning roles to users](../roles/manage-roles-portal.md).
When you assign app roles to an application, you create _application permissions_. Application permissions are typically used by daemon apps or back-end services that need to authenticate and make authorized API call as themselves, without the interaction of a user.
To assign app roles to an application by using the Microsoft Entra admin center:
1. Select the application to which you want to assign an app role. 1. Select **API permissions** > **Add a permission**. 1. Select the **My APIs** tab, and then select the app for which you defined app roles.
-1. Select **Application permissions**.
-1. Select the role(s) you want to assign.
+1. Under **Permission**, select the role(s) you want to assign.
1. Select the **Add permissions** button complete addition of the role(s). The newly added roles should appear in your app registration's **API permissions** pane.
Developers can use app roles to control whether a user can sign in to an app or
App roles are preferred by developers when they want to describe and control the parameters of authorization in their app themselves. For example, an app using groups for authorization will break in the next tenant as both the group ID and name could be different. An app using app roles remains safe. In fact, assigning groups to app roles is popular with SaaS apps for the same reasons as it allows the SaaS app to be provisioned in multiple tenants.
+## Assign users and groups to Microsoft Entra roles
+
+Once you've added app roles in your application, you can assign users and groups to [Microsoft Entra roles](../roles/permissions-reference.md). Assignment of users and groups to roles can be done through the portal's UI, or programmatically using [Microsoft Graph](/graph/api/user-post-approleassignments). When the users assigned to the various roles sign in to the application, their tokens will have their assigned roles in the `roles` claim.
+
+To assign users and groups to roles by using the Microsoft Entra admin center:
+
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Cloud Application Administrator](../roles/permissions-reference.md#cloud-application-administrator).
+1. If you have access to multiple tenants, use the **Directories + subscriptions** filter :::image type="icon" source="./media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant that contains the app registration to which you want to add an app role.
+1. Browse to **Identity** > **Applications** > **Enterprise applications**.
+1. Select **All applications** to view a list of all your applications. If your application doesn't appear in the list, use the filters at the top of the **All applications** list to restrict the list, or scroll down the list to locate your application.
+1. Select the application in which you want to assign users or security group to roles.
+1. Under **Manage**, select **Users and groups**.
+1. Select **Add user** to open the **Add Assignment** pane.
+1. Select the **Users and groups** selector from the **Add Assignment** pane. A list of users and security groups is displayed. You can search for a certain user or group and select multiple users and groups that appear in the list.
+1. Once you've selected users and groups, select the **Select** button to proceed.
+1. Select **Select a role** in the **Add assignment** pane. All the roles that you've defined for the application are displayed.
+1. Choose a role and select the **Select** button.
+1. Select the **Assign** button to finish the assignment of users and groups to the app.
+
+Confirm that the users and groups you added appear in the **Users and groups** list.
+ ## Next steps Learn more about app roles with the following resources.
active-directory Howto Create Service Principal Portal https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/howto-create-service-principal-portal.md
To upload the certificate:
After registering the certificate with your application in the application registration portal, enable the [confidential client application](authentication-flows-app-scenarios.md#single-page-public-client-and-confidential-client-applications) code to use the certificate.
-### Option 3: Create a new application secret
+### Option 3: Create a new client secret
-If you choose not to use a certificate, you can create a new application secret.
+If you choose not to use a certificate, you can create a new client secret.
1. Browse to **Identity** > **Applications** > **App registrations**, then select your application. 1. Select **Certificates & secrets**.
If you choose not to use a certificate, you can create a new application secret.
1. Provide a description of the secret, and a duration. 1. Select **Add**.
-Once you've saved the client secret, the value of the client secret is displayed. Copy this value because you won't be able to retrieve the key later. You'll provide the key value with the application ID to sign in as the application. Store the key value where your application can retrieve it.
+Once you've saved the client secret, the value of the client secret is displayed. This is only displayed once, so copy this value and store it where your application can retrieve it, usually where your application keeps values like `clientId`, or `authoruty` in the source code. You'll provide the secret value along with with the application's client ID to sign in as the application.
:::image type="content" source="media/howto-create-service-principal-portal/copy-secret.png" alt-text="Screenshot showing the client secret.":::
To configure access policies:
1. Sign in to the [Azure portal](https://portal.azure.com). 1. Select your key vault and select **Access policies**.
-1. Select **Add access policy**, then select the key, secret, and certificate permissions you want to grant your application. Select the service principal you created previously.
+1. Select **Add access policy**, then select the key, secret, and certificate permissions you want to grant your application. Select the service principal you created previously.
1. Select **Add** to add the access policy. 1. **Save**.
active-directory Howto Get List Of All Auth Library Apps https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/howto-get-list-of-all-auth-library-apps.md
No sign-in event that occurred *before* you configure Microsoft Entra ID to send
Once you've integrated your Microsoft Entra sign-in and audit logs with Azure Monitor as specified in the Azure Monitor integration, access the sign-ins workbook:
- 1. Sign in to the [Azure portal](https://portal.azure.com).
- 1. Navigate to **Identity** > **Monitoring & health** > **Workbooks**.
+ 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Reports Reader](../roles/permissions-reference.md#reports-reader).
+ 1. Browse to **Identity** > **Monitoring & health** > **Workbooks**.
1. In the **Usage** section, open the **Sign-ins** workbook. :::image type="content" source="media/howto-get-list-of-all-auth-library-apps/sign-in-workbook.png" alt-text="Screenshot of the Azure portal workbooks interface highlighting the sign-ins workbook.":::
active-directory Msal Android Shared Devices https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/msal-android-shared-devices.md
Shared device mode also provides Microsoft identity backed management of the dev
To create a shared device mode app, developers and cloud device admins work together: - Developers write a single-account app (multiple-account apps aren't supported in shared device mode), add `"shared_device_mode_supported": true` to the app's configuration, and write code to handle things like shared device sign-out.-- Device admins prepare the device to be shared by installing the authenticator app, and setting the device to shared mode using the authenticator app. Only users who are in the [Cloud Device Administrator](../roles/permissions-reference.md#cloud-device-administrator) role can put a device into shared mode by using the [Authenticator app](https://support.microsoft.com/account-billing/how-to-use-the-microsoft-authenticator-app-9783c865-0308-42fb-a519-8cf666fe0acc). You can configure the membership of your organizational roles in the Azure portal via:
- **Identity** > **Roles & admins** > **Roles & admins** > **Cloud Device Administrator**.
+- Device admins prepare the device to be shared by installing the authenticator app, and setting the device to shared mode using the authenticator app. Only users who are in the [Cloud Device Administrator](../roles/permissions-reference.md#cloud-device-administrator) role can put a device into shared mode by using the [Authenticator app](https://support.microsoft.com/account-billing/how-to-use-the-microsoft-authenticator-app-9783c865-0308-42fb-a519-8cf666fe0acc). You can configure the membership of your organizational roles in the Microsoft Entra admin center under:
+
+**Identity** > **Roles & Admins** > **Roles & Admins** > **Cloud Device Administrator**.
This article focuses primarily what developers should think about.
active-directory Quickstart Console App Nodejs Acquire Token https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/quickstart-console-app-nodejs-acquire-token.md
Follow the steps below to get started.
To register your application and add the app's registration information to your solution manually, follow these steps:
-1. Sign in to the [Azure portal](https://portal.azure.com).
-1. If you have access to multiple tenants, use the **Directories + subscriptions** filter :::image type="icon" source="media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant in which you want to register the application.
-1. Search for and select **Microsoft Entra ID**.
-1. Under **Manage**, select **App registrations** > **New registration**.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator).
+1. Browse to **Identity** > **Applications** > **App registrations**.
+1. Select **New registration**.
1. Enter a **Name** for your application, for example `msal-node-cli`. Users of your app might see this name, and you can change it later. 1. Select **Register**. 1. Under **Manage**, select **Certificates & secrets**.
To register your application and add the app's registration information to your
1. Extract the zip file to a local folder close to the root of the disk, for example, *C:/Azure-Samples*. 1. Edit *.env* and replace the values of the fields `TENANT_ID`, `CLIENT_ID`, and `CLIENT_SECRET` with the following snippet:
- ```
- "TENANT_ID": "Enter_the_Tenant_Id_Here",
+ ```
+ "TENANT_ID": "Enter_the_Tenant_Id_Here",
"CLIENT_ID": "Enter_the_Application_Id_Here", "CLIENT_SECRET": "Enter_the_Client_Secret_Here" ```+ Where:
- - `Enter_the_Application_Id_Here` - is the **Application (client) ID** of the application you registered earlier. Find this ID on the app registration's **Overview** pane in the Azure portal.
- - `Enter_the_Tenant_Id_Here` - replace this value with the **Tenant ID** or **Tenant name** (for example, contoso.microsoft.com). Find these values on the app registration's **Overview** pane in the Azure portal.
- - `Enter_the_Client_Secret_Here` - replace this value with the client secret you created earlier. To generate a new key, use **Certificates & secrets** in the app registration settings in the Azure portal.
+ - `Enter_the_Application_Id_Here` - is the **Application (client) ID** of the application you registered earlier. Find this ID on the app registration's **Overview**.
+ - `Enter_the_Tenant_Id_Here` - replace this value with the **Tenant ID** or **Tenant name** (for example, contoso.microsoft.com). Find these values on the app registration's **Overview**.
+ - `Enter_the_Client_Secret_Here` - replace this value with the client secret you created earlier. To generate a new key, use **Certificates & secrets** in the app registration settings.
Using a plaintext secret in the source code poses an increased security risk for your application. Although the sample in this quickstart uses a plaintext client secret, it's only for simplicity. We recommend using [certificate credentials](./certificate-credentials.md) instead of client secrets in your confidential client applications, especially those apps you intend to deploy to production.
-3. Edit *.env* and replace the Microsoft Entra ID and Microsoft Graph endpoints with the following values:
+1. Edit *.env* and replace the Microsoft Entra ID and Microsoft Graph endpoints with the following values:
- For the Microsoft Entra endpoint, replace `Enter_the_Cloud_Instance_Id_Here` with `https://login.microsoftonline.com`. - For the Microsoft Graph endpoint, replace `Enter_the_Graph_Endpoint_Here` with `https://graph.microsoft.com/`. #### Step 4: Admin consent
-If you try to run the application at this point, you'll receive *HTTP 403 - Forbidden* error: `Insufficient privileges to complete the operation`. This error happens because any *app-only permission* requires **admin consent**: a global administrator of your directory must give consent to your application. Select one of the options below depending on your role:
+If you try to run the application at this point, you'll receive *HTTP 403 - Forbidden* error: `Insufficient privileges to complete the operation`. This error happens because any *app-only permission* requires **admin consent**: an [Application Administrator](../roles/permissions-reference.md#application-administrator) or [Global Administrator](../roles/permissions-reference.md#global-administrator) must give consent to your application. Select one of the options below depending on your role:
-##### Global tenant administrator
+##### Administrators
-If you're a global tenant administrator, go to **API Permissions** page in the Azure portal's Application Registration and select **Grant admin consent for {Tenant Name}** (where {Tenant Name} is the name of your directory).
+If you're assigned the [Application Administrator](../roles/permissions-reference.md#application-administrator) or [Global Administrator](../roles/permissions-reference.md#global-administrator) roles, go to **API Permissions** page in the Azure portal's Application Registration and select **Grant admin consent for {Tenant Name}** (where {Tenant Name} is the name of your directory).
-##### Standard user
+##### Standard users
If you're a standard user of your tenant, then you need to ask a global administrator to grant **admin consent** for your application. To do this, give the following URL to your administrator:
active-directory Quickstart Single Page App Angular Sign In https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/quickstart-single-page-app-angular-sign-in.md
Previously updated : 09/13/2023 Last updated : 09/25/2023
This quickstart uses a sample Angular single-page app (SPA) to show you how to sign in users by using the [authorization code flow](/azure/active-directory/develop/v2-oauth2-auth-code-flow) with Proof Key for Code Exchange (PKCE) and call the Microsoft Graph API. The sample uses the [Microsoft Authentication Library for JavaScript](/javascript/api/@azure/msal-react) to handle authentication.
-In this article you'll register a SPA in the Microsoft Entra admin center, and download a sample Angular SPA. Next, you'll run the sample application, sign in with your personal Microsoft account or a work/school account, and sign out.
- ## Prerequisites * An Azure account with an active subscription. If you don't already have one, [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
To obtain the sample application, you can either clone it from GitHub or downloa
```console git clone https://github.com/Azure-Samples/ms-identity-docs-code-javascript.git ```--- [Download the .zip file](https://github.com/Azure-Samples/ms-identity-docs-code-javascript/archive/refs/heads/main.zip)
+- [Download the .zip file](https://github.com/Azure-Samples/ms-identity-docs-code-javascript/archive/refs/heads/main.zip). Extract it to a file path where the length of the name is fewer than 260 characters.
## Configure the project
active-directory Quickstart Single Page App Javascript Sign In https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/quickstart-single-page-app-javascript-sign-in.md
Previously updated : 09/13/2023 Last updated : 09/25/2023
This quickstart uses a sample JavaScript (JS) single-page app (SPA) to show you how to sign in users by using the [authorization code flow](/azure/active-directory/develop/v2-oauth2-auth-code-flow) with Proof Key for Code Exchange (PKCE) and call the Microsoft Graph API. The sample uses the [Microsoft Authentication Library for JavaScript](/javascript/api/@azure/msal-react) to handle authentication.
-In this article you'll register a SPA in the Microsoft Entra admin center, and download a sample JS SPA. Next, you'll run the sample application, sign in with your personal Microsoft account or a work or school account, and sign out.
- ## Prerequisites * An Azure account with an active subscription. If you don't already have one, [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
To obtain the sample application, you can either clone it from GitHub or downloa
```console git clone https://github.com/Azure-Samples/ms-identity-javascript-tutorial ```--- [Download the .zip file](https://github.com/Azure-Samples/ms-identity-javascript-tutorial/archive/refs/heads/main.zip).
+- [Download the .zip file](https://github.com/Azure-Samples/ms-identity-javascript-tutorial/archive/refs/heads/main.zip). Extract it to a file path where the length of the name is fewer than 260 characters.
## Configure the project 1. In your IDE, open the project folder, *ms-identity-javascript-tutorial/angular-spa*, containing the sample. 1. Open *1-Authentication/1-sign-in/App/authConfig.js* and replace the file contents with the following snippet:
- ```javascript
- /**
- * Configuration object to be passed to MSAL instance on creation.
- * For a full list of MSAL.js configuration parameters, visit:
- * https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/configuration.md
- */
-
- const msalConfig = {
- auth: {
- clientId: 'Enter_the_Application_Id_Here', // This is the ONLY mandatory field that you need to supply.
- authority: 'https://login.microsoftonline.com/Enter_the_Tenant_Info_Here', // Defaults to "https://login.microsoftonline.com/common"
- redirectUri: '/', // You must register this URI on Azure Portal/App Registration. Defaults to window.location.href e.g. http://localhost:3000/
- navigateToLoginRequestUrl: true, // If "true", will navigate back to the original request location before processing the auth code response.
- },
- cache: {
- cacheLocation: 'sessionStorage', // Configures cache location. "sessionStorage" is more secure, but "localStorage" gives you SSO.
- storeAuthStateInCookie: false, // set this to true if you have to support IE
- },
- system: {
- loggerOptions: {
- loggerCallback: (level, message, containsPii) => {
- if (containsPii) {
- return;
- }
- switch (level) {
- case msal.LogLevel.Error:
- console.error(message);
- return;
- case msal.LogLevel.Info:
- console.info(message);
- return;
- case msal.LogLevel.Verbose:
- console.debug(message);
- return;
- case msal.LogLevel.Warning:
- console.warn(message);
- return;
- }
- },
- },
- },
- };
-
- /**
- * Scopes you add here will be prompted for user consent during sign-in.
- * By default, MSAL.js will add OIDC scopes (openid, profile, email) to any login request.
- * For more information about OIDC scopes, visit:
- * https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent#openid-connect-scopes
- */
- const loginRequest = {
- scopes: ["openid", "profile"],
- };
-
- /**
- * An optional silentRequest object can be used to achieve silent SSO
- * between applications by providing a "login_hint" property.
- */
-
- // const silentRequest = {
- // scopes: ["openid", "profile"],
- // loginHint: "example@domain.net"
- // };
-
- // exporting config object for jest
- if (typeof exports !== 'undefined') {
- module.exports = {
- msalConfig: msalConfig,
- loginRequest: loginRequest,
- };
- }
- ```
+ :::code language="csharp" source="~/ms-identity-docs-code-javascript/js-spa/App/authConfig.js":::
* `TenantId` - The identifier of the tenant where the application is registered. Replace the text in quotes with the **Directory (tenant) ID** that was recorded earlier from the overview page of the registered application. * `ClientId` - The identifier of the application, also referred to as the client. Replace the text in quotes with the **Directory (tenant) ID** value that was recorded earlier from the overview page of the registered application.
Run the project with a web server by using Node.js:
npm install npm start ```
-1. Copy the https URL that appears in the terminal, for example, `https://localhost:3000`, and paste it into a browser. We recommend using a private or incognito browser session.
+1. Copy the `https` URL that appears in the terminal, for example, `https://localhost:3000`, and paste it into a browser. We recommend using a private or incognito browser session.
1. Follow the steps and enter the necessary details to sign in with your Microsoft account. You'll be requested an email address so a one time passcode can be sent to you. Enter the code when prompted. 1. The application will request permission to maintain access to data you have given it access to, and to sign you in and read your profile. Select **Accept**. 1. The following screenshot appears, indicating that you have signed in to the application and have accessed your profile details from the Microsoft Graph API.
active-directory Quickstart Single Page App React Sign In https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/quickstart-single-page-app-react-sign-in.md
Previously updated : 09/13/2023 Last updated : 09/25/2023
This quickstart uses a sample React single-page app (SPA) to show you how to sign in users by using the [authorization code flow](/azure/active-directory/develop/v2-oauth2-auth-code-flow) with Proof Key for Code Exchange (PKCE). The sample uses the [Microsoft Authentication Library for JavaScript](/javascript/api/@azure/msal-react) to handle authentication.
-In this article you'll register a SPA in the Microsoft Entra admin center, and download a sample React SPA. Next, you'll run the sample application, sign in with your personal Microsoft account or a work or school account, and sign out.
- ## Prerequisites * An Azure account with an active subscription. If you don't already have one, [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
In this article you'll register a SPA in the Microsoft Entra admin center, and d
1. Select **New registration**. 1. When the **Register an application** page appears, enter a name for your application, such as *identity-client-app*. 1. Under **Supported account types**, select **Accounts in any organizational directory and personal Microsoft accounts**.
-1. The application's overview pane is displayed when registration is complete. Record the **Directory (tenant) ID** and the **Application (client) ID** to be used in your application source code.
1. Select **Register**. 1. The application's Overview pane displays upon successful registration. Record the **Application (client) ID** and **Directory (tenant) ID** to be used in your application source code.
To obtain the sample application, you can either clone it from GitHub or downloa
```console git clone https://github.com/Azure-Samples/ms-identity-docs-code-javascript.git ```-- [Download the .zip file](https://github.com/Azure-Samples/ms-identity-docs-code-javascript/tree/main)-
-If you choose to download the `.zip` file, extract the sample app file to a folder where the total length of the path is 260 or fewer characters.
+- [Download the .zip file](https://github.com/Azure-Samples/ms-identity-docs-code-javascript/tree/main). Extract it to a file path where the length of the name is fewer than 260 characters.
## Configure the project
active-directory Quickstart V2 Aspnet Core Web Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/quickstart-v2-aspnet-core-web-api.md
> > First, register the web API in your Microsoft Entra tenant and add a scope by following these steps: >
-> 1. Sign in to the [Azure portal](https://portal.azure.com/).
-> 1. If access to multiple tenants is available, use the **Directories + subscriptions** filter :::image type="icon" source="./media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant in which to register the application.
-> 1. Search for and select **Microsoft Entra ID**.
-> 1. Under **Manage**, select **App registrations** > **New registration**.
+> 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator).
+> 1. Browse to **Identity** > **Applications** > **App registrations**.
+> 1. Select **New registration**.
> 1. For **Name**, enter a name for the application. For example, enter **AspNetCoreWebApi-Quickstart**. Users of the app will see this name, and can be changed later. > 1. Select **Register**. > 1. Under **Manage**, select **Expose an API** > **Add a scope**. For **Application ID URI**, accept the default by selecting **Save and continue**, and then enter the following details:
This quickstart will be deprecated in the near future and will be updated to use
> > The line that contains `.AddMicrosoftIdentityWebApi` adds the Microsoft identity platform authorization to the web API. It's then configured to validate access tokens issued by the Microsoft identity platform based on the information in the `AzureAD` section of the *appsettings.json* configuration file: >
-> | *appsettings.json* key | Description
-|
-> ||-|
-> | `ClientId` | Application (client) ID of the application registered in the Azure portal. |
-> | `Instance` | Security token service (STS) endpoint for the user to authenticate. This value is typically `https://login.microsoftonline.com/`, indicating the Azure public cloud. |
-> | `TenantId` | Name of your tenant or its tenant ID (a GUID), or `common` to sign in users with work or school accounts or Microsoft personal accounts. |
+> |*appsettings.json* key | Description |
+> | | -- |
+> | `ClientId` | Application (client) ID of the application registered. |
+> | `Instance` | Security token service (STS) endpoint for the user to authenticate. This value is typically `https://login.microsoftonline.com/`, indicating the Azure public cloud. |
+> | `TenantId` | Name of your tenant or its tenant ID (a GUID), or `common` to sign in users with work or school accounts or Microsoft personal accounts. |
> > The `Configure()` method contains two important methods, `app.UseAuthentication()` and `app.UseAuthorization()`, that enable their named functionality: >
active-directory Quickstart V2 Dotnet Native Aspnet https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/quickstart-v2-dotnet-native-aspnet.md
> > Register your web API in **App registrations** in the Azure portal. >
-> 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Cloud Application Administrator](../roles/permissions-reference.md#cloud-application-administrator).
-> 1. If you have access to multiple tenants, use the **Directory + subscription** filter :::image type="icon" source="./media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to select the tenant in which you want to register an application.
-> 1. Browse to **Identity** > **Applications** > **App registrations** and select **New registration**.
+> 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator).
+> 1. Browse to **Identity** > **Applications** > **App registrations**.
+> 1. Select **New registration**.
> 1. Enter a **Name** for your application, for example `AppModelv2-NativeClient-DotNet-TodoListService`. Users of your app might see this name, and you can change it later. > 1. For **Supported account types**, select **Accounts in any organizational directory**. > 1. Select **Register** to create the application.
active-directory Quickstart Web App Aspnet Core Sign In https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/quickstart-web-app-aspnet-core-sign-in.md
In this article you register a web application in the Microsoft Entra admin cent
## Clone or download the sample application To obtain the sample application, you can either clone it from GitHub or download it as a *.zip* file.-- [Download the .zip file](https://github.com/Azure-Samples/ms-identity-docs-code-dotnet/archive/refs/heads/main.zip). Extract it to a file path where the length of the name is fewer than 260 characters. - To clone the sample, open a command prompt and navigate to where you wish to create the project, and enter the following command: ```console git clone https://github.com/Azure-Samples/ms-identity-docs-code-dotnet.git ```
+- [Download the .zip file](https://github.com/Azure-Samples/ms-identity-docs-code-dotnet/archive/refs/heads/main.zip). Extract it to a file path where the length of the name is fewer than 260 characters.
## Create and upload a self-signed certificate
active-directory Scenario Protected Web Api App Registration https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/scenario-protected-web-api-app-registration.md
To add another layer of security, a Microsoft Entra tenant administrator can con
To increase security by restricting token issuance only to client apps that have been assigned app roles:
-1. In the Azure portal, select your app in **Identity** > **App registrations**.
+1. In the [Microsoft Entra admin center](https://entra.microsoft.com), select your app under **Identity** > **Applications** > **App registrations**.
1. On the application's overview page, select its **Managed application in local directory** link to navigate to its **Enterprise Application Overview** page. 1. Under **Manage**, select **Properties**. 1. Set **Assignment required?** to **Yes**.
active-directory Single Page App Tutorial 02 Prepare Spa https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/single-page-app-tutorial-02-prepare-spa.md
Identity related **npm** packages must be installed in the project to enable use
1. Ensure that the correct directory is selected (*reactspalocal*) then enter the following into the terminal to install the relevant `msal` and `bootstrap` packages. ```powershell
- npm install @azure/msal-browser @azure/msal-react
+ npm install @azure/msal-browser @azure/msal-react @azure/msal-common
npm install react-bootstrap bootstrap ```
active-directory Test Setup Environment https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/test-setup-environment.md
If your app will primarily be used by a single organization (commonly referred t
Replicating Conditional Access policies ensures you don't encounter unexpected blocked access when moving to production and your application can appropriately handle the errors it's likely to receive.
-Viewing your production tenant Conditional Access policies may need to be performed by a company administrator.
+Viewing your production tenant Conditional Access policies may need to be performed by a [Conditional Access Administrator](../roles/permissions-reference.md#conditional-access-administrator).
1. Go to **Identity** > **Applications** > **Enterprise applications** > **Conditional Access**. 1. View the list of policies in your tenant. Click the first one. 1. Navigate to **Cloud apps or actions**. 1. If the policy only applies to a select group of apps, then move on to the next policy. If not, then it will likely apply to your app as well when you move to production. You should copy the policy over to your test tenant.
-In a new tab or browser session, sign in to the [Azure portal](https://portal.azure.com) to access your test tenant.
+In a new tab or browser session, sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Conditional Access Administrator](../roles/permissions-reference.md#conditional-access-administrator) to access your test tenant.
-1. Browse to **Identity** > **Applications** > **Enterprise applications** > **Conditional Access**.
+1. Browse to **Protection** > **Conditional Access**.
1. Select **Create new policy** 1. Copy the settings from the production tenant policy, identified through the previous steps.
active-directory V2 Protocols Oidc https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/v2-protocols-oidc.md
ID tokens aren't issued by default for an application registered with the Micros
Or:
-1. Select **Identity** > **App registrations** > *\<your application\>* > **Manifest**.
+1. Select **Identity** > **Applications** > **App registrations** > *\<your application\>* > **Manifest**.
1. Set `oauth2AllowIdTokenImplicitFlow` to `true` in the app registration's [application manifest](reference-app-manifest.md). If ID tokens are not enabled for your app and one is requested, the Microsoft identity platform returns an `unsupported_response` error similar to:
active-directory V2 Protocols https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/v2-protocols.md
https://login.microsoftonline.com/<issuer>/oauth2/v2.0/token
To find the endpoints for an application you've registered, in the [Microsoft Entra admin center](https://entra.microsoft.com) navigate to:
-**Identity** > **App registrations** > \<YOUR-APPLICATION\> > **Endpoints**
+**Identity** > **Applications** > **App registrations** > \<YOUR-APPLICATION\> > **Endpoints**
## Next steps
active-directory Web Api Quickstart Portal Aspnet Core https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/web-api-quickstart-portal-aspnet-core.md
> > First, register the web API in your Microsoft Entra tenant and add a scope by following these steps: >
-> 1. Sign in to the [Azure portal](https://portal.azure.com/).
-> 1. If you have access to multiple tenants, use the **Directories + subscriptions** filter :::image type="icon" source="./media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant in which you want to register the application.
-> 1. Search for and select **Identity**.
-> 1. Under **Manage**, select **App registrations** > **New registration**.
+> 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator).
+> 1. Browse to **Identity** > **Applications** > **App registrations**.
+> 1. Select **New registration**.
> 1. For **Name**, enter a name for your application. For example, enter **AspNetCoreWebApi-Quickstart**. Users of your app will see this name, and you can change it later. > 1. Select **Register**. > 1. Under **Manage**, select **Expose an API** > **Add a scope**. For **Application ID URI**, accept the default by selecting **Save and continue**, and then enter the following details:
> "TenantId": "Enter_the_Tenant_Info_Here" > ``` >
-> - Replace `Enter_the_Application_Id_here` with the application (client) ID of the application that you registered in the Azure portal. You can find the application (client) ID on the app's **Overview** page.
+> - Replace `Enter_the_Application_Id_here` with the application (client) ID of the application that you registered. You can find the application (client) ID on the app's **Overview** page.
> - Replace `Enter_the_Tenant_Info_Here` with one of the following: > - If your application supports **Accounts in this organizational directory only**, replace this value with the directory (tenant) ID (a GUID) or tenant name (for example, `contoso.onmicrosoft.com`). You can find the directory (tenant) ID on the app's **Overview** page. > - If your application supports **Accounts in any organizational directory**, replace this value with `organizations`.
> > The line that contains `.AddMicrosoftIdentityWebApi` adds the Microsoft identity platform authorization to your web API. It's then configured to validate access tokens issued by the Microsoft identity platform based on the information in the `AzureAD` section of the *appsettings.json* configuration file: >
-> | *appsettings.json* key | Description |
-> ||-|
-> | `ClientId` | Application (client) ID of the application registered in the Azure portal. |
-> | `Instance` | Security token service (STS) endpoint for the user to authenticate. This value is typically `https://login.microsoftonline.com/`, indicating the Azure public cloud. |
-> | `TenantId` | Name of your tenant or its tenant ID (a GUID), or `common` to sign in users with work or school accounts or Microsoft personal accounts. |
+> | *appsettings.json* key | Description |
+> |--|--|
+> | `ClientId` | Application (client) ID of the application registered. |
+> | `Instance` | Security token service (STS) endpoint for the user to authenticate. This value is typically `https://login.microsoftonline.com/`, indicating the Azure public cloud. |
+> | `TenantId` | Name of your tenant or its tenant ID (a GUID), or `common` to sign in users with work or school accounts or Microsoft personal accounts. |
> > The `Configure()` method contains two important methods, `app.UseAuthentication()` and `app.UseAuthorization()`, that enable their named functionality: >
active-directory Web Api Quickstart Portal Dotnet Native Aspnet https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/develop/web-api-quickstart-portal-dotnet-native-aspnet.md
> > Register your web API in **App registrations** in the Azure portal. >
-> 1. Sign in to the [Azure portal](https://portal.azure.com/).
-> 1. If you have access to multiple tenants, use the **Directory + subscription** filter :::image type="icon" source="./media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to select the tenant in which you want to register an application.
-> 1. Find and select **Identity**.
-> 1. Under **Manage**, select **App registrations** > **New registration**.
+> 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Application Administrator](../roles/permissions-reference.md#application-administrator).
+> 1. Browse to **Identity** > **Applications** > **App registrations**.
+> 1. Select **New registration**.
> 1. Enter a **Name** for your application, for example `AppModelv2-NativeClient-DotNet-TodoListService`. Users of your app might see this name, and you can change it later. > 1. For **Supported account types**, select **Accounts in any organizational directory**. > 1. Select **Register** to create the application.
active-directory Assign Local Admin https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/assign-local-admin.md
Additionally, you can also add users using the command prompt:
## Next steps -- To get an overview of how to manage devices, see [managing devices using the Azure portal](manage-device-identities.md).
+- To get an overview of how to manage devices, see [managing device identities](manage-device-identities.md).
- To learn more about device-based Conditional Access, see [Conditional Access: Require compliant or Microsoft Entra hybrid joined device](../conditional-access/howto-conditional-access-policy-compliant-device.md).
active-directory Concept Device Registration https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/concept-device-registration.md
The goal of Microsoft Entra registered - also known as Workplace joined - device
Microsoft Entra registered devices are signed in to using a local account like a Microsoft account on a Windows 10 or newer device. These devices have a Microsoft Entra account for access to organizational resources. Access to resources in the organization can be limited based on that Microsoft Entra account and Conditional Access policies applied to the device identity.
-Microsoft Entra Registration is not the same as device enrolment. If Administrators permit users to enrol their devices, organisations can further control these Microsoft Entra registered devices by enrolling the device(s) into Mobile Device Management (MDM) tools like Microsoft Intune. MDM provides a means to enforce organization-required configurations like requiring storage to be encrypted, password complexity, and security software kept updated.
+Microsoft Entra Registration is not the same as device enrollment. If Administrators permit users to enroll their devices, organizations can further control these Microsoft Entra registered devices by enrolling the device(s) into Mobile Device Management (MDM) tools like Microsoft Intune. MDM provides a means to enforce organization-required configurations like requiring storage to be encrypted, password complexity, and security software kept updated.
Microsoft Entra registration can be accomplished when accessing a work application for the first time or manually using the Windows 10 or Windows 11 Settings menu.
Another user wants to access their organizational email on their personal Androi
## Next steps -- [Manage device identities using the Azure portal](manage-device-identities.md)
+- [Manage device identities](manage-device-identities.md)
- [Manage stale devices in Microsoft Entra ID](manage-stale-devices.md) - [Register your personal device on your work or school network](https://support.microsoft.com/account-billing/register-your-personal-device-on-your-work-or-school-network-8803dd61-a613-45e3-ae6c-bd1ab25bf8a8)
active-directory Concept Directory Join https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/concept-directory-join.md
Microsoft Entra join can be deployed by using any of the following methods:
- [Plan your Microsoft Entra join implementation](device-join-plan.md) - [Co-management using Configuration Manager and Microsoft Intune](/mem/configmgr/comanage/overview) - [How to manage the local administrators group on Microsoft Entra joined devices](assign-local-admin.md)-- [Manage device identities using the Azure portal](manage-device-identities.md)
+- [Manage device identities](manage-device-identities.md)
- [Manage stale devices in Microsoft Entra ID](manage-stale-devices.md)
active-directory Concept Hybrid Join https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/concept-hybrid-join.md
Use Microsoft Entra hybrid joined devices if:
- [Plan your Microsoft Entra hybrid join implementation](hybrid-join-plan.md) - [Co-management using Configuration Manager and Microsoft Intune](/mem/configmgr/comanage/overview)-- [Manage device identities using the Azure portal](manage-device-identities.md)
+- [Manage device identities](manage-device-identities.md)
- [Manage stale devices in Microsoft Entra ID](manage-stale-devices.md)
active-directory Device Join Out Of Box https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/device-join-out-of-box.md
To verify whether a device is joined to your Microsoft Entra ID, review the **Ac
## Next steps -- For more information about managing devices, see [managing devices using the Azure portal](manage-device-identities.md).
+- For more information about managing devices, see [managing device identities](manage-device-identities.md).
- [What is Microsoft Intune?](/mem/intune/fundamentals/what-is-intune) - [Overview of Windows Autopilot](/mem/autopilot/windows-autopilot) - [Passwordless authentication options for Microsoft Entra ID](../authentication/concept-authentication-passwordless.md)
active-directory Device Join Plan https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/device-join-plan.md
Choose your deployment approach or approaches by reviewing the previous table an
## Configure your device settings
-The Azure portal allows you to control the deployment of Microsoft Entra joined devices in your organization. To configure the related settings, on the **Microsoft Entra ID page**, select `Devices > Device settings`. [Learn more](manage-device-identities.md)
+The [Microsoft Entra admin center](https://entra.microsoft.com) allows you to control the deployment of Microsoft Entra joined devices in your organization. To configure the related settings, browse to **Identity** > **Devices** > **All devices** > **Device settings**. [Learn more](manage-device-identities.md)
<a name='users-may-join-devices-to-azure-ad'></a>
active-directory Enterprise State Roaming Group Policy Settings https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/enterprise-state-roaming-group-policy-settings.md
Use these Group Policy and mobile device management (MDM) settings only on corporate-owned devices because these policies are applied to the userΓÇÖs entire device. Applying an MDM policy to disable settings sync for a personal, user-owned device will negatively impact the use of that device. Additionally, other user accounts on the device will also be affected by the policy.
-Enterprises that want to manage roaming for personal (unmanaged) devices can use the Azure portal to enable or disable roaming, rather than using Group Policy or MDM.
+Enterprises that want to manage roaming for personal (unmanaged) devices can use the Microsoft Entra admin center to enable or disable roaming, rather than using Group Policy or MDM.
The following tables describe the policy settings available. > [!NOTE]
active-directory Enterprise State Roaming Troubleshooting https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/enterprise-state-roaming-troubleshooting.md
Enterprise State Roaming requires the device to be registered with Microsoft Ent
**Potential issue**: **WamDefaultSet** and **AzureAdJoined** both have ΓÇ£NOΓÇ¥ in the field value, the device was domain-joined and registered with Microsoft Entra ID, and the device doesn't sync. If it's showing this, the device may need to wait for policy to be applied or the authentication for the device failed when connecting to Microsoft Entra ID. The user may have to wait a few hours for the policy to be applied. Other troubleshooting steps may include retrying autoregistration by signing out and back in, or launching the task in Task Scheduler. In some cases, running ΓÇ£*dsregcmd.exe /leave*ΓÇ¥ in an elevated command prompt window, rebooting, and trying registration again may help with this issue.
-**Potential issue**: The field for **SettingsUrl** is empty and the device doesn't sync. The user may have last logged in to the device before Enterprise State Roaming was enabled. Restart the device and have the user login. Optionally, in the portal, try having the IT Admin navigate to **Microsoft Entra ID** > **Devices** > **Enterprise State Roaming** disable and re-enable **Users may sync settings and app data across devices**. Once re-enabled, restart the device and have the user login. If this doesn't resolve the issue, **SettingsUrl** may be empty if there's a bad device certificate. In this case, running ΓÇ£*dsregcmd.exe /leave*ΓÇ¥ in an elevated command prompt window, rebooting, and trying registration again may help with this issue.
+**Potential issue**: The field for **SettingsUrl** is empty and the device doesn't sync. The user may have last logged in to the device before Enterprise State Roaming was enabled. Restart the device and have the user login. Optionally, in the portal, try having the IT Admin navigate to **Identity** > **Devices** > **Overview** > **Enterprise State Roaming** disable and re-enable **Users may sync settings and app data across devices**. Once re-enabled, restart the device and have the user login. If this doesn't resolve the issue, **SettingsUrl** may be empty if there's a bad device certificate. In this case, running ΓÇ£*dsregcmd.exe /leave*ΓÇ¥ in an elevated command prompt window, rebooting, and trying registration again may help with this issue.
## Enterprise State Roaming and multifactor authentication Under certain conditions, Enterprise State Roaming can fail to sync data if Microsoft Entra multifactor authentication is configured. For more information on these symptoms, see the support document [KB3193683](https://support.microsoft.com/kb/3193683).
-**Potential issue**: If your device is configured to require multifactor authentication on the Azure portal, you may fail to sync settings while signing in to a Windows 10 or newer device using a password. This type of multifactor authentication configuration is intended to protect an Azure administrator account. Admin users may still be able to sync by signing in to their Windows 10 or newer devices with their Windows Hello for Business PIN or by completing multifactor authentication while accessing other Azure services like Microsoft 365.
+**Potential issue**: If your device is configured to require multifactor authentication on the Microsoft Entra admin center, you may fail to sync settings while signing in to a Windows 10 or newer device using a password. This type of multifactor authentication configuration is intended to protect an Azure administrator account. Admin users may still be able to sync by signing in to their Windows 10 or newer devices with their Windows Hello for Business PIN or by completing multifactor authentication while accessing other Azure services like Microsoft 365.
**Potential issue**: Sync can fail if the admin configures the Active Directory Federation Services multifactor authentication Conditional Access policy and the access token on the device expires. Ensure that you sign in and sign out using the Windows Hello for Business PIN or complete multifactor authentication while accessing other Azure services like Microsoft 365.
active-directory How To Hybrid Join Verify https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/how-to-hybrid-join-verify.md
Here are three ways to locate and verify the hybrid joined device state:
1. Open Windows PowerShell. 2. Enter `dsregcmd /status`. 3. Verify that both **AzureAdJoined** and **DomainJoined** are set to **YES**.
-4. You can use the **DeviceId** and compare the status on the service using either the Azure portal or PowerShell.
+4. You can use the **DeviceId** and compare the status on the service using either the Microsoft Entra admin center or PowerShell.
For downlevel devices, see the article [Troubleshooting Microsoft Entra hybrid joined down-level devices](troubleshoot-hybrid-join-windows-legacy.md#step-1-retrieve-the-registration-status)
-## Using the Azure portal
+## Using the Microsoft Entra admin center
1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com)ntra.microsoft.com) as at least a [Cloud Device Administrator](../roles/permissions-reference.md#cloud-device-administrator). 1. Browse to **Identity** > **Devices** > **All devices**.
active-directory Howto Manage Local Admin Passwords https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/howto-manage-local-admin-passwords.md
You can also use Microsoft Graph API [Get deviceLocalCredentialInfo](/graph/api/
## List all Windows LAPS enable devices
-To list all Windows LAPS enabled devices in Microsoft Entra ID, you can browse to **Microsoft Entra ID** > **Devices** > **Local administrator password recovery (Preview)** or use the Microsoft Graph API.
+To list all Windows LAPS enabled devices, you can browse to **Identity** > **Devices** > **Overview** > **Local administrator password recovery (Preview)** or use the Microsoft Graph API.
## Auditing local administrator password update and recovery
-To view audit events, you can browse to **Microsoft Entra ID** > **Devices** > **Audit logs**, then use the **Activity** filter and search for **Update device local administrator password** or **Recover device local administrator password** to view the audit events.
+To view audit events, you can browse to **Identity** > **Devices** > **Overview** > **Audit logs**, then use the **Activity** filter and search for **Update device local administrator password** or **Recover device local administrator password** to view the audit events.
## Conditional Access policies for local administrator password recovery
active-directory Howto Vm Sign In Azure Ad Windows https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/howto-vm-sign-in-azure-ad-windows.md
Exit code -2145648607 translates to `DSREG_AUTOJOIN_DISC_FAILED`. The extension
- `curl https://pas.windows.net/ -D -` > [!NOTE]
- > Replace `<TenantID>` with the Microsoft Entra tenant ID that's associated with the Azure subscription. If you need to find the tenant ID, you can hover over your account name or select **Microsoft Entra ID** > **Properties** > **Directory ID**.
+ > Replace `<TenantID>` with the Azure AD tenant ID that's associated with the Azure subscription. If you need to find the tenant ID, you can hover over your account name or select **Identity** > **Overview** > **Properties** > **Tenant ID**.
> > Attempts to connect to `enterpriseregistration.windows.net` might return 404 Not Found, which is expected behavior. Attempts to connect to `pas.windows.net` might prompt for PIN credentials or might return 404 Not Found. (You don't need to enter the PIN.) Either one is sufficient to verify that the URL is reachable.
active-directory Hybrid Join Control https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/hybrid-join-control.md
Use the following example to create a Group Policy Object (GPO) to deploy a regi
1. Key Path: **SOFTWARE\Microsoft\Windows\CurrentVersion\CDJ\AAD**. 1. Value name: **TenantId**. 1. Value type: **REG_SZ**.
- 1. Value data: The GUID or **Tenant ID** of your Microsoft Entra instance (This value can be found in the **Azure portal** > **Microsoft Entra ID** > **Properties** > **Tenant ID**).
+ 1. Value data: The GUID or **Tenant ID** of your Microsoft Entra instance (This value can be found in the **Microsoft Entra admin center** > **Identity** > **Properties** > **Tenant ID**).
1. Select **OK**. 1. Right-click on the Registry and select **New** > **Registry Item**. 1. On the **General** tab, configure the following.
active-directory Manage Device Identities https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/manage-device-identities.md
Title: Manage devices in Microsoft Entra ID using the Azure portal
-description: This article describes how to use the Azure portal to manage device identities and monitor related event information.
+ Title: Manage devices in Microsoft Entra ID using the Microsoft Entra admin center
+description: This article describes how to use the Microsoft Entra admin center to manage device identities and monitor related event information.
-# Manage device identities by using the Azure portal
+# Manage device identities using the Microsoft Entra admin center
Microsoft Entra ID provides a central place to manage device identities and monitor related event information.
Microsoft Entra ID provides a central place to manage device identities and moni
You can access the devices overview by completing these steps: 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Global Reader](../roles/permissions-reference.md#global-reader).
-1. Go to **Microsoft Entra ID** > **Devices**.
+1. Go to **Identity** > **Devices** > **Overview**.
In the devices overview, you can view the number of total devices, stale devices, noncompliant devices, and unmanaged devices. You'll also find links to Intune, Conditional Access, BitLocker keys, and basic monitoring.
The exported list includes these device identity attributes:
## Configure device settings
-If you want to manage device identities by using the Azure portal, the devices need to be either [registered or joined](overview.md) to Microsoft Entra ID. As an administrator, you can control the process of registering and joining devices by configuring the following device settings.
+If you want to manage device identities by using the Microsoft Entra admin center, the devices need to be either [registered or joined](overview.md) to Microsoft Entra ID. As an administrator, you can control the process of registering and joining devices by configuring the following device settings.
You must be assigned one of the following roles to view device settings:
active-directory Manage Stale Devices https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/manage-stale-devices.md
If the delta between the existing value of the activity timestamp and the curren
You have two options to retrieve the value of the activity timestamp: -- The **Activity** column on the [devices page](https://portal.azure.com/#blade/Microsoft_AAD_IAM/DevicesMenuBlade/Devices).
+- The **Activity** column on the all devices page.
:::image type="content" source="./media/manage-stale-devices/01.png" alt-text="Screenshot listing the name, owner, and other information of devices. One column lists the activity time stamp." border="false":::
Disable or delete Microsoft Entra registered devices in the Microsoft Entra ID.
> - Deleting a Microsoft Entra registered device in Microsoft Entra ID does not remove registration on the client. It will only prevent access to resources using device as an identity (e.g. Conditional Access). > - Read more on [how to remove a registration on the client](faq.yml)
-## Clean up stale devices in the Azure portal
+## Clean up stale devices
-While you can clean up stale devices in the Azure portal, it's more efficient, to handle this process using a PowerShell script. Use the latest PowerShell V2 module to use the timestamp filter and to filter out system-managed devices such as Autopilot.
+While you can clean up stale devices in the Microsoft Entra admin center, it's more efficient to handle this process using a PowerShell script. Use the latest PowerShell V2 module to use the timestamp filter and to filter out system-managed devices such as Autopilot.
A typical routine consists of the following steps:
Any authentication where a device is being used to authenticate to Microsoft Ent
Devices managed with Intune can be retired or wiped, for more information see the article [Remove devices by using wipe, retire, or manually unenrolling the device](/mem/intune/remote-actions/devices-wipe).
-To get an overview of how to manage devices, see [managing devices using the Azure portal](manage-device-identities.md)
+To get an overview of how to manage devices, see [managing device identities](manage-device-identities.md)
active-directory Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/overview.md
Getting devices in to Microsoft Entra ID can be done in a self-service manner or
- Learn more about [Microsoft Entra registered devices](concept-device-registration.md) - Learn more about [Microsoft Entra joined devices](concept-directory-join.md) - Learn more about [Microsoft Entra hybrid joined devices](concept-hybrid-join.md)-- To get an overview of how to manage device identities, see [Managing device identities using the Azure portal](manage-device-identities.md).
+- To get an overview of how to manage device identities, see [Managing device identities](manage-device-identities.md).
- To learn more about device-based Conditional Access, see [Configure Microsoft Entra device-based Conditional Access policies](../conditional-access/concept-conditional-access-grant.md).
active-directory Plan Device Deployment https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/plan-device-deployment.md
This article helps you evaluate the methods to integrate your device with Micros
The landscape of your user's devices is constantly expanding. Organizations may provide desktops, laptops, phones, tablets, and other devices. Your users may bring their own array of devices, and access information from varied locations. In this environment, your job as an administrator is to keep your organizational resources secure across all devices.
-Microsoft Entra ID enables your organization to meet these goals with device identity management. You can now get your devices in Microsoft Entra ID and control them from a central location in the [Azure portal](https://portal.azure.com/). This process gives you a unified experience, enhanced security, and reduces the time needed to configure a new device.
+Microsoft Entra ID enables your organization to meet these goals with device identity management. You can now get your devices in Microsoft Entra ID and control them from a central location in the [Microsoft Entra admin center](https://entra.microsoft.com). This process gives you a unified experience, enhanced security, and reduces the time needed to configure a new device.
There are multiple methods to integrate your devices into Microsoft Entra ID, they can work separately or together based on the operating system and your requirements:
The key benefits of giving your devices a Microsoft Entra identity:
* Improve user experience ΓÇô Provide your users with easy access to your organizationΓÇÖs cloud-based resources from both personal and corporate devices. Administrators can enable [Enterprise State Roaming](./enterprise-state-roaming-enable.md) for a unified experience across all Windows devices.
-* Simplify deployment and management ΓÇô Simplify the process of bringing devices to Microsoft Entra ID with [Windows Autopilot](/windows/deployment/windows-autopilot/windows-10-autopilot), [bulk provisioning](/mem/intune/enrollment/windows-bulk-enroll), or [self-service: Out of Box Experience (OOBE)](https://support.microsoft.com/account-billing/join-your-work-device-to-your-work-or-school-network-ef4d6adb-5095-4e51-829e-5457430f3973). Manage devices with Mobile Device Management (MDM) tools like [Microsoft Intune](/mem/intune/fundamentals/what-is-intune), and their identities in the [Azure portal](https://portal.azure.com/).
+* Simplify deployment and management ΓÇô Simplify the process of bringing devices to Microsoft Entra ID with [Windows Autopilot](/windows/deployment/windows-autopilot/windows-10-autopilot), [bulk provisioning](/mem/intune/enrollment/windows-bulk-enroll), or [self-service: Out of Box Experience (OOBE)](https://support.microsoft.com/account-billing/join-your-work-device-to-your-work-or-school-network-ef4d6adb-5095-4e51-829e-5457430f3973). Manage devices with Mobile Device Management (MDM) tools like [Microsoft Intune](/mem/intune/fundamentals/what-is-intune), and their identities in the [Microsoft Entra admin center](https://entra.microsoft.com).
## Plan the deployment project
You may determine that Microsoft Entra hybrid join is the best solution for a de
## Manage your devices
-Once you've registered or joined your devices to Microsoft Entra ID, use the [Azure portal](https://portal.azure.com/) as a central place to manage your device identities. The Microsoft Entra devices page enables you to:
+Once you've registered or joined your devices to Microsoft Entra ID, use the [Microsoft Entra admin center](https://entra.microsoft.com) as a central place to manage your device identities. The Microsoft Entra devices page enables you to:
* [Configure your device settings](manage-device-identities.md#configure-device-settings). * You need to be a local administrator to manage Windows devices. [Microsoft Entra ID updates this membership for Microsoft Entra joined devices](assign-local-admin.md), automatically adding users with the device manager role as administrators to all joined devices.
active-directory Troubleshoot Device Windows Joined https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/devices/troubleshoot-device-windows-joined.md
If you have a Windows 11 or Windows 10 device that isn't working with Microsoft
1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Global Reader](../roles/permissions-reference.md#global-reader). 1. Browse to **Identity** > **Devices** > **All devices** > **Diagnose and solve problems**. 1. Select **Troubleshoot** under the **Windows 10+ related issue** troubleshooter.
- :::image type="content" source="media/troubleshoot-device-windows-joined/devices-troubleshoot-windows.png" alt-text="A screenshot showing the Windows troubleshooter located in the diagnose and solve pane of the Azure portal." lightbox="media/troubleshoot-device-windows-joined/devices-troubleshoot-windows.png":::
+ :::image type="content" source="media/troubleshoot-device-windows-joined/devices-troubleshoot-windows.png" alt-text="A screenshot showing the Windows troubleshooter located in the diagnose and solve pane." lightbox="media/troubleshoot-device-windows-joined/devices-troubleshoot-windows.png":::
1. Select **instructions** and follow the steps to download, run, and collect the required logs for the troubleshooter to analyze.
-1. Return to the Azure portal when you've collected and zipped the `authlogs` folder and contents.
+1. Return to the Microsoft Entra admin center when you've collected and zipped the `authlogs` folder and contents.
1. Select **Browse** and choose the zip file you wish to upload. :::image type="content" source="media/troubleshoot-device-windows-joined/devices-troubleshoot-windows-upload.png" alt-text="A screenshot showing how to browse to select the logs gathered in the previous step to allow the troubleshooter to make recommendations." lightbox="media/troubleshoot-device-windows-joined/devices-troubleshoot-windows-upload.png":::
active-directory Clean Up Stale Guest Accounts https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/enterprise-users/clean-up-stale-guest-accounts.md
Use the following instructions to learn how to enhance monitoring of inactive gu
[!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)]
-1. Sign in to the [Azure portal](https://portal.azure.com) and open the [Identity Governance](https://portal.azure.com/#blade/Microsoft_AAD_ERM/DashboardBlade/) page.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com).
+1. Browse to **Identity governance** > **Dashboard**
+1. Access the inactive guest account report by navigating to the **Guest access governance** card then select **View inactive guests**.
+1. You will see the inactive guest report which will provide insights about inactive guest users based on 90 days of inactivity. The threshold is set to 90 days by default but can be configured using "Edit inactivity threshold" based on your organization's needs.
+1. The following insights are provided as part of this report:
-2. Access the inactive guest account report by navigating to "Guest access governance" card and click on "View inactive guests"
-
-3. You will see the inactive guest report which will provide insights about inactive guest users based on 90 days of inactivity. The threshold is set to 90 days by default but can be configured using "Edit inactivity threshold" based on your organization's needs.
-
-4. The following insights are provided as part of this report:
-
- Guest account overview (total guests and inactive guests with further categorization of guests who have never signed in or signed in at least once) - Guest inactivity distribution (Percentage distribution of guest users based on days since last sign in) - Guest inactivity overview (Guest inactivity guidance to configure inactivity threshold) - Guest accounts summary (A tabular view with details of all guest accounts with insights into their activity state. The Activity state could be active or inactive based on the configured inactivity threshold)
-5. The inactive days are calculated based on last sign in date if the user has signed in atleast once. For users who have never signed in, the inactive days are calculated based on creation date.
+1. The inactive days are calculated based on last sign in date if the user has signed in atleast once. For users who have never signed in, the inactive days are calculated based on creation date.
- ### License requirements
+### License requirements
[!INCLUDE [active-directory-entra-governance-license.md](../../../includes/active-directory-entra-governance-license.md)] > [!NOTE]
active-directory Groups Dynamic Rule Validation https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/enterprise-users/groups-dynamic-rule-validation.md
# Validate a dynamic group membership rule (preview) in Microsoft Entra ID
-Microsoft Entra ID, part of Microsoft Entra, now provides the means to validate dynamic group rules (in public preview). On the **Validate rules** tab, you can validate your dynamic rule against sample group members to confirm the rule is working as expected. When you create or update dynamic group rules, you want to know whether a user or a device will be a member of the group. This knowledge helps you evaluate whether a user or device meets the rule criteria and help you troubleshoot when membership isn't expected.
+Microsoft Entra ID provides the means to validate dynamic group rules (in public preview). On the **Validate rules** tab, you can validate your dynamic rule against sample group members to confirm the rule is working as expected. When you create or update dynamic group rules, you want to know whether a user or a device will be a member of the group. This knowledge helps you evaluate whether a user or device meets the rule criteria and help you troubleshoot when membership isn't expected.
## Prerequisites To evaluate the dynamic group rule membership feature, the administrator must have one of the following rules assigned directly: Global Administrator, Groups Administrator, or Intune Administrator.
To evaluate the dynamic group rule membership feature, the administrator must ha
## Step-by-step walk-through
-To get started, go to **Microsoft Entra ID** > **Groups**. Select an existing dynamic group or create a new dynamic group and select **Dynamic membership rules**. You can then see the **Validate Rules** tab.
+To get started, sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Groups Administrator](../roles/permissions-reference.md#groups-administrator).
+
+Browse to **Identity** > **Groups** > **All groups**. Select an existing dynamic group or create a new dynamic group and select **Dynamic membership rules**. You can then see the **Validate Rules** tab.
![Find the Validate rules tab and start with an existing rule](./media/groups-dynamic-rule-validation/validate-tab.png)
active-directory Groups Dynamic Tutorial https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/enterprise-users/groups-dynamic-tutorial.md
First, you'll create a group for your guest users who all are from a single part
Now that you have your new group, you can apply the licenses that these partner users need.
-1. In Microsoft Entra ID, select **Licenses**, select one or more licenses, and then select **Assign**.
+1. In the Microsoft Entra admin center browse to **Identity** > **Billing** > **Licenses** > **All products**, select one or more licenses, and then select **Assign**.
2. Select **Users and groups**, and select the **Guest users Contoso** group, and save your changes. 3. **Assignment options** allow you to turn on or off the service plans included the licenses that you selected. When you make a change, be sure to click **OK** to save your changes. 4. To complete the assignment, on the **Assign license** pane, click **Assign** at the bottom of the pane.
Perhaps your ultimate administrative plan is to assign all of your guest users t
### To remove the guest users group
-1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Global Administrator](../roles/permissions-reference.md#global-administrator).
-1. Select Microsoft Entra ID.
-2. Select **Groups**. Select the **Guest users Contoso** group, select the ellipsis (...), and then select **Delete**. When you delete the group, any assigned licenses are removed.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Groups Administrator](../roles/permissions-reference.md#groups-administrator).
+1. Browse to **Groups** > **All groups**.
+1. Select the **Guest users Contoso** group, select the ellipsis (...), and then select **Delete**. When you delete the group, any assigned licenses are removed.
### To restore the All Users group
-1. Select **Microsoft Entra ID** > **Groups**. Select the name of the **All users** group to open the group.
+1. Select **Identity** > **Groups** > **All groups**. Select the name of the **All users** group to open the group.
1. Select **Dynamic membership rules**, clear all the text in the rule, and select **Save**. ## Next steps
active-directory Groups Quickstart Expiration https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/enterprise-users/groups-quickstart-expiration.md
If you don't have an Azure subscription, [create a free account](https://azure.m
[!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)] 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Global Administrator](../roles/permissions-reference.md#global-administrator).
-1. Select Microsoft Entra ID.
-
-2. Select **Groups** > **All groups** and then select **General**.
+1. Browse to **Identity** > **Groups** > **All groups** and then select **General**.
![Self-service group settings page](./media/groups-quickstart-expiration/self-service-settings.png)
If you don't have an Azure subscription, [create a free account](https://azure.m
## Set group expiration 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Groups Administrator](../roles/permissions-reference.md#groups-administrator).
-1. Select Microsoft Entra ID.
-1. Select **Groups** > **All groups** > **Expiration** to open the expiration settings.
+1. Browse to **Identity** > **Groups** > **All groups** > **Expiration** to open the expiration settings.
![Expiration settings page for group](./media/groups-quickstart-expiration/expiration-settings.png)
That's it! In this quickstart, you successfully set the expiration policy for th
### To remove the expiration policy 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Groups Administrator](../roles/permissions-reference.md#groups-administrator).
-1. Select Microsoft Entra ID.
-1. Select **Groups** > **All groups** > **Expiration**.
+1. Browse to **Identity** > **Groups** > **All groups** > **Expiration**.
1. Set **Enable expiration for these Microsoft 365 groups** to **None**. ### To turn off user creation for groups
-1. Select **Microsoft Entra ID** > **Groups** > **General**.
-2. Set **Users can create Microsoft 365 groups in Azure portals** to **No**.
+1. Browse to **Identity** > **Groups** > **Group settings** > **General**.
+1. Set **Users can create Microsoft 365 groups in Azure portals** to **No**.
## Next steps
active-directory Licensing Groups Resolve Problems https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/enterprise-users/licensing-groups-resolve-problems.md
The following sections give a description of each potential problem and the way
**Problem:** There aren't enough available licenses for one of the products that's specified in the group. You need to either purchase more licenses for the product or free up unused licenses from other users or groups.
-To see how many licenses are available, go to **Microsoft Entra ID** > **Licenses** > **All products**.
+To see how many licenses are available, go to **Identity** > **Billing** > **Licenses** > **All products**.
To see which users and groups are consuming licenses, select a product. Under **Licensed users**, you see a list of all users who have had licenses assigned directly or via one or more groups. Under **Licensed groups**, you see all groups that have that products assigned.
active-directory Claims Mapping https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/external-identities/claims-mapping.md
Microsoft Entra ID supports customizing the claims that are issued in the SAML token for [B2B collaboration](what-is-b2b.md) users. When a user authenticates to the application, Microsoft Entra ID issues a SAML token to the app that contains information (or claims) about the user that uniquely identifies them. By default, this claim includes the user's user name, email address, first name, and last name.
-In the [Azure portal](https://portal.azure.com), you can view or edit the claims that are sent in the SAML token to the application. To access the settings, select **Microsoft Entra ID** > **Enterprise applications** > the application that's configured for single sign-on > **Single sign-on**. See the SAML token settings in the **User Attributes** section.
+In the [Microsoft Entra admin center](https://entra.microsoft.com), you can view or edit the claims that are sent in the SAML token to the application. To access the settings, browse to **Identity** > **Applications** > **Enterprise applications** > the application that's configured for single sign-on > **Single sign-on**. See the SAML token settings in the **User Attributes** section.
:::image type="content" source="media/claims-mapping/view-claims-in-saml-token-attributes.png" alt-text="Screenshot of the SAML token attributes in the UI.":::
active-directory Self Service Sign Up Add Api Connector https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/external-identities/self-service-sign-up-add-api-connector.md
Content-type: application/json
} ```
-Only user properties and custom attributes listed in the **Identity** > **External Identities** > **Custom user attributes** experience are available to be sent in the request.
+Only user properties and custom attributes listed in the **Identity** > **External Identities** > **Overview** > **Custom user attributes** experience are available to be sent in the request.
Custom attributes exist in the **extension_\<extensions-app-id>_AttributeName** format in the directory. Your API should expect to receive claims in this same serialized format. For more information on custom attributes, see [define custom attributes for self-service sign-up flows](user-flow-add-custom-attributes.md).
active-directory User Flow Add Custom Attributes https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/external-identities/user-flow-add-custom-attributes.md
You can create custom attributes in the Microsoft Entra admin center and use the
"extension_831374b3bd5041bfaa54263ec9e050fc_loyaltyNumber": "212342" ```
-The `<extensions-app-id>` is specific to your tenant. To find this identifier, navigate to **Identity** > **App registrations** > **All applications**. Search for the app that starts with `aad-extensions-app` and select it. On the app's Overview page, note the Application (client) ID.
+The `<extensions-app-id>` is specific to your tenant. To find this identifier, navigate to **Identity** > **Applications** > **App registrations** > **All applications**. Search for the app that starts with "aad-extensions-app" and select it. On the app's Overview page, note the Application (client) ID.
## Create a custom attribute
active-directory Custom Security Attributes Troubleshoot https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/fundamentals/custom-security-attributes-troubleshoot.md
## Symptom - Custom security attributes page is disabled
-When signed in to the Azure portal as Global Administrator and you try to access the **Custom security attributes** page, it is disabled.
+When signed in to the [Microsoft Entra admin center](https://entra.microsoft.com) and you try to access the **Custom security attributes** page, it is disabled.
![Custom security attributes page disabled in Azure portal.](./media/custom-security-attributes-troubleshoot/attributes-disabled.png)
Custom security attributes require a Microsoft Entra ID P1 or P2 license.
**Solution**
-Open **Microsoft Entra ID** > **Overview** and check the license for your tenant.
+Browse to **Identity** > **Overview** and check the license for your tenant.
## Symptom - Add attribute set is disabled
-When signed in to the Azure portal as Global Administrator and you try to click the **Custom security attributes** > **Add attribute set** option, it is disabled.
+When signed in to the [Microsoft Entra admin center](https://entra.microsoft.com) and you try to click the **Custom security attributes** > **Add attribute set** option, it is disabled.
![Add attribute set option disabled in Azure portal.](./media/custom-security-attributes-troubleshoot/attribute-set-add-disabled.png)
active-directory Tutorial Prepare User Accounts https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/governance/tutorial-prepare-user-accounts.md
You need to do perform this action for both $UPN_employee and $UPN_manager
After editing the script, save it and follow these steps:
- 1. Open a Windows PowerShell command prompt, with Administrative privileges, from a machine that has access to the Microsoft Entra admin center.
+1. Open a Windows PowerShell command prompt, with Administrative privileges, from a machine that has access to the Microsoft Entra admin center.
1. Navigate to the saved PowerShell script location and run it. 1. If prompted select **Yes to all** when installing the Azure AD PowerShell module. 1. When prompted, sign in to the Microsoft Entra admin center with a global administrator for your tenant.
active-directory Reference Powershell https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/hybrid/cloud-sync/reference-powershell.md
This cmdlet modifies *AADConnectProvisioningAgent.exe.config* to disable verbose
This cmdlet pauses synchronization.
+### Disable-AADCloudSyncToolsDirSyncAccidentalDeletionPrevention
+
+Disables accidentalDeletionPrevention tenant feature
+``` powershell
+Disable-AADCloudSyncToolsDirSyncAccidentalDeletionPrevention -tenantId <TenantId>
+```
+
+This cmdlet requires `TenantId` of the Azure AD tenant. It will verify if Accidental Deletion Prevention feature, set on the tenant with Azure AD Connect (ADSync, not Cloud Sync), is enabled and disables it.
+
+#### Example:
+``` powershell
+Disable-AADCloudSyncToolsDirSyncAccidentalDeletionPrevention -tenantId "340ab039-1234-5678-9012-28fe88f83980"
+```
++ ## Next steps - [What is provisioning?](../what-is-provisioning.md)
active-directory How To Connect Fed Group Claims https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/hybrid/connect/how-to-connect-fed-group-claims.md
After you add a group claim configuration to the **User Attributes & Claims** co
You can also configure group claims in the [optional claims](../../develop/optional-claims.md) section of the [application manifest](../../develop/reference-app-manifest.md).
-1. In the portal, select **Microsoft Entra ID** > **Application Registrations** > **Select Application** > **Manifest**.
+1. In the portal, select **Identity** > **Applications** > **App registrations** > **Select Application** > **Manifest**.
2. Enable group membership claims by changing `groupMembershipClaims`.
active-directory Tshoot Connect Sso https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/hybrid/connect/tshoot-connect-sso.md
This article helps you find troubleshooting information about common problems re
## Check status of feature
-Ensure that the Seamless SSO feature is still **Enabled** on your tenant. You can check the status by going to the **Microsoft Entra ID** > **Microsoft Entra Connect** pane in the [[Microsoft Entra admin center](https://entra.microsoft.com)](https://portal.azure.com/).
+Ensure that the Seamless SSO feature is still **Enabled** on your tenant. You can check the status by going to the **Identity** > **Hybrid management** > **Azure AD Connect** > **Connect Sync** pane in the [[Microsoft Entra admin center](https://entra.microsoft.com)](https://portal.azure.com/).
![Screenshot of the Microsoft Entra admin center: Microsoft Entra Connect pane.](./media/tshoot-connect-sso/sso10.png)
If your tenant has a Microsoft Entra ID P1 or P2 license associated with it, you
![Screenshot of the Microsoft Entra admin center: Sign-ins report.](media/tshoot-connect-sso/sso9.png)
-Browse to **Microsoft Entra ID** > **Sign-ins** in the [[Microsoft Entra admin center](https://entra.microsoft.com)](https://portal.azure.com/), and then select a specific user's sign-in activity. Look for the **SIGN-IN ERROR CODE** field. Map the value of that field to a failure reason and resolution by using the following table:
+Browse to **Identity** > **Monitoring & health** > **Sign-ins** in the [[Microsoft Entra admin center](https://entra.microsoft.com)](https://portal.azure.com/), and then select a specific user's sign-in activity. Look for the **SIGN-IN ERROR CODE** field. Map the value of that field to a failure reason and resolution by using the following table:
|Sign-in error code|Sign-in failure reason|Resolution | | |
active-directory Howto Identity Protection Simulate Risk https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/identity-protection/howto-identity-protection-simulate-risk.md
This risk detection indicates that the application's valid credentials have been
"AadTenantDomain": "XXXX.onmicrosoft.com", "AadTenantId": "99d4947b-XXX-XXXX-9ace-abceab54bcd4", ```
-1. In about 8 hours, you'll be able to view a leaked credential detection under **Microsoft Entra ID** > **Security** > **Risk Detection** > **Workload identity detections** where the additional info will contain the URL of your GitHub commit.
+1. In about 8 hours, you'll be able to view a leaked credential detection under **Protection** > **Identity Protection** > **Risk Detection** > **Workload identity detections** where the additional info will contain the URL of your GitHub commit.
## Testing risk policies
active-directory Manage Application Permissions https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/manage-apps/manage-application-permissions.md
To review an application's permissions that have been granted for the entire org
1. Select the application that you want to restrict access to. 1. Select **Permissions**. 1. To view permissions that apply to your entire organization, select the **Admin consent** tab. To view permissions granted to a specific user or group, select the **User consent** tab.
-1. To view the details of a given permission, select the permission from the list. The **Permission Details** pane opens.
-1. To revoke a given permission, choose the permission you would like to revoke, select the **...** control for that permission, and then choose **Revoke permission**.
+1. To view the details of a given permission, select the permission from the list. The **Permission Details** pane opens.
+ After you've reviewed the permissions granted to an application, you can revoke permissions granted by admins for your entire organization.
+ > [!NOTE]
+ > You can't revoke permissions in the **User consent** tab using the portal. You can revoke these permissions using Microsoft Graph API calls or PowerShell cmdlets. Go to the PowerShell and Microsoft Graph tabs of this article for more information.
+
+To revoke permissions in the **Admin consent** tab:
+
+1. View the list of permissions in the **Admin consent** tab.
+1. Choose the permission you would like to revoke, then select the **...** control for that permission.
+ :::image type="content" source="media/manage-application-permissions/revoke-permissions.png" alt-text="Screenshot shows how to revoke admin consent.":::
+1. Select **Revoke permission**.
:::zone-end
active-directory Tutorial Manage Access Security https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/manage-apps/tutorial-manage-access-security.md
For the application that the administrator added to their tenant, they want to s
1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Cloud Application Administrator](../roles/permissions-reference.md#cloud-application-administrator). 1. Browse to **Identity** > **Applications** > **Enterprise applications**.
-4. Select the application to which you want to grant tenant-wide admin consent.
-5. Under **Security**, select **Permissions**.
-6. Carefully review the permissions that the application requires. If you agree with the permissions the application requires, select **Grant admin consent**.
+1. Select the application to which you want to grant tenant-wide admin consent.
+1. Under **Security**, select **Permissions**.
+1. Carefully review the permissions that the application requires. If you agree with the permissions the application requires, select **Grant admin consent**.
## Create a Conditional Access policy
active-directory Workbook Mfa Gaps https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/reports-monitoring/workbook-mfa-gaps.md
The summary widget provides a detailed look at sign-ins related to multifactor a
* **Number of sign-ins not protected by multi-factor authentication requirement by location:** This widget shows the sign-ins counts that are not protected by MFA requirement in map bubble chart on the world map. ## How to import the workbook
-1. Navigate to **Microsoft Entra ID** > **Monitoring** > **Workbooks**.
+1. Navigate to **Identity** > **Monitoring & health** > **Workbooks**.
1. Select **+ New**. 1. Select the **Advanced Editor** button from the top of the page. A JSON editor opens. ![Screenshot of the Advanced Editor button on the new workbook page.](./media/workbook-mfa-gaps/advanced-editor-button.png)
active-directory Bustle B2b Transport Systems Provisioning Tutorial https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/saas-apps/bustle-b2b-transport-systems-provisioning-tutorial.md
+
+ Title: 'Tutorial: Configure Bustle B2B Transport Systems for automatic user provisioning with Microsoft Entra ID'
+description: Learn how to automatically provision and deprovision user accounts from Microsoft Entra ID to Bustle B2B Transport Systems.
++
+writer: twimmers
+
+ms.assetid: 8bcb45f4-8f3d-4d7a-b2d7-ea7290bbc93b
++++ Last updated : 09/22/2023+++
+# Tutorial: Configure Bustle B2B Transport Systems for automatic user provisioning
+
+This tutorial describes the steps you need to perform in both Bustle B2B Transport Systems and Microsoft Entra ID to configure automatic user provisioning. When configured, Microsoft Entra ID automatically provisions and deprovisions users to [Bustle B2B Transport Systems](https://app.bustle.tech) using the Microsoft Entra provisioning service. For important details on what this service does, how it works, and frequently asked questions, see [Automate user provisioning and deprovisioning to SaaS applications with Microsoft Entra ID](../app-provisioning/user-provisioning.md).
++
+## Supported capabilities
+> [!div class="checklist"]
+> * Create users in Bustle B2B Transport Systems.
+> * Remove users in Bustle B2B Transport Systems when they do not require access anymore.
+> * Keep user attributes synchronized between Microsoft Entra ID and Bustle B2B Transport Systems.
+> * [Single sign-on](../manage-apps/add-application-portal-setup-oidc-sso.md) to Bustle B2B Transport Systems (recommended).
+
+## Prerequisites
+
+The scenario outlined in this tutorial assumes that you already have the following prerequisites:
+
+* [A Microsoft Entra tenant](../develop/quickstart-create-new-tenant.md)
+* A user account in Microsoft Entra ID with [permission](../roles/permissions-reference.md) to configure provisioning (for example, Application Administrator, Cloud Application administrator, Application Owner, or Global Administrator).
+* A user account in Bustle B2B Transport Systems with Admin permissions.
+
+## Step 1: Plan your provisioning deployment
+* Learn about [how the provisioning service works](../app-provisioning/user-provisioning.md).
+* Determine who will be in [scope for provisioning](../app-provisioning/define-conditional-rules-for-provisioning-user-accounts.md).
+* Determine what data to [map between Microsoft Entra ID and Bustle B2B Transport Systems](../app-provisioning/customize-application-attributes.md).
+
+## Step 2: Configure Bustle B2B Transport Systems to support provisioning with Microsoft Entra ID
+Contact Bustle B2B Transport Systems support to configure Bustle B2B Transport Systems to support provisioning with Microsoft Entra ID.
+
+## Step 3: Add Bustle B2B Transport Systems from the Microsoft Entra application gallery
+
+Add Bustle B2B Transport Systems from the Microsoft Entra application gallery to start managing provisioning to Bustle B2B Transport Systems. If you have previously setup Bustle B2B Transport Systems for SSO, you can use the same application. However it's recommended that you create a separate app when testing out the integration initially. Learn more about adding an application from the gallery [here](../manage-apps/add-application-portal.md).
+
+## Step 4: Define who will be in scope for provisioning
+
+The Microsoft Entra provisioning service allows you to scope who will be provisioned based on assignment to the application and or based on attributes of the user. If you choose to scope who will be provisioned to your app based on assignment, you can use the following [steps](../manage-apps/assign-user-or-group-access-portal.md) to assign users to the application. If you choose to scope who will be provisioned based solely on attributes of the user, you can use a scoping filter as described [here](../app-provisioning/define-conditional-rules-for-provisioning-user-accounts.md).
+
+* Start small. Test with a small set of users before rolling out to everyone. When scope for provisioning is set to assigned users, you can control this by assigning one or two users to the app. When scope is set to all users, you can specify an [attribute based scoping filter](../app-provisioning/define-conditional-rules-for-provisioning-user-accounts.md).
+
+* If you need more roles, you can [update the application manifest](../develop/howto-add-app-roles-in-azure-ad-apps.md) to add new roles.
++
+## Step 5: Configure automatic user provisioning to Bustle B2B Transport Systems
+
+This section guides you through the steps to configure the Microsoft Entra provisioning service to create, update, and disable users in TestApp based on user assignments in Microsoft Entra ID.
+
+<a name='to-configure-automatic-user-provisioning-for-Bustle B2B Transport Systems-in-azure-ad'></a>
+
+### To configure automatic user provisioning for Bustle B2B Transport Systems in Microsoft Entra ID:
+
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Cloud Application Administrator](../roles/permissions-reference.md#cloud-application-administrator).
+1. Browse to **Identity** > **Applications** > **Enterprise applications**
+
+ ![Screenshot of Enterprise applications blade.](common/enterprise-applications.png)
+
+1. In the applications list, select **Bustle B2B Transport Systems**.
+
+ ![Screenshot of the Bustle B2B Transport Systems link in the Applications list.](common/all-applications.png)
+
+1. Select the **Provisioning** tab.
+
+ ![Screenshot of Provisioning tab.](common/provisioning.png)
+
+1. Set the **Provisioning Mode** to **Automatic**.
+
+ ![Screenshot of Provisioning tab automatic.](common/provisioning-automatic.png)
+
+1. Under the **Admin Credentials** section, input your Bustle B2B Transport Systems Tenant URL and Secret Token. Click **Test Connection** to ensure Microsoft Entra ID can connect to Bustle B2B Transport Systems. If the connection fails, ensure your Bustle B2B Transport Systems account has Admin permissions and try again.
+
+ ![Screenshot of Token.](common/provisioning-testconnection-tenanturltoken.png)
+
+1. In the **Notification Email** field, enter the email address of a person who should receive the provisioning error notifications and select the **Send an email notification when a failure occurs** check box.
+
+ ![Screenshot of Notification Email.](common/provisioning-notification-email.png)
+
+1. Select **Save**.
+
+1. Under the **Mappings** section, select **Synchronize Microsoft Entra users to Bustle B2B Transport Systems**.
+
+1. Review the user attributes that are synchronized from Microsoft Entra ID to Bustle B2B Transport Systems in the **Attribute-Mapping** section. The attributes selected as **Matching** properties are used to match the user accounts in Bustle B2B Transport Systems for update operations. If you choose to change the [matching target attribute](../app-provisioning/customize-application-attributes.md), you need to ensure that the Bustle B2B Transport Systems API supports filtering users based on that attribute. Select the **Save** button to commit any changes.
+
+ |Attribute|Type|Supported for filtering|Required by Bustle B2B Transport Systems|
+ |||||
+ |userName|String|&check;|&check;
+ |active|Boolean||
+ |emails[type eq "work"].value|String||&check;
+ |name.givenName|String||&check;
+ |name.familyName|String||&check;
+ |phoneNumbers[type eq "work"].value|String||&check;
+ |externalId|String||&check;
+
+1. To configure scoping filters, refer to the following instructions provided in the [Scoping filter tutorial](../app-provisioning/define-conditional-rules-for-provisioning-user-accounts.md).
+
+1. To enable the Microsoft Entra provisioning service for Bustle B2B Transport Systems, change the **Provisioning Status** to **On** in the **Settings** section.
+
+ ![Screenshot of Provisioning Status Toggled On.](common/provisioning-toggle-on.png)
+
+1. Define the users that you would like to provision to Bustle B2B Transport Systems by choosing the desired values in **Scope** in the **Settings** section.
+
+ ![Screenshot of Provisioning Scope.](common/provisioning-scope.png)
+
+1. When you're ready to provision, click **Save**.
+
+ ![Screenshot of Saving Provisioning Configuration.](common/provisioning-configuration-save.png)
+
+This operation starts the initial synchronization cycle of all users defined in **Scope** in the **Settings** section. The initial cycle takes longer to perform than subsequent cycles, which occur approximately every 40 minutes as long as the Microsoft Entra provisioning service is running.
+
+## Step 6: Monitor your deployment
+Once you've configured provisioning, use the following resources to monitor your deployment:
+
+* Use the [provisioning logs](../reports-monitoring/concept-provisioning-logs.md) to determine which users have been provisioned successfully or unsuccessfully
+* Check the [progress bar](../app-provisioning/application-provisioning-when-will-provisioning-finish-specific-user.md) to see the status of the provisioning cycle and how close it's to completion
+* If the provisioning configuration seems to be in an unhealthy state, the application goes into quarantine. Learn more about quarantine states [here](../app-provisioning/application-provisioning-quarantine-status.md).
+
+## More resources
+
+* [Managing user account provisioning for Enterprise Apps](../app-provisioning/configure-automatic-user-provisioning-portal.md)
+* [What is application access and single sign-on with Microsoft Entra ID?](../manage-apps/what-is-single-sign-on.md)
+
+## Next steps
+
+* [Learn how to review logs and get reports on provisioning activity](../app-provisioning/check-status-user-account-provisioning.md)
active-directory Presentation Request Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/verifiable-credentials/presentation-request-api.md
The following example demonstrates a callback payload after the verifiable crede
}, "domainValidation": { "url": "https://contoso.com/"
- }
+ },
+ "issuanceDate": "yyyy-MM-ddTHH:mm:ssZ",
+ "expirationDate": "yyyy-MM-ddTHH:mm:ssZ"
} ], "receipt": {
active-directory Whats New https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/verifiable-credentials/whats-new.md
This article lists the latest features, improvements, and changes in the Microsoft Entra Verified ID service.
+## September 2023
+
+Verified ID is retiring old Request Service API endpoints that were available before Verified ID was General Available. These APIs should not have been used since GA in August 2022, but if they are used in your app, you need to migrate. The API endpoints being retired are:
+
+```http
+POST https://verifiedid.did.msidentity.com/v1.0/:tenant/verifiablecredentials/request
+GET https://verifiedid.did.msidentity.com/v1.0/:tenant/verifiablecredentials/request/:requestId
+POST https://verifiedid.did.msidentity.com/v1.0/:tenant/verifiablecredentials/present
+POST https://verifiedid.did.msidentity.com/v1.0/:tenant/verifiablecredentials/issuance
+```
+
+The first API was for creating an issuance or presentation request. The second API was for retrieving a request and the last two APIs was for a wallet completing issuance or presentation. The API endpoints to use since preview are the following.
+
+```http
+POST https://verifiedid.did.msidentity.com/v1.0/:tenant/verifiablecredentials/createPresentationRequest
+POST https://verifiedid.did.msidentity.com/v1.0/:tenant/verifiablecredentials/createIssuanceRequest
+GET https://verifiedid.did.msidentity.com/v1.0/:tenant/verifiablecredentials/presentationRequests/:requestId
+POST https://verifiedid.did.msidentity.com/v1.0/:tenant/verifiablecredentials/completeIssuance
+POST https://verifiedid.did.msidentity.com/v1.0/:tenant/verifiablecredentials/verifyPresentation
+```
+
+Please note that the `/request` API is split into two depending on if you are creating an issuance or presentation request.
+
+The retired API endpoints will not work after October 2023, 2023.
+
+## August 2023
+
+The `presentation_verified` callback from the Request Service API now returns when a Verified ID credential was issued and when it expires. Business rules can use these values to see the time windoww of when the presented Verified ID credential is valid. An example of this is that it expires in an hour while the business required in needs to be valid until the end of the day.
+ ## June 2023 Tutorial for getting started with the Wallet Library demo on Android and iOS available [here](using-wallet-library.md).
ai-services Batch Inference https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/How-to/batch-inference.md
description: Trigger batch inference with trained model
--+ Last updated 11/01/2022
ai-services Create Resource https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/How-to/create-resource.md
description: Create an Anomaly Detector resource
--+ Last updated 11/01/2022
ai-services Deploy Anomaly Detection On Container Instances https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/How-to/deploy-anomaly-detection-on-container-instances.md
description: Deploy the Anomaly Detector container to an Azure Container Instanc
--+ Last updated 04/01/2020
ai-services Deploy Anomaly Detection On Iot Edge https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/How-to/deploy-anomaly-detection-on-iot-edge.md
description: Deploy the Anomaly Detector module to IoT Edge.
--+ Last updated 12/03/2020
ai-services Identify Anomalies https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/How-to/identify-anomalies.md
description: Learn how to detect anomalies in your data either as a batch, or on
--+ Last updated 10/01/2019
ai-services Postman https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/How-to/postman.md
description: Learn how to detect anomalies in your data either as a batch, or on
--+ Last updated 12/20/2022
ai-services Prepare Data https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/How-to/prepare-data.md
description: Prepare your data and upload to Storage Account
--+ Last updated 11/01/2022
ai-services Streaming Inference https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/How-to/streaming-inference.md
description: Streaming inference with trained model
--+ Last updated 11/01/2022
ai-services Train Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/How-to/train-model.md
description: Train a Multivariate Anomaly Detection model
--+ Last updated 11/01/2022
ai-services Anomaly Detector Container Configuration https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/anomaly-detector-container-configuration.md
description: The Anomaly Detector API container runtime environment is configure
--+ Last updated 05/07/2020
ai-services Anomaly Detector Container Howto https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/anomaly-detector-container-howto.md
description: Use the Anomaly Detector API's algorithms to find anomalies in your
--+ Last updated 01/27/2023
ai-services Anomaly Detection Best Practices https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/concepts/anomaly-detection-best-practices.md
description: Learn about best practices when detecting anomalies with the Anomal
--+ Last updated 01/22/2021
ai-services Best Practices Multivariate https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/concepts/best-practices-multivariate.md
description: Best practices for using the Anomaly Detector Multivariate API's to
--+ Last updated 06/07/2022
ai-services Multivariate Architecture https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/concepts/multivariate-architecture.md
description: Reference architecture for using the Anomaly Detector Multivariate
--+ Last updated 12/15/2022
ai-services Troubleshoot https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/concepts/troubleshoot.md
description: Learn how to remediate common error codes when you use the Azure AI
--+ Last updated 04/01/2021
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/overview.md
description: Use the Anomaly Detector API's algorithms to apply anomaly detectio
--+ Last updated 10/27/2022
ai-services Client Libraries Multivariate https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/quickstarts/client-libraries-multivariate.md
zone_pivot_groups: anomaly-detector-quickstart-multivariate--+ Last updated 10/27/2022
ai-services Client Libraries https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/quickstarts/client-libraries.md
zone_pivot_groups: anomaly-detector-quickstart--+ Last updated 10/27/2022
ai-services Regions https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/regions.md
description: A list of available regions and endpoints for the Anomaly Detector
--+ Last updated 11/1/2022
ai-services Service Limits https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/service-limits.md
description: Service limits for Anomaly Detector service, including Univariate A
--+ Last updated 1/31/2023
ai-services Azure Data Explorer https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/tutorials/azure-data-explorer.md
description: Learn how to use the Univariate Anomaly Detector with Azure Data Ex
--+ Last updated 12/19/2022
ai-services Batch Anomaly Detection Powerbi https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/tutorials/batch-anomaly-detection-powerbi.md
description: Learn how to use the Anomaly Detector API and Power BI to visualize
--+ Last updated 09/10/2020
ai-services Multivariate Anomaly Detection Synapse https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/tutorials/multivariate-anomaly-detection-synapse.md
description: Learn how to use the Multivariate Anomaly Detector with Azure Synap
--+ Last updated 08/03/2022
ai-services Whats New https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/Anomaly-Detector/whats-new.md
Title: What's New - Anomaly Detector description: This article is regularly updated with news about the Azure AI Anomaly Detector.--+
ai-services Category Taxonomy https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/Category-Taxonomy.md
--+ Last updated 04/17/2019
ai-services Build Enrollment App https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/Tutorials/build-enrollment-app.md
description: Learn how to set up your development environment and deploy a Face
--++ Last updated 11/17/2020
ai-services Storage Lab Tutorial https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/Tutorials/storage-lab-tutorial.md
description: In this tutorial, you'll learn how to integrate the Azure AI Vision
--+ Last updated 12/29/2022
ai-services Computer Vision How To Install Containers https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/computer-vision-how-to-install-containers.md
description: Use the Read 3.2 OCR containers from Azure AI Vision to extract tex
--+ Last updated 08/29/2023
ai-services Computer Vision Resource Container Config https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/computer-vision-resource-container-config.md
description: This article shows you how to configure both required and optional
--+ Last updated 04/09/2021
ai-services Concept Background Removal https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-background-removal.md
--+ Last updated 03/02/2023
ai-services Concept Brand Detection https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-brand-detection.md
--+ Last updated 07/05/2022
ai-services Concept Categorizing Images https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-categorizing-images.md
--+ Last updated 07/05/2022
ai-services Concept Describe Images 40 https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-describe-images-40.md
--+ Last updated 01/24/2023
ai-services Concept Describing Images https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-describing-images.md
--+ Last updated 07/04/2023
ai-services Concept Detecting Adult Content https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-detecting-adult-content.md
--+ Last updated 12/27/2022
ai-services Concept Detecting Color Schemes https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-detecting-color-schemes.md
--+ Last updated 11/17/2021
ai-services Concept Detecting Domain Content https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-detecting-domain-content.md
--+ Last updated 02/08/2019
ai-services Concept Detecting Faces https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-detecting-faces.md
--+ Last updated 12/27/2022
ai-services Concept Detecting Image Types https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-detecting-image-types.md
--+ Last updated 03/11/2019
ai-services Concept Face Detection https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-face-detection.md
--++ Last updated 07/04/2023
ai-services Concept Face Recognition https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-face-recognition.md
--++ Last updated 12/27/2022
ai-services Concept Generate Thumbnails 40 https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-generate-thumbnails-40.md
--+ Last updated 01/24/2023
ai-services Concept Generating Thumbnails https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-generating-thumbnails.md
--+ Last updated 11/09/2022
ai-services Concept Image Retrieval https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-image-retrieval.md
--+ Last updated 03/06/2023
ai-services Concept Model Customization https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-model-customization.md
--+ Last updated 02/06/2023
ai-services Concept Object Detection 40 https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-object-detection-40.md
--+ Last updated 01/24/2023
ai-services Concept Object Detection https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-object-detection.md
--+ Last updated 11/03/2022
ai-services Concept Ocr https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-ocr.md
description: Extract text from in-the-wild and non-document images with a fast a
--+ Last updated 07/04/2023
ai-services Concept People Detection https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-people-detection.md
--+ Last updated 09/12/2022
ai-services Concept Shelf Analysis https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-shelf-analysis.md
--+ Last updated 05/03/2023
ai-services Concept Tag Images 40 https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-tag-images-40.md
--+ Last updated 01/24/2023
ai-services Concept Tagging Images https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/concept-tagging-images.md
--+ Last updated 09/20/2022
ai-services Deploy Computer Vision On Premises https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/deploy-computer-vision-on-premises.md
description: Learn how to deploy the Azure AI Vision container using Kubernetes
--+ Last updated 05/09/2022
ai-services Enrollment Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/enrollment-overview.md
description: Learn about the process of Face enrollment to register users in a f
--++ Last updated 09/27/2021
ai-services Add Faces https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/add-faces.md
description: This guide demonstrates how to add a large number of persons and fa
--++ Last updated 04/10/2019
ai-services Analyze Video https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/analyze-video.md
--+ Last updated 07/05/2022 ms.devlang: csharp
ai-services Background Removal https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/background-removal.md
--+ Last updated 03/03/2023
ai-services Blob Storage Search https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/blob-storage-search.md
--+ Last updated 03/06/2023
ai-services Call Analyze Image 40 https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/call-analyze-image-40.md
--+ Last updated 08/01/2023
ai-services Call Analyze Image https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/call-analyze-image.md
--+ Last updated 12/27/2022
ai-services Call Read Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/call-read-api.md
--+ Last updated 11/03/2022
ai-services Find Similar Faces https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/find-similar-faces.md
--++ Last updated 11/07/2022
ai-services Generate Thumbnail https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/generate-thumbnail.md
--+ Last updated 07/20/2022
ai-services Identity Access Token https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/identity-access-token.md
--++ Last updated 05/11/2023
ai-services Identity Detect Faces https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/identity-detect-faces.md
--++ Last updated 12/27/2022
ai-services Image Retrieval https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/image-retrieval.md
--+ Last updated 02/21/2023
ai-services Migrate Face Data https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/migrate-face-data.md
description: This guide shows you how to migrate your stored face data from one
--+ Last updated 02/22/2021
ai-services Shelf Analyze https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/shelf-analyze.md
description: Use the Product Understanding API to analyze a shelf image and receive rich product data. --+ Last updated 04/26/2023
ai-services Shelf Model Customization https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/shelf-model-customization.md
description: Learn how to use the Image Analysis model customization feature to
--+ Last updated 05/02/2023
ai-services Shelf Modify Images https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/shelf-modify-images.md
description: Use the stitching and rectification APIs to prepare organic photos of retail shelves for accurate image analysis. --+ Last updated 07/10/2023
ai-services Shelf Planogram https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/shelf-planogram.md
description: Learn how to use the Planogram Matching API to check that a retail shelf in a photo matches its planogram layout. --+ Last updated 05/02/2023
ai-services Specify Detection Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/specify-detection-model.md
--++ Last updated 03/05/2021
ai-services Specify Recognition Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/specify-recognition-model.md
description: This article will show you how to choose which recognition model to
--+ Last updated 03/05/2021
ai-services Use Headpose https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/use-headpose.md
description: Learn how to use the HeadPose attribute to automatically rotate the
--++ Last updated 02/23/2021
ai-services Use Large Scale https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/use-large-scale.md
--++ Last updated 05/01/2019
ai-services Use Persondirectory https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/how-to/use-persondirectory.md
--++ Last updated 07/20/2022
ai-services Identity Api Reference https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/identity-api-reference.md
--++ Last updated 02/17/2021
ai-services Identity Encrypt Data At Rest https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/identity-encrypt-data-at-rest.md
description: Microsoft offers Microsoft-managed encryption keys, and also lets y
--++ Last updated 08/28/2020
ai-services Intro To Spatial Analysis Public Preview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/intro-to-spatial-analysis-public-preview.md
--+ Last updated 12/27/2022
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/language-support.md
description: This article provides a list of natural languages supported by Azur
--+ Last updated 12/27/2022
ai-services Overview Identity https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/overview-identity.md
description: The Azure AI Face service provides AI algorithms that you use to de
--++ Last updated 07/04/2023
ai-services Overview Image Analysis https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/overview-image-analysis.md
description: The Image Analysis service uses pretrained AI models to extract man
--+ Last updated 07/04/2023
ai-services Overview Ocr https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/overview-ocr.md
--+ Last updated 07/04/2023
ai-services Overview Vision Studio https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/overview-vision-studio.md
description: Learn how to set up and use Vision Studio to test features of Azure
--+ Last updated 12/27/2022
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/overview.md
--+ Last updated 07/04/2023
ai-services Client Library https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/quickstarts-sdk/client-library.md
description: Learn how to use Optical character recognition (OCR) in your applic
--+ Last updated 08/07/2023
ai-services Identity Client Library https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/quickstarts-sdk/identity-client-library.md
zone_pivot_groups: programming-languages-set-face--++ Last updated 07/04/2023
ai-services Image Analysis Client Library 40 https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/quickstarts-sdk/image-analysis-client-library-40.md
description: Learn how to tag images in your application using Image Analysis 4.
--+ Last updated 01/24/2023
ai-services Image Analysis Client Library https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/quickstarts-sdk/image-analysis-client-library.md
description: Learn how to tag images in your application using Image Analysis th
--+ Last updated 12/27/2022
ai-services Read Container Migration Guide https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/read-container-migration-guide.md
description: Learn how to migrate to the v3 Read OCR containers
--+ Last updated 09/28/2021
ai-services Spatial Analysis Camera Placement https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/spatial-analysis-camera-placement.md
description: Learn how to set up a camera for use with Spatial Analysis
--+ Last updated 06/08/2021
ai-services Spatial Analysis Container https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/spatial-analysis-container.md
description: The Spatial Analysis container lets you can detect people and dista
--+ Last updated 12/27/2022
ai-services Spatial Analysis Local https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/spatial-analysis-local.md
description: Use this guide to learn how to run Spatial Analysis on a recorded l
--+ Last updated 06/28/2022
ai-services Spatial Analysis Logging https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/spatial-analysis-logging.md
description: Spatial Analysis provides each container with a common configuratio
--+ Last updated 06/08/2021
ai-services Spatial Analysis Operations https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/spatial-analysis-operations.md
description: The Spatial Analysis operations.
--+ Last updated 02/02/2022
ai-services Spatial Analysis Web App https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/spatial-analysis-web-app.md
description: Learn how to use Spatial Analysis in a web application.
--+ Last updated 06/08/2021
ai-services Spatial Analysis Zone Line Placement https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/spatial-analysis-zone-line-placement.md
description: Learn how to set up zones and lines with Spatial Analysis
--+ Last updated 06/08/2021
ai-services Upgrade Api Versions https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/upgrade-api-versions.md
--+ Last updated 08/11/2020
ai-services Use Case Alt Text https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/use-case-alt-text.md
--+ Last updated 03/17/2023
ai-services Use Case Dwell Time https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/use-case-dwell-time.md
--+ Last updated 07/22/2022
ai-services Use Case Identity Verification https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/use-case-identity-verification.md
--+ Last updated 07/22/2022
ai-services Use Case Queue Time https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/use-case-queue-time.md
--+ Last updated 07/22/2022
ai-services Vehicle Analysis https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/vehicle-analysis.md
description: Vehicle analysis provides each container with a common configuratio
--+ Last updated 11/07/2022
ai-services Whats New https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/computer-vision/whats-new.md
description: Stay up to date on recent releases and updates to Azure AI Vision.
--+ Last updated 12/27/2022
ai-services Azure Kubernetes Recipe https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/containers/azure-kubernetes-recipe.md
description: Deploy the language detection container, with a running sample, to
--+ Last updated 01/10/2022
ai-services Api Reference https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/api-reference.md
description: Learn about the content moderation APIs for Content Moderator.
--+ Last updated 05/29/2019
ai-services Client Libraries https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/client-libraries.md
zone_pivot_groups: programming-languages-set-conmod--+ Last updated 09/28/2021
ai-services Encrypt Data At Rest https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/encrypt-data-at-rest.md
description: Content Moderator encryption of data at rest. --+ Last updated 03/13/2020
ai-services Export Delete Data https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/export-delete-data.md
description: You have full control over your data. Learn how to view, export or
--+ Last updated 02/07/2019
ai-services Image Lists Quickstart Dotnet https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/image-lists-quickstart-dotnet.md
description: How to moderate images with custom image lists using the Content Mo
--+ Last updated 10/24/2019
ai-services Image Moderation Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/image-moderation-api.md
description: Use Content Moderator's machine-assisted image moderation to modera
--+ Last updated 10/27/2021
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/language-support.md
description: This is a list of natural languages that the Content Moderator API
--+ Last updated 10/27/2021
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/overview.md
description: Learn how to use Content Moderator to track, flag, assess, and filt
--+ Last updated 11/06/2021
ai-services Samples Dotnet https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/samples-dotnet.md
description: Learn how to use Content Moderator in your .NET applications throug
--+ Last updated 10/27/2021
ai-services Samples Rest https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/samples-rest.md
description: Use Content Moderator feature based samples in your applications th
--+ Last updated 01/10/2019
ai-services Term Lists Quickstart Dotnet https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/term-lists-quickstart-dotnet.md
description: How to moderate text with custom term lists using the Content Moder
--+ Last updated 10/24/2019
ai-services Text Moderation Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/text-moderation-api.md
description: Use text moderation for possible unwanted text, personal data, and
--+ Last updated 10/27/2021
ai-services Try Image Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/try-image-api.md
description: Use the Image Moderation API in Azure AI Content Moderator to scan
--+ Last updated 01/10/2019
ai-services Try Image List Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/try-image-list-api.md
description: You use the List Management API in Azure AI Content Moderator to cr
--+ Last updated 01/10/2019
ai-services Try Terms List Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/try-terms-list-api.md
description: Use the List Management API to create custom lists of terms to use
--+ Last updated 01/10/2019
ai-services Try Text Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/try-text-api.md
--+ Last updated 10/27/2021
ai-services Video Moderation Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-moderator/video-moderation-api.md
description: How to analyze video content for various objectionable material usi
--+ Last updated 10/27/2021
ai-services Harm Categories https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-safety/concepts/harm-categories.md
description: Learn about the different content moderation flags and severity lev
--+ Last updated 04/06/2023
ai-services Response Codes https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-safety/concepts/response-codes.md
description: See the possible error codes for the Content Safety APIs.
--+ Last updated 05/09/2023
ai-services Encrypt Data At Rest https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-safety/how-to/encrypt-data-at-rest.md
description: Learn how Azure AI Content Safety encrypts your data when it's pers
--+ Last updated 07/04/2023
ai-services Use Blocklist https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-safety/how-to/use-blocklist.md
description: Learn how to customize text moderation in Content Safety by using y
--+ Last updated 07/20/2023
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-safety/language-support.md
description: This is a list of natural languages that the Content Safety API sup
--+ Last updated 08/01/2023
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-safety/overview.md
description: Learn how to use Content Safety to track, flag, assess, and filter
--+ Last updated 07/18/2023
ai-services Quickstart Image https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-safety/quickstart-image.md
description: Get started using Content Safety to analyze image content for objec
--+ Last updated 05/08/2023
ai-services Quickstart Text https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-safety/quickstart-text.md
description: Get started using Content Safety to analyze image and text content
--+ Last updated 07/18/2023
ai-services Studio Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-safety/studio-quickstart.md
description: In this quickstart, get started with the Content Safety service usi
--+ Last updated 04/27/2023
ai-services Whats New https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/content-safety/whats-new.md
description: Stay up to date on recent releases and updates to Azure AI Content
--+ Last updated 04/07/2023
ai-services Copy Move Projects https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/copy-move-projects.md
description: Learn how to use the ExportProject and ImportProject APIs to copy and back up your Custom Vision projects. --+ Last updated 01/20/2022
ai-services Custom Vision Onnx Windows Ml https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/custom-vision-onnx-windows-ml.md
--+ Last updated 04/29/2020
ai-services Encrypt Data At Rest https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/encrypt-data-at-rest.md
description: Microsoft offers Microsoft-managed encryption keys, and also lets y
--+ Last updated 08/28/2020
ai-services Export Delete Data https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/export-delete-data.md
--+ Last updated 03/21/2019
ai-services Export Model Python https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/export-model-python.md
--+ Last updated 07/05/2022
ai-services Export Programmatically https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/export-programmatically.md
--+ Last updated 06/28/2021
ai-services Export Your Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/export-your-model.md
--+ Last updated 07/05/2022
ai-services Get Started Build Detector https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/get-started-build-detector.md
description: In this quickstart, you'll learn how to use the Custom Vision websi
--+ Last updated 12/27/2022
ai-services Getting Started Build A Classifier https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/getting-started-build-a-classifier.md
description: In this quickstart, you'll learn how to use the Custom Vision web p
--+ Last updated 11/03/2022
ai-services Getting Started Improving Your Classifier https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/getting-started-improving-your-classifier.md
--+ Last updated 07/05/2022
ai-services Iot Visual Alerts Tutorial https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/iot-visual-alerts-tutorial.md
--+ Last updated 11/23/2020
ai-services Limits And Quotas https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/limits-and-quotas.md
--+ Last updated 07/05/2022
ai-services Logo Detector Mobile https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/logo-detector-mobile.md
description: In this tutorial, you will step through a sample app that uses Cust
--+ Last updated 07/04/2023
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/overview.md
--+ Last updated 07/04/2023
ai-services Image Classification https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/quickstarts/image-classification.md
description: "Quickstart: Create an image classification project, add tags, upload images, train your project, and make a prediction using the Custom Vision client library or the REST API" --+ Last updated 11/03/2022 ms.devlang: csharp, golang, java, javascript, python
ai-services Object Detection https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/quickstarts/object-detection.md
description: "Quickstart: Create an object detection project, add custom tags, upload images, train the model, and detect objects in images using the Custom Vision client library." --+ Last updated 11/03/2022 ms.devlang: csharp, golang, java, javascript, python
ai-services Release Notes https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/release-notes.md
--+ Last updated 04/03/2019
ai-services Role Based Access Control https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/role-based-access-control.md
description: This article will show you how to configure Azure role-based access control for your Custom Vision projects. --+ Last updated 09/11/2020
ai-services Select Domain https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/select-domain.md
description: This article will show you how to select a domain for your project
--+ Last updated 06/13/2022
ai-services Storage Integration https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/storage-integration.md
description: Learn how to integrate Azure storage to receive push notifications when you train or export Custom Vision models. You can also save a backup of exported models. --+ Last updated 06/25/2021
ai-services Suggested Tags https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/suggested-tags.md
--+ Last updated 12/27/2022
ai-services Test Your Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/test-your-model.md
--+ Last updated 07/05/2022
ai-services Update Application To 3.0 Sdk https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/update-application-to-3.0-sdk.md
--+ Last updated 12/27/2022
ai-services Use Prediction Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/use-prediction-api.md
description: Learn how to use the API to programmatically test images with your Custom Vision Service classifier. --+ Last updated 12/27/2022
ai-services Whats New https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/custom-vision-service/whats-new.md
description: This article contains news about Custom Vision.
--+ Last updated 09/27/2021
ai-services Changelog Release History https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/changelog-release-history.md
description: A version-based description of Document Intelligence feature and capability releases, changes, enhancements, and updates. --+ Last updated 08/17/2023
ai-services Choose Model Feature https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/choose-model-feature.md
description: Choose the best Document Intelligence model to meet your needs. --+ Last updated 07/18/2023
ai-services Concept Accuracy Confidence https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-accuracy-confidence.md
description: Best practices to interpret the accuracy score from the train model operation and the confidence score from analysis operations. --+ Last updated 07/18/2023
ai-services Concept Add On Capabilities https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-add-on-capabilities.md
description: How to increase service limit capacity with add-on capabilities. --+ Last updated 08/25/2023
ai-services Concept Analyze Document Response https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-analyze-document-response.md
description: Description of the different objects returned as part of the analyze document response and how to use the document analysis response in your applications. --+ Last updated 07/18/2023
ai-services Concept Business Card https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-business-card.md
description: OCR and machine learning based business card scanning in Document Intelligence extracts key data from business cards. --+ Last updated 07/18/2023
ai-services Concept Composed Models https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-composed-models.md
description: Compose several custom models into a single model for easier data extraction from groups of distinct form types. --+ Last updated 07/18/2023
ai-services Concept Contract https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-contract.md
description: Automate tax document data extraction with Document Intelligence's tax document models. --+ Last updated 09/20/2023
ai-services Concept Custom Classifier https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-custom-classifier.md
description: Use the custom classification model to train a model to identify and split the documents you process within your application. --+ Last updated 07/18/2023
ai-services Concept Custom Label Tips https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-custom-label-tips.md
description: Label tips and tricks for Document Intelligence Studio --+ Last updated 07/18/2023
ai-services Concept Custom Label https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-custom-label.md
description: Label documents in the Studio to create a training dataset. Labeling guidelines aimed at training a model with high accuracy --+ Last updated 07/18/2023
ai-services Concept Custom Lifecycle https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-custom-lifecycle.md
description: Document Intelligence custom model lifecycle and management guide. --+ Last updated 07/24/2023
ai-services Concept Custom Neural https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-custom-neural.md
description: Use the custom neural document model to train a model to extract data from structured, semistructured, and unstructured documents. --+ Last updated 07/18/2023
ai-services Concept Custom Template https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-custom-template.md
description: Use the custom template document model to train a model to extract data from structured or templated forms. --+ Last updated 07/18/2023
ai-services Concept Custom https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-custom.md
description: Label and train customized models for your documents and compose multiple models into a single model identifier. --+ Last updated 07/18/2023
ai-services Concept Document Intelligence Studio https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-document-intelligence-studio.md
description: "Concept: Form and document processing, data extraction, and analysis using Document Intelligence Studio " --+ Last updated 07/18/2023
ai-services Concept General Document https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-general-document.md
description: Extract key-value pairs, tables, selection marks, and text from your documents with Document Intelligence --+ Last updated 07/18/2023
ai-services Concept Health Insurance Card https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-health-insurance-card.md
description: Data extraction and analysis extraction using the health insurance card model --+ Last updated 07/18/2023
ai-services Concept Id Document https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-id-document.md
description: Automate identity document (ID) processing of driver licenses, passports, and more with Document Intelligence. --+ Last updated 07/18/2023
ai-services Concept Invoice https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-invoice.md
description: Automate invoice data extraction with Document Intelligence's invoice model to extract accounts payable data including invoice line items. --+ Last updated 08/10/2023
ai-services Concept Layout https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-layout.md
description: Extract text, tables, selections, titles, section headings, page headers, page footers, and more with layout analysis model from Document Intelligence. --+ Last updated 07/18/2023
ai-services Concept Model Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-model-overview.md
description: Document processing models for OCR, document layout, invoices, identity, custom models, and more to extract text, structure, and key-value pairs. --+ Last updated 09/20/2023
ai-services Concept Query Fields https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-query-fields.md
description: Use Document Intelligence to extract query field data. --+ Last updated 07/18/2023
ai-services Concept Read https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-read.md
description: Extract print and handwritten text from scanned and digital documents with Document Intelligence's Read OCR model. --+ Last updated 07/18/2023
ai-services Concept Receipt https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-receipt.md
description: Use machine learning powered receipt data extraction model to digitize receipts. --+ Last updated 07/18/2023
ai-services Concept Tax Document https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/concept-tax-document.md
description: Automate tax document data extraction with Document Intelligence's tax document models --+ Last updated 07/18/2023
ai-services Configuration https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/containers/configuration.md
description: Learn how to configure the Document Intelligence container to parse form and table data. --+ Last updated 07/18/2023
ai-services Disconnected https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/containers/disconnected.md
Title: Use Document Intelligence (formerly Form Recognizer) containers in disconnected environments description: Learn how to run Cognitive Services Docker containers disconnected from the internet.--+
ai-services Image Tags https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/containers/image-tags.md
description: A listing of all Document Intelligence container image tags. --+ Last updated 07/18/2023
ai-services Install Run https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/containers/install-run.md
description: Use the Docker containers for Document Intelligence on-premises to identify and extract key-value pairs, selection marks, tables, and structure from forms and documents. --+ Last updated 07/18/2023
ai-services Create Document Intelligence Resource https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/create-document-intelligence-resource.md
description: Create a Document Intelligence resource in the Azure portal --+ Last updated 07/18/2023
ai-services Create Sas Tokens https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/create-sas-tokens.md
description: How to create Shared Access Signature tokens (SAS) for containers a
--+ Last updated 07/18/2023 monikerRange: '<=doc-intel-3.1.0'
ai-services Deploy Label Tool https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/deploy-label-tool.md
description: Learn the different ways you can deploy the Document Intelligence Sample Labeling tool to help with supervised learning. --+ Last updated 07/18/2023
ai-services Disaster Recovery https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/disaster-recovery.md
description: Learn how to use the copy model API to back up your Document Intelligence resources. --+ Last updated 07/18/2023
ai-services Encrypt Data At Rest https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/encrypt-data-at-rest.md
description: Microsoft offers Microsoft-managed encryption keys, and also lets you manage your Azure AI services subscriptions with your own keys, called customer-managed keys (CMK). This article covers data encryption at rest for Document Intelligence, and how to enable and manage CMK. --+ Last updated 07/18/2023
ai-services Build A Custom Classifier https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/how-to-guides/build-a-custom-classifier.md
description: Learn how to label, and build a custom document classification model. --+ Last updated 07/18/2023
ai-services Build A Custom Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/how-to-guides/build-a-custom-model.md
description: Learn how to build, label, and train a custom model. --+ Last updated 07/18/2023
ai-services Compose Custom Models https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/how-to-guides/compose-custom-models.md
description: Learn how to create, use, and manage Document Intelligence custom and composed models --+ Last updated 07/18/2023
ai-services Estimate Cost https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/how-to-guides/estimate-cost.md
description: Learn how to use Azure portal to check how many pages are analyzed and estimate the total price. --+ Last updated 07/18/2023
ai-services Project Share Custom Models https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/how-to-guides/project-share-custom-models.md
description: Learn how to share custom model projects using Document Intelligence Studio. --+ Last updated 07/18/2023
ai-services Use Sdk Rest Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/how-to-guides/use-sdk-rest-api.md
description: Learn how to use Document Intelligence SDKs or REST API and create apps to extract key data from documents. --+ Last updated 08/21/2023
ai-services Label Tool https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/label-tool.md
description: How to use the Document Intelligence sample tool to analyze documents, invoices, receipts etc. Label and create a custom model to extract text, tables, selection marks, structure and key-value pairs from documents. --+ Last updated 07/18/2023
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/language-support.md
description: Learn more about the human languages that are available with Document Intelligence. --+ Last updated 07/18/2023 monikerRange: '<=doc-intel-3.1.0'
ai-services Managed Identities Secured Access https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/managed-identities-secured-access.md
description: Learn how to configure secure communications between Document Intelligence and other Azure Services. --+ Last updated 07/18/2023
ai-services Managed Identities https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/managed-identities.md
description: Understand how to create and use managed identity with Document Intelligence --+ Last updated 07/18/2023
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/overview.md
description: Azure AI Document Intelligence is a machine-learning based OCR and intelligent document processing service to automate extraction of key data from forms and documents. --+ Last updated 09/20/2023
ai-services Get Started Sdks Rest Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/quickstarts/get-started-sdks-rest-api.md
description: Use a Document Intelligence SDK or the REST API to create a forms processing app that extracts key data and structure elements from your documents. --+ Last updated 08/15/2023
ai-services Try Document Intelligence Studio https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/quickstarts/try-document-intelligence-studio.md
description: Form and document processing, data extraction, and analysis using Document Intelligence Studio --+ Last updated 07/18/2023
ai-services Try Sample Label Tool https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/quickstarts/try-sample-label-tool.md
description: In this quickstart, you'll learn to use the Document Intelligence Sample Labeling tool to manually label documents. Then you'll train a custom document processing model with the labeled documents and use the model to extract key/value pairs. --+ Last updated 07/18/2023
ai-services Resource Customer Stories https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/resource-customer-stories.md
description: Highlight customer stories with Document Intelligence. --+ Last updated 07/18/2023
ai-services Sdk Overview V3 0 https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/sdk-overview-v3-0.md
description: Document Intelligence v3.0 software development kits (SDKs) expose Document Intelligence models, features and capabilities, using C#, Java, JavaScript, and Python programming language. --+ Last updated 09/05/2023
ai-services Sdk Overview V3 1 https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/sdk-overview-v3-1.md
description: The Document Intelligence v3.1 software development kits (SDKs) expose Document Intelligence models, features and capabilities that are in active development for C#, Java, JavaScript, or Python programming language. --+ Last updated 09/05/2023
ai-services Service Limits https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/service-limits.md
description: Quick reference, detailed description, and best practices for worki
--+ Last updated 07/18/2023
ai-services Studio Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/studio-overview.md
description: Learn how to set up and use Document Intelligence Studio to test features of Azure AI Document Intelligence on the web. --+ Last updated 07/18/2023
ai-services Supervised Table Tags https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/supervised-table-tags.md
description: Learn how to effectively use supervised table tag labeling. --+ Last updated 07/18/2023
ai-services Tutorial Azure Function https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/tutorial-azure-function.md
description: This guide shows you how to use an Azure function to trigger the pr
--+ Last updated 07/18/2023
ai-services Tutorial Logic Apps https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/tutorial-logic-apps.md
description: A tutorial introducing how to use Document intelligence with Logic Apps. --+ Last updated 08/01/2023
ai-services V3 1 Migration Guide https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/v3-1-migration-guide.md
description: In this how-to guide, learn the differences between Document Intelligence API v3.0 and v3.1 and how to move to the newer version of the API. --+ Last updated 07/18/2023
ai-services V3 Error Guide https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/v3-error-guide.md
description: Learn how errors are represented in Document Intelligence and find a list of possible errors returned by the service. --+ Last updated 07/18/2023
ai-services Whats New https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/document-intelligence/whats-new.md
description: Learn the latest changes to the Document Intelligence API. --+ Last updated 07/18/2023
ai-services How To Cache Token https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to-cache-token.md
description: This article will show you how to cache the authentication token.
--+ Last updated 01/14/2020
ai-services How To Configure Read Aloud https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to-configure-read-aloud.md
description: This article will show you how to configure the various options for
--+ Last updated 06/29/2020
ai-services How To Configure Translation https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to-configure-translation.md
description: This article will show you how to configure the various options for
--+ Last updated 01/06/2022
ai-services How To Create Immersive Reader https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to-create-immersive-reader.md
description: This article shows you how to create a new Immersive Reader resourc
--+ Last updated 03/31/2023
ai-services How To Customize Launch Button https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to-customize-launch-button.md
--+ Last updated 03/08/2021
ai-services How To Launch Immersive Reader https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to-launch-immersive-reader.md
description: Learn how to launch the Immersive reader using JavaScript, Python, Android, or iOS. Immersive Reader uses proven techniques to improve reading comprehension for language learners, emerging readers, and students with learning differences. --+ Last updated 03/04/2021
ai-services How To Multiple Resources https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to-multiple-resources.md
description: In this tutorial, you'll create a Node.js application that launches
--+ Last updated 01/14/2020
ai-services How To Prepare Html https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to-prepare-html.md
description: Learn how to launch the Immersive reader using HTML, JavaScript, Python, Android, or iOS. Immersive Reader uses proven techniques to improve reading comprehension for language learners, emerging readers, and students with learning differences. --+ Last updated 03/04/2021
ai-services How To Store User Preferences https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to-store-user-preferences.md
description: This article will show you how to store the user's preferences.
--+ Last updated 06/29/2020
ai-services Display Math https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to/display-math.md
description: This article will show you how to display math in the Immersive Rea
--+ Last updated 01/14/2020
ai-services Set Cookie Policy https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/how-to/set-cookie-policy.md
--+ Last updated 01/06/2020
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/language-support.md
description: Learn more about the human languages that are available with Immers
--+ Last updated 11/15/2021
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/overview.md
--+ Last updated 11/15/2021
ai-services Client Libraries https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/quickstarts/client-libraries.md
zone_pivot_groups: programming-languages-set-twenty--+ Last updated 03/08/2021
ai-services Reference https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/reference.md
--+ Last updated 11/15/2021
ai-services Release Notes https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/release-notes.md
--+ Last updated 11/15/2021
ai-services Security How To Update Role Assignment https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/security-how-to-update-role-assignment.md
--+ Last updated 01/06/2022
ai-services Tutorial Ios Picture Immersive Reader https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/immersive-reader/tutorial-ios-picture-immersive-reader.md
description: In this tutorial, you will build an iOS app from scratch and add th
--+ Last updated 01/14/2020
ai-services Configure Containers https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/configure-containers.md
--+ Last updated 11/02/2021
ai-services Multi Region Deployment https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/custom-features/multi-region-deployment.md
description: Learn about deploying your language projects to multiple regions.
--+ Last updated 10/11/2022
ai-services Project Versioning https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/custom-features/project-versioning.md
description: Learn how versioning works in conversational language understanding
--+ Last updated 10/10/2022
ai-services Data Limits https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/data-limits.md
description: Data and service limitations for Azure AI Language features.
--+ Last updated 10/05/2022
ai-services Developer Guide https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/developer-guide.md
description: Learn about how to integrate the Language service SDK and REST API
--+ Last updated 02/14/2023
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/language-support.md
description: This article explains which natural languages are supported by the
--+ Last updated 03/09/2023
ai-services Migrate Language Service Latest https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/migrate-language-service-latest.md
description: Learn how to move your Text Analytics applications to use the lates
--+ Last updated 08/08/2022
ai-services Migrate https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/migrate.md
description: Use this article to learn if you need to migrate your applications from LUIS, QnA Maker, and Text Analytics. --+ Last updated 09/29/2022
ai-services Model Lifecycle https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/model-lifecycle.md
description: This article describes the timelines for models and model versions
--+ Last updated 11/29/2022
ai-services Multilingual Emoji Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/multilingual-emoji-support.md
description: Learn about offsets caused by multilingual and emoji encodings in L
--+ Last updated 11/02/2021
ai-services Previous Updates https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/previous-updates.md
description: An archive of previous Azure AI Language updates.
--+ Last updated 06/23/2022
ai-services Regional Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/regional-support.md
description: Learn which Azure regions are supported by the Language service.
--+ Last updated 08/23/2023
ai-services Role Based Access Control https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/role-based-access-control.md
description: Learn how to use Azure RBAC for managing individual access to Azure
--+ Last updated 10/31/2022
ai-services Use Asynchronously https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/concepts/use-asynchronously.md
description: Learn how to send Language service API requests asynchronously.
--+ Last updated 10/31/2022
ai-services Best Practices https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/concepts/best-practices.md
description: Apply best practices when using conversational language understandi
--+ Last updated 09/22/2023
ai-services Data Formats https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/concepts/data-formats.md
description: Learn about the data formats accepted by conversational language un
--+ Last updated 06/20/2023
ai-services Entity Components https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/concepts/entity-components.md
description: Learn how Conversational Language Understanding extracts entities f
--+ Last updated 10/11/2022
ai-services Evaluation Metrics https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/concepts/evaluation-metrics.md
description: Learn about evaluation metrics in Conversational Language Understan
--+ Last updated 05/13/2022
ai-services Multiple Languages https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/concepts/multiple-languages.md
description: Learn about which how to make use of multilingual projects in conve
--+ Last updated 01/10/2022
ai-services None Intent https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/concepts/none-intent.md
description: Learn about the default None intent in conversational language unde
--+ Last updated 05/13/2022
ai-services Faq https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/faq.md
description: Use this article to quickly get the answers to FAQ about conversati
--+ Last updated 09/29/2022
ai-services Glossary https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/glossary.md
description: Learn about definitions used in conversational language understandi
--+ Last updated 05/13/2022
ai-services Build Schema https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/how-to/build-schema.md
description: Use this article to start building a Conversational Language Unders
--+ Last updated 05/13/2022
ai-services Call Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/how-to/call-api.md
description: Learn about sending prediction requests for conversational language
--+ Last updated 06/28/2022
ai-services Create Project https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/how-to/create-project.md
description: Use this article to learn how to create projects in Conversational
--+ Last updated 09/29/2022
ai-services Deploy Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/how-to/deploy-model.md
description: Use this article to learn how to deploy models for conversational l
--+ Last updated 10/12/2022
ai-services Fail Over https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/how-to/fail-over.md
description: Learn how to save and recover your conversational language understa
--+ Last updated 05/16/2022
ai-services Migrate From Luis https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/how-to/migrate-from-luis.md
description: Learn about backwards compatibility between LUIS and Conversational
--+ Last updated 09/08/2022
ai-services Tag Utterances https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/how-to/tag-utterances.md
description: Use this article to tag your utterances in Conversational Language
--+ Last updated 08/25/2023
ai-services Train Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/how-to/train-model.md
description: Use this article to train a model and view its evaluation details t
--+ Last updated 08/25/2023
ai-services View Model Evaluation https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/how-to/view-model-evaluation.md
--+ Last updated 05/16/2022
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/language-support.md
description: This article explains which natural languages are supported by the
--+ Last updated 05/12/2022
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/overview.md
description: Customize an AI model to predict the intentions of utterances, and
--+ Last updated 10/26/2022
ai-services Prebuilt Component Reference https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/prebuilt-component-reference.md
description: Learn about which entities can be detected automatically in Convers
--+ Last updated 11/02/2021
ai-services Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/quickstart.md
description: Quickly start building an AI model to extract information and predi
--+ Last updated 03/14/2023
ai-services Service Limits https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/service-limits.md
description: Learn about the data, region, and throughput limits for Conversatio
--+ Last updated 08/23/2023
ai-services Bot Framework https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/conversational-language-understanding/tutorials/bot-framework.md
--+ Last updated 05/25/2022
ai-services Data Formats https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/concepts/data-formats.md
description: Learn about the data formats accepted by custom NER.
--+ Last updated 10/17/2022
ai-services Evaluation Metrics https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/concepts/evaluation-metrics.md
description: Learn about evaluation metrics in Custom Named Entity Recognition (
--+ Last updated 08/08/2022
ai-services Fail Over https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/fail-over.md
description: Learn how to save and recover your custom NER models.
--+ Last updated 04/25/2022
ai-services Faq https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/faq.md
description: Learn about Frequently asked questions when using custom Named Enti
--+ Last updated 08/08/2022
ai-services Glossary https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/glossary.md
description: Definitions and terms you may encounter when building AI models usi
--+ Last updated 05/06/2022
ai-services Call Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/how-to/call-api.md
--+ Last updated 05/11/2023
ai-services Create Project https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/how-to/create-project.md
description: Learn how to create and manage projects and Azure resources for cus
--+ Last updated 06/03/2022
ai-services Deploy Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/how-to/deploy-model.md
description: Learn how to deploy a model for custom NER.
--+ Last updated 03/23/2023
ai-services Design Schema https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/how-to/design-schema.md
description: Learn about how to select and prepare data, to be successful in cre
--+ Last updated 05/09/2022
ai-services Tag Data https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/how-to/tag-data.md
description: Learn how to label your data for use with Custom Named Entity Recog
--+ Last updated 05/24/2022
ai-services Train Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/how-to/train-model.md
description: Learn about how to train your model for Custom Named Entity Recogni
--+ Last updated 05/06/2022
ai-services Use Autolabeling https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/how-to/use-autolabeling.md
description: Learn how to use autolabeling in custom named entity recognition.
--+ Last updated 03/20/2023
ai-services Use Containers https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/how-to/use-containers.md
description: Learn how to use Docker containers for Custom Named Entity Recognit
--+ Last updated 05/08/2023
ai-services View Model Evaluation https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/how-to/view-model-evaluation.md
description: Learn how to evaluate and score your Custom Named Entity Recognitio
--+ Last updated 02/28/2023
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/language-support.md
description: Learn about the languages and regions supported by custom named ent
--+ Last updated 05/06/2022
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/overview.md
description: Customize an AI model to label and extract information from documen
--+ Last updated 02/22/2023
ai-services Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/quickstart.md
description: Quickly start building an AI model to categorize and extract inform
--+ Last updated 01/25/2023
ai-services Service Limits https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-named-entity-recognition/service-limits.md
description: Learn about the data and service limits when using Custom Named Ent
--+ Last updated 08/23/2023
ai-services Data Formats https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/concepts/data-formats.md
description: Learn about the data formats accepted by custom text analytics for
--+ Last updated 04/14/2023
ai-services Entity Components https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/concepts/entity-components.md
description: Learn how custom Text Analytics for health extracts entities from t
--+ Last updated 04/14/2023
ai-services Evaluation Metrics https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/concepts/evaluation-metrics.md
description: Learn about evaluation metrics in custom Text Analytics for health
--+ Last updated 04/14/2023
ai-services Call Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/how-to/call-api.md
--+ Last updated 04/14/2023
ai-services Create Project https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/how-to/create-project.md
description: Learn about the steps for using Azure resources with custom text an
--+ Last updated 04/14/2023
ai-services Deploy Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/how-to/deploy-model.md
description: Learn about deploying a model for custom Text Analytics for health.
--+ Last updated 04/14/2023
ai-services Design Schema https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/how-to/design-schema.md
description: Learn about how to select and prepare data, to be successful in cre
--+ Last updated 04/14/2023
ai-services Fail Over https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/how-to/fail-over.md
description: Learn how to save and recover your custom Text Analytics for health
--+ Last updated 04/14/2023
ai-services Label Data https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/how-to/label-data.md
description: Learn how to label your data for use with custom Text Analytics for
--+ Last updated 04/14/2023
ai-services Train Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/how-to/train-model.md
description: Learn about how to train your model for custom Text Analytics for h
--+ Last updated 04/14/2023
ai-services View Model Evaluation https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/how-to/view-model-evaluation.md
description: Learn how to evaluate and score your Custom Text Analytics for heal
--+ Last updated 04/14/2023
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/language-support.md
description: Learn about the languages and regions supported by custom Text Anal
--+ Last updated 04/14/2023
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/overview.md
description: Customize an AI model to label and extract healthcare information f
--+ Last updated 04/14/2023
ai-services Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/quickstart.md
description: Quickly start building an AI model to categorize and extract inform
--+ Last updated 04/14/2023
ai-services Glossary https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/reference/glossary.md
description: Learn about definitions used in custom Text Analytics for health
--+ Last updated 04/14/2023
ai-services Service Limits https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-analytics-for-health/reference/service-limits.md
description: Learn about the data and service limits when using Custom Text Anal
--+ Last updated 08/23/2023
ai-services Data Formats https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/concepts/data-formats.md
description: Learn about the data formats accepted by custom text classification
--+ Last updated 05/24/2022
ai-services Evaluation Metrics https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/concepts/evaluation-metrics.md
description: Learn about evaluation metrics in custom text classification.
--+ Last updated 08/08/2022
ai-services Fail Over https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/fail-over.md
description: Learn how to save and recover your custom text classification model
--+ Last updated 04/22/2022
ai-services Faq https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/faq.md
description: Learn about Frequently asked questions when using the custom text c
--+ Last updated 04/22/2022
ai-services Glossary https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/glossary.md
description: Learn about definitions used in custom text classification.
--+ Last updated 04/14/2022
ai-services Call Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/how-to/call-api.md
--+ Last updated 03/23/2023
ai-services Create Project https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/how-to/create-project.md
description: Learn about the steps for using Azure resources with custom text cl
--+ Last updated 06/03/2022
ai-services Deploy Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/how-to/deploy-model.md
description: Learn how to deploy a model for custom text classification.
--+ Last updated 03/23/2023
ai-services Design Schema https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/how-to/design-schema.md
description: Learn about data selection, preparation, and creating a schema for
--+ Last updated 05/05/2022
ai-services Tag Data https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/how-to/tag-data.md
description: Learn about how to label your data for use with the custom text cla
--+ Last updated 11/10/2022
ai-services Train Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/how-to/train-model.md
description: Learn about how to train your model for custom text classification.
--+ Last updated 08/08/2022
ai-services Use Autolabeling https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/how-to/use-autolabeling.md
description: Learn how to use autolabeling in custom text classification.
--+ Last updated 3/15/2023
ai-services View Model Evaluation https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/how-to/view-model-evaluation.md
description: Learn how to view the evaluation scores for a custom text classific
--+ Last updated 10/12/2022
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/language-support.md
description: Learn about which languages are supported by custom text classifica
--+ Last updated 05/06/2022
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/overview.md
description: Customize an AI model to classify documents and other content using
--+ Last updated 06/17/2022
ai-services Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/quickstart.md
description: Quickly start building an AI model to identify and apply labels (cl
--+ Last updated 01/25/2023
ai-services Service Limits https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/service-limits.md
Last updated 08/23/2023--+
ai-services Triage Email https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom-text-classification/tutorials/triage-email.md
description: Learn how to use custom text classification to categorize and triag
--+ Last updated 01/27/2023
ai-services Azure Machine Learning Labeling https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/custom/azure-machine-learning-labeling.md
--+ Last updated 04/17/2023
ai-services Call Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/entity-linking/how-to/call-api.md
description: Learn how to identify and link entities found in text with the enti
--+ Last updated 11/02/2021
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/entity-linking/language-support.md
description: A list of natural languages supported by the entity linking API
--+ Last updated 11/02/2021
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/entity-linking/overview.md
description: An overview of entity linking in Azure AI services, which helps you
--+ Last updated 01/10/2023
ai-services Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/entity-linking/quickstart.md
description: 'Use this quickstart to perform Entity Linking, using C#, Python, J
--+ Last updated 02/17/2023
ai-services Call Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/key-phrase-extraction/how-to/call-api.md
description: How to extract key phrases by using the Key Phrase Extraction API.
--+ Last updated 01/10/2023
ai-services Use Containers https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/key-phrase-extraction/how-to/use-containers.md
description: Learn how to use Docker containers for Key Phrase Extraction on-pre
--+ Last updated 04/11/2023
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/key-phrase-extraction/language-support.md
description: Use this article to find the natural languages supported by Key Phr
--+ Last updated 09/18/2023
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/key-phrase-extraction/overview.md
description: An overview of key phrase extraction in Azure AI services, which he
--+ Last updated 01/10/2023
ai-services Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/key-phrase-extraction/quickstart.md
description: Use this quickstart to start using the Key Phrase Extraction API.
--+ Last updated 02/17/2023
ai-services Integrate Power Bi https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/key-phrase-extraction/tutorials/integrate-power-bi.md
description: Learn how to use the key phrase extraction feature to get text stor
--+ Last updated 09/28/2022
ai-services Call Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/language-detection/how-to/call-api.md
description: This article will show you how to detect the language of written te
--+ Last updated 03/01/2022
ai-services Use Containers https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/language-detection/how-to/use-containers.md
description: Use Docker containers for the Language Detection API to determine t
--+ Last updated 04/11/2023
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/language-detection/language-support.md
description: This article explains which natural languages are supported by the
--+ Last updated 11/02/2021
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/language-detection/overview.md
description: An overview of language detection in Azure AI services, which helps
--+ Last updated 07/27/2022
ai-services Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/language-detection/quickstart.md
description: Use this quickstart to start using Language Detection.
--+ Last updated 02/17/2023
ai-services Language Studio https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/language-studio.md
description: Use this article to learn about Language Studio, and testing featur
--+ Last updated 01/03/2023
ai-services Entity Metadata https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/named-entity-recognition/concepts/entity-metadata.md
description: Learn about entity metadata in the NER feature.
--+ Last updated 06/13/2023
ai-services Entity Resolutions https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/named-entity-recognition/concepts/entity-resolutions.md
description: Learn about entity resolutions in the NER feature.
--+ Last updated 10/12/2022
ai-services Ga Preview Mapping https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/named-entity-recognition/concepts/ga-preview-mapping.md
description: Learn about the NER preview API.
--+ Last updated 06/14/2023
ai-services Named Entity Categories https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/named-entity-recognition/concepts/named-entity-categories.md
description: Learn about the entities the NER feature can recognize from unstruc
--+ Last updated 11/02/2021
ai-services How To Call https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/named-entity-recognition/how-to-call.md
description: This article will show you how to extract named entities from text.
--+ Last updated 01/10/2023
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/named-entity-recognition/language-support.md
description: This article explains which natural languages are supported by the
--+ Last updated 06/27/2022
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/named-entity-recognition/overview.md
description: An overview of the Named Entity Recognition feature in Azure AI ser
--+ Last updated 06/15/2022
ai-services Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/named-entity-recognition/quickstart.md
description: Use this quickstart to start using the Named Entity Recognition (NE
--+ Last updated 02/17/2023
ai-services Extract Excel Information https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/named-entity-recognition/tutorials/extract-excel-information.md
description: Learn how to Extract Excel text without having to write code, using
--+ Last updated 11/21/2022
ai-services Data Formats https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/concepts/data-formats.md
description: Learn about the data formats accepted by orchestration workflow.
--+ Last updated 05/19/2022
ai-services Evaluation Metrics https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/concepts/evaluation-metrics.md
description: Learn about evaluation metrics in orchestration workflow
--+ Last updated 05/19/2022
ai-services Fail Over https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/concepts/fail-over.md
description: Learn how to save and recover your orchestration workflow models.
--+ Last updated 05/19/2022
ai-services None Intent https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/concepts/none-intent.md
description: Learn about the default None intent in orchestration workflow.
--+ Last updated 06/03/2022
ai-services Faq https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/faq.md
description: Use this article to quickly get the answers to FAQ about orchestrat
--+ Last updated 06/21/2022
ai-services Glossary https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/glossary.md
description: Learn about definitions used in orchestration workflow.
--+ Last updated 05/19/2022
ai-services Build Schema https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/how-to/build-schema.md
--+ Last updated 05/20/2022
ai-services Call Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/how-to/call-api.md
description: Learn about sending requests for orchestration workflow.
--+ Last updated 06/28/2022
ai-services Create Project https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/how-to/create-project.md
description: Use this article to learn how to create projects in orchestration w
--+ Last updated 03/23/2023
ai-services Deploy Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/how-to/deploy-model.md
description: Learn about deploying orchestration workflow projects.
--+ Last updated 10/12/2022
ai-services Tag Utterances https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/how-to/tag-utterances.md
description: Use this article to tag utterances
--+ Last updated 05/20/2022
ai-services Train Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/how-to/train-model.md
--+ Last updated 05/20/2022
ai-services View Model Evaluation https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/how-to/view-model-evaluation.md
--+ Last updated 10/12/2022
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/language-support.md
description: Learn about the languages supported by orchestration workflow.
--+ Last updated 05/17/2022
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/overview.md
description: Customize an AI model to connect your Conversational Language Under
--+ Last updated 08/10/2022
ai-services Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/quickstart.md
description: Quickly start creating an AI model to connect your Conversational L
--+ Last updated 02/28/2023
ai-services Service Limits https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/service-limits.md
description: Learn about the data, region, and throughput limits for Orchestrati
--+ Last updated 08/23/2023
ai-services Connect Services https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/orchestration-workflow/tutorials/connect-services.md
--+ Last updated 05/25/2022
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/overview.md
description: Learn how to integrate AI into your applications that can extract i
--+ Last updated 07/19/2023
ai-services Conversations Entity Categories https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/personally-identifiable-information/concepts/conversations-entity-categories.md
description: Learn about the entities the Conversational PII feature (preview) c
--+ Last updated 05/15/2022
ai-services Entity Categories https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/personally-identifiable-information/concepts/entity-categories.md
description: Learn about the entities the PII feature can recognize from unstruc
--+ Last updated 11/15/2021
ai-services How To Call For Conversations https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/personally-identifiable-information/how-to-call-for-conversations.md
description: This article will show you how to extract PII from chat and spoken
--+ Last updated 01/31/2023
ai-services How To Call https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/personally-identifiable-information/how-to-call.md
description: This article will show you how to extract PII and health informatio
--+ Last updated 07/27/2022
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/personally-identifiable-information/language-support.md
description: This article explains which natural languages are supported by the
--+ Last updated 08/02/2022
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/personally-identifiable-information/overview.md
description: An overview of the PII detection feature in Azure AI services, whic
--+ Last updated 01/10/2023
ai-services Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/personally-identifiable-information/quickstart.md
description: Use this quickstart to start using the PII detection API.
--+ Last updated 02/17/2023
ai-services Azure Resources https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/concepts/azure-resources.md
Title: Azure resources - question answering description: Question answering uses several Azure sources, each with a different purpose. Understanding how they are used individually allows you to plan for and select the correct pricing tier or know when to change your pricing tier. Understanding how they are used in combination allows you to find and fix problems when they occur.--+
ai-services Best Practices https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/concepts/best-practices.md
Title: Best practices - question answering description: Use these best practices to improve your project and provide better results to your application/chat bot's end users.--+
ai-services Confidence Score https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/concepts/confidence-score.md
--+ Last updated 11/02/2021
ai-services Limits https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/concepts/limits.md
Title: Limits and boundaries - question answering description: Question answering has meta-limits for parts of the knowledge base and service. It is important to keep your knowledge base within those limits in order to test and publish.--+
ai-services Plan https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/concepts/plan.md
Title: Plan your app - question answering description: Learn how to plan your question answering app. Understand how question answering works and interacts with other Azure services and some project concepts.--+
ai-services Precise Answering https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/concepts/precise-answering.md
Title: Precise answering using answer span detection - question answering description: Understand Precise answering feature available in question answering.--+
ai-services Project Development Lifecycle https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/concepts/project-development-lifecycle.md
Title: Project lifecycle - question answering description: Question answering learns best in an iterative cycle of model changes, utterance examples, deployment, and gathering data from endpoint queries.--+
ai-services Analytics https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/analytics.md
displayName: chat history, history, chat logs, logs--+ Last updated 11/02/2021
ai-services Authoring https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/authoring.md
Title: Authoring API - question answering description: Use the question answering Authoring API to automate common tasks like adding new question answer pairs, and creating, and publishing projects. --+
ai-services Azure Openai Integration https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/azure-openai-integration.md
Title: Connect Custom Question Answering with Azure OpenAI on your data description: Learn how to use Custom Question Answering with Azure OpenAI.--+
ai-services Change Default Answer https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/change-default-answer.md
Title: Get default answer - custom question answering description: The default answer is returned when there is no match to the question. You may want to change the default answer from the standard default answer in custom question answering.--+ Last updated 11/02/2021
ai-services Chit Chat https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/chit-chat.md
--+ Last updated 11/02/2021
ai-services Configure Resources https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/configure-resources.md
Title: Configure Question Answering service description: This document outlines advanced configurations for custom question answering enabled resources.--+
ai-services Create Test Deploy https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/create-test-deploy.md
Title: Create, test, and deploy your question answering project description: You can create a question answering project from your own content, such as FAQs or product manuals. This article includes an example of creating a question answering project from a simple FAQ webpage, to answer questions.--+
ai-services Encrypt Data At Rest https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/encrypt-data-at-rest.md
description: Microsoft offers Microsoft-managed encryption keys, and also lets you manage your Azure AI services subscriptions with your own keys, called customer-managed keys (CMK). This article covers data encryption at rest for custom question answering, and how to enable and manage CMK. --+ Last updated 06/03/2022
ai-services Manage Knowledge Base https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/manage-knowledge-base.md
Title: Manage projects - question answering description: Custom question answering allows you to manage projects by providing access to the project settings and content.--+
ai-services Migrate Knowledge Base https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/migrate-knowledge-base.md
Title: Move projects - custom question answering description: Moving a custom question answering project requires exporting a project from one resource, and then importing into another.--+
ai-services Migrate Qnamaker To Question Answering https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/migrate-qnamaker-to-question-answering.md
Title: Migrate from QnA Maker to Question Answering description: Details on features, requirements, and examples for migrating from QnA Maker to Question Answering--+ ms.
ai-services Migrate Qnamaker https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/migrate-qnamaker.md
Title: Migrate QnA Maker knowledge bases to custom question answering description: Migrate your legacy QnAMaker knowledge bases to custom question answering to take advantage of the latest features.--+
ai-services Network Isolation https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/network-isolation.md
Title: Network isolation and Private Link -question answering description: Users can restrict public access to question answering resources.--+
ai-services Prebuilt https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/prebuilt.md
Title: Prebuilt API - question answering description: Use the question answering Prebuilt API to ask and receive answers to questions without having to create a project. --+
ai-services Smart Url Refresh https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/smart-url-refresh.md
Title: Smart URL refresh - question answering description: Use the question answering smart URL refresh feature to keep your project up to date.--+
ai-services Troubleshooting https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/how-to/troubleshooting.md
Title: Troubleshooting - question answering description: The curated list of the most frequently asked questions regarding question answering will help you adopt the feature faster and with better results.--+
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/language-support.md
recommendations: false--+ Last updated 11/02/2021
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/overview.md
Title: What is question answering? description: Question answering is a cloud-based Natural Language Processing (NLP) service that easily creates a natural conversational layer over your data. It can be used to find the most appropriate answer for any given natural language input, from your custom project.--+ recommendations: false
ai-services Sdk https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/quickstart/sdk.md
Title: "Quickstart: Use SDK to create and manage project - custom question answering" description: This quickstart shows you how to create and manage your project using custom question answering.--+ Last updated 06/06/2022
ai-services Document Format Guidelines https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/reference/document-format-guidelines.md
Title: Import document format guidelines - question answering description: Use these guidelines for importing documents to get the best results for your content with question answering.--+
ai-services Markdown Format https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/reference/markdown-format.md
Title: Markdown format - question answering description: Following is the list of markdown formats that you can use your answer text.--+
ai-services Active Learning https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/tutorials/active-learning.md
Title: Enrich your project with active learning description: In this tutorial, learn how to enrich your question answering projects with active learning--+
ai-services Adding Synonyms https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/tutorials/adding-synonyms.md
Title: Improve the quality of responses with synonyms description: In this tutorial, learn how to improve response with synonyms and alternate words--+
ai-services Bot Service https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/tutorials/bot-service.md
Title: "Tutorial: Create an FAQ bot with question answering and Azure AI Bot Service" description: In this tutorial, create a no code FAQ Bot with question answering and Azure AI Bot Service.--+
ai-services Guided Conversations https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/tutorials/guided-conversations.md
Title: Add guided conversations with multi-turn prompts description: In this tutorial, learn how to make guided conversations with multi-turn prompts.--+
ai-services Multiple Domains https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/tutorials/multiple-domains.md
Title: "Tutorial: Create a FAQ bot for multiple categories with Azure AI Bot Service" description: In this tutorial, create a no code FAQ Bot for production use cases with question answering and Azure AI Bot Service.--+
ai-services Multiple Languages https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/tutorials/multiple-languages.md
Title: Create projects in multiple languages -question answering description: In this tutorial, you will learn how to create projects with multiple languages.--+
ai-services Power Virtual Agents https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/question-answering/tutorials/power-virtual-agents.md
Title: "Tutorial: Add your Question Answering project to Power Virtual Agents" description: In this tutorial, you will learn how to add your Question Answering project to Power Virtual Agents.--+
ai-services Data Formats https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/custom/concepts/data-formats.md
description: Learn about the data formats accepted by custom sentiment analysis.
--+ Last updated 07/19/2023
ai-services Call Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/custom/how-to/call-api.md
--+ Last updated 07/19/2023
ai-services Create Project https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/custom/how-to/create-project.md
description: Learn about the steps for using Azure resources with Custom sentime
--+ Last updated 07/19/2023
ai-services Deploy Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/custom/how-to/deploy-model.md
description: Learn about deploying a model for Custom sentiment analysis.
--+ Last updated 07/19/2023
ai-services Design Schema https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/custom/how-to/design-schema.md
description: Learn about data selection and preparation for custom sentient anal
--+ Last updated 07/19/2023
ai-services Label Data https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/custom/how-to/label-data.md
description: Learn about how to label your data for use with the custom Sentimen
--+ Last updated 07/19/2023
ai-services Train Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/custom/how-to/train-model.md
description: Learn about how to train your model for Custom sentiment analysis.
--+ Last updated 07/19/2023
ai-services Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/custom/quickstart.md
description: Quickly start building an AI model to identify the sentiment of tex
--+ Last updated 07/19/2023
ai-services Call Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/how-to/call-api.md
description: This article will show you how to detect sentiment, and mine for op
--+ Last updated 07/19/2023
ai-services Use Containers https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/how-to/use-containers.md
description: Use the Docker containers for the Sentiment Analysis API to perform
--+ Last updated 09/18/2023
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/language-support.md
description: This article explains which languages are supported by the Sentimen
--+ Last updated 09/18/2023
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/overview.md
description: An overview of the sentiment analysis feature in Azure AI services,
--+ Last updated 07/19/2023
ai-services Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/sentiment-opinion-mining/quickstart.md
description: Use this quickstart to start using the Sentiment Analysis API.
--+ Last updated 07/19/2023
ai-services Data Formats https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/summarization/custom/how-to/data-formats.md
description: Learn about how to select and prepare data, to be successful in cre
--+ Last updated 06/01/2022
ai-services Deploy Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/summarization/custom/how-to/deploy-model.md
description: Learn about deploying a model for Custom summarization.
--+ Last updated 06/02/2023
ai-services Test Evaluate https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/summarization/custom/how-to/test-evaluate.md
description: Learn about how to test and evaluate custom summarization models.
--+ Last updated 06/01/2022
ai-services Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/summarization/custom/quickstart.md
description: Quickly start building an AI model to summarize text.
--+ Last updated 05/26/2023
ai-services Conversation Summarization https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/summarization/how-to/conversation-summarization.md
description: This article will show you how to summarize chat logs with the conv
--+ Last updated 01/31/2023
ai-services Document Summarization https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/summarization/how-to/document-summarization.md
description: This article will show you how to summarize text with the extractiv
--+ Last updated 09/26/2022
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/summarization/language-support.md
description: Learn about which languages are supported by document summarization
--+ Last updated 09/28/2022
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/summarization/overview.md
description: Learn about summarizing text.
--+ Last updated 01/12/2023
ai-services Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/summarization/quickstart.md
description: Use this quickstart to start using Document Summarization.
--+ Last updated 02/17/2023
ai-services Region Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/summarization/region-support.md
description: Learn about which regions are supported by document summarization.
--+ Last updated 06/11/2023
ai-services Assertion Detection https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/text-analytics-for-health/concepts/assertion-detection.md
description: Learn about assertion detection.
--+ Last updated 01/04/2023
ai-services Health Entity Categories https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/text-analytics-for-health/concepts/health-entity-categories.md
description: Learn about categories recognized by Text Analytics for health
--+ Last updated 01/04/2023
ai-services Relation Extraction https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/text-analytics-for-health/concepts/relation-extraction.md
description: Learn about relation extraction
--+ Last updated 01/04/2023
ai-services Call Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/text-analytics-for-health/how-to/call-api.md
description: Learn how to extract and label medical information from unstructure
--+ Last updated 01/04/2023
ai-services Configure Containers https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/text-analytics-for-health/how-to/configure-containers.md
description: Text Analytics for health containers uses a common configuration fr
--+ Last updated 11/02/2021
ai-services Use Containers https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/text-analytics-for-health/how-to/use-containers.md
description: Learn how to extract and label medical information on premises usin
--+ Last updated 01/18/2023
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/text-analytics-for-health/language-support.md
description: "This article explains which natural languages are supported by the
--+ Last updated 01/04/2023
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/text-analytics-for-health/overview.md
description: An overview of Text Analytics for health in Azure AI services, whic
--+ Last updated 01/06/2023
ai-services Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/text-analytics-for-health/quickstart.md
description: Use this quickstart to start using Text Analytics for health.
--+ Last updated 02/17/2023
ai-services Power Automate https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/tutorials/power-automate.md
description: Learn how to use Azure AI Language in power automate, without writi
--+ Last updated 03/02/2023
ai-services Use Kubernetes Service https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/tutorials/use-kubernetes-service.md
description: Deploy a key phrase extraction container image to Azure Kubernetes
--+ Last updated 05/27/2022
ai-services Whats New https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/language-service/whats-new.md
description: Find out about new releases and features for the Azure AI Language.
--+ Last updated 04/14/2023
ai-services Cost Management https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/cost-management.md
description: Learn about cost management and pricing for Azure AI Metrics Advisor --+ Last updated 09/06/2022
ai-services Data Feeds From Different Sources https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/data-feeds-from-different-sources.md
description: Add different data feeds to Metrics Advisor --+ Last updated 05/26/2021
ai-services Encryption https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/encryption.md
description: Metrics Advisor service encryption of data at rest. --+ Last updated 07/02/2021
ai-services Glossary https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/glossary.md
description: Key ideas and concepts for the Metrics Advisor service --+ Last updated 09/14/2020
ai-services Alerts https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/how-tos/alerts.md
description: How to configure your Metrics Advisor alerts using hooks for email, web and Azure DevOps. --+ Last updated 09/14/2020
ai-services Anomaly Feedback https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/how-tos/anomaly-feedback.md
description: Learn how to send feedback on anomalies found by your Metrics Advisor instance, and tune the results. --+ Last updated 11/24/2020
ai-services Configure Metrics https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/how-tos/configure-metrics.md
description: How to configure your Metrics Advisor instance and fine-tune the anomaly detection results. --+ Last updated 05/12/2022
ai-services Credential Entity https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/how-tos/credential-entity.md
description: How to create a credential entity to manage your credential in secure. --+ Last updated 06/22/2021
ai-services Diagnose An Incident https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/how-tos/diagnose-an-incident.md
description: Learn how to diagnose an incident using Metrics Advisor, and get detailed views of anomalies in your data. --+ Last updated 04/15/2021
ai-services Further Analysis https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/how-tos/further-analysis.md
description: Learn how to leverage analysis tools to further analyze an incident. --+ Last updated 04/15/2021
ai-services Manage Data Feeds https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/how-tos/manage-data-feeds.md
description: Learn how to manage data feeds that you've added to Metrics Advisor. --+ Last updated 10/25/2022
ai-services Metrics Graph https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/how-tos/metrics-graph.md
description: How to configure your Metrics graph and visualize related anomalies in your data. --+ Last updated 09/08/2020
ai-services Onboard Your Data https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/how-tos/onboard-your-data.md
description: How to get started with onboarding your data feeds to Metrics Advisor. --+ Last updated 04/20/2021
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/overview.md
description: What is Metrics Advisor? --+ Last updated 07/06/2021
ai-services Rest Api And Client Library https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/quickstarts/rest-api-and-client-library.md
description: Use this quickstart to connect your applications to the Metrics Advisor API from Azure AI services. --+ Last updated 11/07/2022
ai-services Web Portal https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/quickstarts/web-portal.md
Last updated 11/07/2022 --+
ai-services Enable Anomaly Notification https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/tutorials/enable-anomaly-notification.md
Title: Metrics Advisor anomaly notification e-mails with Azure Logic Apps
description: Learn how to automate sending e-mail alerts in response to Metric Advisor anomalies --+ Last updated 05/20/2021
ai-services Write A Valid Query https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/tutorials/write-a-valid-query.md
Title: Write a query for Metrics Advisor data ingestion
description: Learn how to onboard your data to Metrics Advisor. --+ Last updated 05/20/2021
ai-services Whats New https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/metrics-advisor/whats-new.md
description: Learn about what is new with Metrics Advisor --+ Last updated 12/16/2022
ai-services Chatgpt Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/chatgpt-quickstart.md
description: Walkthrough on how to get started with GPT-35-Turbo and GPT-4 on Azure OpenAI Service. --+
ai-services Abuse Monitoring https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/concepts/abuse-monitoring.md
description: Learn about the abuse monitoring capabilities of Azure OpenAI Service --+ Last updated 06/16/2023
ai-services Advanced Prompt Engineering https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/concepts/advanced-prompt-engineering.md
description: Learn about the options for how to use prompt engineering with GPT-3, GPT-35-Turbo, and GPT-4 models --+ Last updated 04/20/2023
ai-services Content Filter https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/concepts/content-filter.md
description: Learn about the content filtering capabilities of Azure OpenAI in Azure AI services --+ Last updated 09/15/2023
keywords:
> [!IMPORTANT] > The content filtering system isn't applied to prompts and completions processed by the Whisper model in Azure OpenAI Service. Learn more about the [Whisper model in Azure OpenAI](models.md#whisper-preview).
-Azure OpenAI Service includes a content filtering system that works alongside core models. This system works by running both the prompt and completion through an ensemble of classification models aimed at detecting and preventing the output of harmful content. The content filtering system detects and takes action on specific categories of potentially harmful content in both input prompts and output completions. Variations in API configurations and application design may affect completions and thus filtering behavior. The content filtering system supports the following languages: Chinese, English, French, German, Italian, Japanese, Portuguese, and Spanish. It might not be able to detect inappropriate content in languages that it hasn't been trained or tested to process.
+Azure OpenAI Service includes a content filtering system that works alongside core models. This system works by running both the prompt and completion through an ensemble of classification models aimed at detecting and preventing the output of harmful content. The content filtering system detects and takes action on specific categories of potentially harmful content in both input prompts and output completions. Variations in API configurations and application design may affect completions and thus filtering behavior.
+
+The content filtering models have been specifically trained and tested on the following languages: English, German, Japanese, Spanish, French, Italian, Portuguese, and Chinese. However, the service can work in many other languages, but the quality may vary. In all cases, you should do your own testing to ensure that it works for your application.
In addition to the content filtering system, the Azure OpenAI Service performs monitoring to detect content and/or behaviors that suggest use of the service in a manner that may violate applicable product terms. For more information about understanding and mitigating risks associated with your application, see the [Transparency Note for Azure OpenAI](/legal/cognitive-services/openai/transparency-note?tabs=text). For more information about how data is processed in connection with content filtering and abuse monitoring, see [Data, privacy, and security for Azure OpenAI Service](/legal/cognitive-services/openai/data-privacy?context=/azure/ai-services/openai/context/context#preventing-abuse-and-harmful-content-generation).
ai-services Legacy Models https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/concepts/legacy-models.md
Title: Azure OpenAI Service legacy models description: Learn about the legacy models in Azure OpenAI. --+ Last updated 07/06/2023
ai-services Models https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/concepts/models.md
Title: Azure OpenAI Service models description: Learn about the different model capabilities that are available with Azure OpenAI. --+ Last updated 09/15/2023
ai-services Prompt Engineering https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/concepts/prompt-engineering.md
Title: Azure OpenAI Service | Introduction to Prompt engineering description: Learn how to use prompt engineering to optimize your work with Azure OpenAI Service.--+ Last updated 03/21/2023
ai-services Red Teaming https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/concepts/red-teaming.md
Title: Introduction to red teaming large language models (LLMs) description: Learn about how red teaming and adversarial testing is an essential practice in the responsible development of systems and features using large language models (LLMs)--+ Last updated 05/18/2023
ai-services System Message https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/concepts/system-message.md
Title: System message framework and template recommendations for Large Language Models(LLMs) description: Learn about how to construct system messages also know as metaprompts to guide an AI system's behavior.--+ Last updated 05/19/2023
ai-services Understand Embeddings https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/concepts/understand-embeddings.md
description: Learn more about Azure OpenAI embeddings API for document search and cosine similarity --+ Last updated 09/12/2023
ai-services Use Your Data https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/concepts/use-your-data.md
description: Use this article to learn about using your data for better text generation in Azure OpenAI. --+
ai-services Dall E Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/dall-e-quickstart.md
description: Learn how to get started generating images with Azure OpenAI Service by using the Python SDK, the REST APIs, or Azure OpenAI Studio. --+
ai-services Encrypt Data At Rest https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/encrypt-data-at-rest.md
description: Learn how Azure OpenAI encrypts your data when it's persisted to th
--+ Last updated 11/14/2022
ai-services Business Continuity Disaster Recovery https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/business-continuity-disaster-recovery.md
description: Considerations for implementing Business Continuity and Disaster Recovery (BCDR) with Azure OpenAI --+ Last updated 8/17/2023
ai-services Chatgpt https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/chatgpt.md
description: Learn about the options for how to use the GPT-35-Turbo and GPT-4 models --+ Last updated 05/15/2023
ai-services Completions https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/completions.md
description: Learn how to generate or manipulate text, including code by using a completion endpoint in Azure OpenAI Service. --+ Last updated 08/15/2023
ai-services Content Filters https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/content-filters.md
description: Learn how to use content filters (preview) with Azure OpenAI Service --+ Last updated 6/5/2023
ai-services Create Resource https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/create-resource.md
description: Learn how to get started with Azure OpenAI Service and create your first resource and deploy your first model in the Azure CLI or the Azure portal. --+ Last updated 08/25/2023
ai-services Embeddings https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/embeddings.md
description: Learn how to generate embeddings with Azure OpenAI --+ Last updated 9/12/2023
ai-services Fine Tuning https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/fine-tuning.md
description: Learn how to create your own customized model with Azure OpenAI Service by using Python, the REST APIs, or Azure OpenAI Studio. --+ Last updated 09/01/2023
ai-services Function Calling https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/function-calling.md
description: Learn how to use function calling with the GPT-35-Turbo and GPT-4 models --+ Last updated 07/20/2023
ai-services Integrate Synapseml https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/integrate-synapseml.md
description: Learn how to integrate Azure OpenAI Service with SynapseML and Apache Spark to apply large language models at a distributed scale. --+ Last updated 09/01/2023
ai-services Manage Costs https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/manage-costs.md
description: Learn how to plan for and manage costs for Azure OpenAI by using co
--+ Last updated 08/22/2023
ai-services Managed Identity https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/managed-identity.md
Title: How to configure Azure OpenAI Service with managed identities description: Provides guidance on how to set managed identity with Azure Active Directory--+ Last updated 06/24/2022
ai-services Monitoring https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/monitoring.md
Title: Monitoring Azure OpenAI Service
description: Learn how to use Azure Monitor tools like Log Analytics to capture and analyze metrics and data logs for your Azure OpenAI Service resources. --+ Last updated 09/07/2023
ai-services Prepare Dataset https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/prepare-dataset.md
description: Learn how to prepare your dataset for fine-tuning --+ Last updated 06/24/2022
ai-services Quota https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/quota.md
description: Learn how to use Azure OpenAI to control your deployments rate limi
--+ Last updated 08/01/2023
ai-services Role Based Access Control https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/role-based-access-control.md
description: Learn how to use Azure RBAC for managing individual access to Azure
--+ Last updated 08/30/2022
ai-services Switching Endpoints https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/switching-endpoints.md
description: Learn about the changes you need to make to your code to swap back and forth between OpenAI and Azure OpenAI endpoints. --+ Last updated 07/20/2023
ai-services Work With Code https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/how-to/work-with-code.md
description: Learn how to use the Codex models on Azure OpenAI to handle a variety of coding tasks --+ Last updated 06/24/2022
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/overview.md
description: Apply advanced language models to variety of use cases with Azure O
--+ Last updated 09/15/2023
ai-services Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/quickstart.md
description: Walkthrough on how to get started with Azure OpenAI and make your first completions call. --+
ai-services Quotas Limits https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/quotas-limits.md
description: Quick reference, detailed description, and best practices on the qu
--+ Last updated 06/08/2023
ai-services Reference https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/reference.md
description: Learn how to use Azure OpenAI's REST API. In this article, you'll learn about authorization options, how to structure a request and receive a response. --+ Last updated 09/15/2023
ai-services Embeddings https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/tutorials/embeddings.md
description: Learn how to use Azure OpenAI's embeddings API for document search with the BillSum dataset --+ Last updated 09/12/2023
ai-services Use Your Data Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/use-your-data-quickstart.md
description: Use this article to import and use your data in Azure OpenAI. --+
ai-services Whats New https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/openai/whats-new.md
description: Learn about the latest news and features updates for Azure OpenAI
--+ Last updated 09/20/2023 recommendations: false
ai-services Concept Active Inactive Events https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concept-active-inactive-events.md
description: This article discusses the use of active and inactive events within
ms.--+ Last updated 02/20/2020
ai-services Concept Active Learning https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concept-active-learning.md
description: Learning settings determine the *hyperparameters* of the model trai
ms.--+ Last updated 02/20/2020
ai-services Concept Apprentice Mode https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concept-apprentice-mode.md
description: Learn how to use apprentice mode to gain confidence in a model with
ms.--+ Last updated 07/26/2022
ai-services Concept Auto Optimization https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concept-auto-optimization.md
description: This article provides a conceptual overview of the auto-optimize fe
ms.--+ Last updated 03/08/2021
ai-services Concept Multi Slot Personalization https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concept-multi-slot-personalization.md
--+ Last updated 05/24/2021
ai-services Concept Rewards https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concept-rewards.md
description: The reward score indicates how well the personalization choice, Rew
ms.--+ Last updated 02/20/2020
ai-services Concepts Exploration https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concepts-exploration.md
description: With exploration, Personalizer is able to continuously deliver good
ms.--+ Last updated 08/28/2022
ai-services Concepts Features https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concepts-features.md
description: Personalizer uses features, information about actions and context,
ms.--+ Last updated 12/28/2022
ai-services Concepts Offline Evaluation https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concepts-offline-evaluation.md
description: This article will explain how to use offline evaluation to measure
ms.--+ Last updated 02/20/2020
ai-services Concepts Reinforcement Learning https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concepts-reinforcement-learning.md
description: Personalizer uses information about actions and current context to
ms.--+ Last updated 05/07/2019
ai-services Concepts Scalability Performance https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/concepts-scalability-performance.md
description: "High-performance and high-traffic websites and applications have t
ms.--+ Last updated 10/24/2019
ai-services Encrypt Data At Rest https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/encrypt-data-at-rest.md
description: Learn about the keys that you use for data-at-rest encryption in Personalizer. See how to use Azure Key Vault to configure customer-managed keys. --+ Last updated 06/02/2022
ai-services How Personalizer Works https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/how-personalizer-works.md
description: The Personalizer _loop_ uses machine learning to build the model th
ms.--+ Last updated 02/18/2020
ai-services How To Create Resource https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/how-to-create-resource.md
description: In this article, learn how to create a personalizer resource in the
ms.--+ Last updated 03/26/2020
ai-services How To Feature Evaluation https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/how-to-feature-evaluation.md
description: When you run a Feature Evaluation in your Personalizer resource fro
ms.--+ Last updated 09/22/2022
ai-services How To Inference Explainability https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/how-to-inference-explainability.md
description: Personalizer can return feature scores in each Rank call to provide
ms.--+ Last updated 09/20/2022
ai-services How To Learning Behavior https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/how-to-learning-behavior.md
description: Apprentice mode gives you confidence in the Personalizer service an
ms.--+ Last updated 07/26/2022
ai-services How To Manage Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/how-to-manage-model.md
description: The machine-learned model and learning settings can be exported for
ms.--+ Last updated 02/20/2020
ai-services How To Multi Slot https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/how-to-multi-slot.md
--+ Last updated 05/24/2021 zone_pivot_groups: programming-languages-set-six
ai-services How To Offline Evaluation https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/how-to-offline-evaluation.md
description: This article will show you how to use offline evaluation to measure
ms.--+ Last updated 02/20/2020
ai-services How To Settings https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/how-to-settings.md
description: Service configuration includes how the service treats rewards, how
ms.--+ Last updated 04/29/2020
ai-services How To Thick Client https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/how-to-thick-client.md
--+ Last updated 09/06/2022
ai-services Quickstart Personalizer Sdk https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/quickstart-personalizer-sdk.md
description: This quickstart shows you how to create and manage a Personalizer l
ms.--+ Last updated 02/02/2023 ms.devlang: csharp, javascript, python
ai-services Responsible Characteristics And Limitations https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/responsible-characteristics-and-limitations.md
description: Characteristics and limitations of Personalizer
--+ Last updated 05/23/2022
ai-services Responsible Data And Privacy https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/responsible-data-and-privacy.md
description: Data and privacy for Personalizer
--+ Last updated 05/23/2022
ai-services Responsible Guidance Integration https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/responsible-guidance-integration.md
description: Guidance for integration and responsible use of Personalizer
--+ Last updated 05/23/2022
ai-services Responsible Use Cases https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/responsible-use-cases.md
description: Transparency Note for Personalizer
--+ Last updated 05/23/2022
ai-services Terminology https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/terminology.md
description: Personalizer uses terminology from reinforcement learning. These te
ms.--+ Last updated 09/16/2022
ai-services Tutorial Use Azure Notebook Generate Loop Data https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/tutorial-use-azure-notebook-generate-loop-data.md
description: This tutorial simulates a Personalizer loop _system in an Azure Not
ms.--+ Last updated 04/27/2020
ai-services Tutorial Use Personalizer Chat Bot https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/tutorial-use-personalizer-chat-bot.md
description: Customize a C# .NET chat bot with a Personalizer loop to provide th
ms.--+ Last updated 05/17/2021 ms.devlang: csharp
ai-services Tutorial Use Personalizer Web App https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/tutorial-use-personalizer-web-app.md
description: Customize a C# .NET web app with a Personalizer loop to provide the
ms.--+ Last updated 06/10/2020 ms.devlang: csharp
ai-services What Is Personalizer https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/what-is-personalizer.md
description: Personalizer is a cloud-based service that allows you to choose the
ms.--+ Last updated 11/17/2022
ai-services Whats New https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/whats-new.md
description: This article contains news about Personalizer.
ms.--+ Last updated 05/28/2021
ai-services Where Can You Use Personalizer https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/personalizer/where-can-you-use-personalizer.md
description: Personalizer can be applied in any situation where your application
ms.--+ Last updated 02/18/2020
ai-services Migrate To Openai https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/qnamaker/How-To/migrate-to-openai.md
Title: Migrate QnA Maker to Azure OpenAI on your data description: Learn how to migrate your QnA Maker projects to Azure OpenAI.--+
ai-services Audio Processing Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/audio-processing-overview.md
description: An overview of audio processing and capabilities of the Microsoft A
--+ Last updated 09/07/2022
ai-services Audio Processing Speech Sdk https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/audio-processing-speech-sdk.md
description: An overview of the features, capabilities, and restrictions for aud
--+ Last updated 09/16/2022
ai-services Bring Your Own Storage Speech Resource Speech To Text https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/bring-your-own-storage-speech-resource-speech-to-text.md
description: Learn how to use Bring your own storage (BYOS) Speech resource with
--+ Last updated 03/28/2023
ai-services Bring Your Own Storage Speech Resource https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/bring-your-own-storage-speech-resource.md
description: Learn how to set up Bring your own storage (BYOS) Speech resource.
--+ Last updated 03/28/2023
ai-services How To Get Speech Session Id https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/how-to-get-speech-session-id.md
description: Learn how to get Speech service Speech to text Session ID and Trans
--+ Last updated 11/29/2022
ai-services Keyword Recognition Guidelines https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/keyword-recognition-guidelines.md
description: An overview of recommendations and guidelines when using keyword re
--+ Last updated 04/30/2021
ai-services Keyword Recognition Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/keyword-recognition-overview.md
description: An overview of the features, capabilities, and restrictions for key
--+ Last updated 04/30/2021
ai-services Logging Audio Transcription https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/logging-audio-transcription.md
description: Learn how to use audio and transcription logging for speech to text
--+ Last updated 03/28/2023
ai-services Sovereign Clouds https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/sovereign-clouds.md
description: Learn how to use Sovereign Clouds
--+ Last updated 05/10/2022
ai-services Speech Service Vnet Service Endpoint https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/speech-service-vnet-service-endpoint.md
description: This article describes how to use Speech service with an Azure Virt
--+ Last updated 03/19/2021
ai-services Speech Services Private Link https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/speech-services-private-link.md
description: Learn how to use Speech service with private endpoints provided by
--+ Last updated 04/07/2021
ai-services Speech Services Quotas And Limits https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/speech-service/speech-services-quotas-and-limits.md
description: Quick reference, detailed description, and best practices on the qu
--+ Last updated 02/17/2023
ai-services Document Translation Flow https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/connector/document-translation-flow.md
description: Use Microsoft Translator V3 connector and Power Automate to create a Document Translation flow. --+ Last updated 07/18/2023
ai-services Text Translator Flow https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/connector/text-translator-flow.md
description: Use Microsoft Translator V3 connector and Power Automate to configure a Text Translation flow. --+ Last updated 07/18/2023
ai-services Deploy User Managed Glossary https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/containers/deploy-user-managed-glossary.md
description: How to deploy a user-managed glossary in the Translator container e
--+ Last updated 08/15/2023
ai-services Translator Container Configuration https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/containers/translator-container-configuration.md
description: The Translator container runtime environment is configured using th
--+ Last updated 07/18/2023
ai-services Translator Container Supported Parameters https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/containers/translator-container-supported-parameters.md
--+ Last updated 07/18/2023
ai-services Translator How To Install Container https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/containers/translator-how-to-install-container.md
description: Use the Docker container for Translator API to translate text.
--+ Last updated 07/18/2023
ai-services Create Translator Resource https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/create-translator-resource.md
--+ Last updated 09/06/2023
ai-services Beginners Guide https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/beginners-guide.md
description: A user guide for understanding the end-to-end customized machine translation process. --+ Last updated 07/18/2023
ai-services Bleu Score https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/concepts/bleu-score.md
description: BLEU is a measurement of the differences between machine translation and human-created reference translations of the same source sentence. --+ Last updated 07/18/2023
ai-services Customization https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/concepts/customization.md
description: Use the Microsoft Translator Hub to build your own machine translat
--+ Last updated 07/18/2023
ai-services Data Filtering https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/concepts/data-filtering.md
description: When you submit documents to be used for training a custom system, the documents undergo a series of processing and filtering steps. --+ Last updated 07/18/2023
ai-services Dictionaries https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/concepts/dictionaries.md
description: How to create an aligned document that specifies a list of phrases or sentences (and their translations) that you always want Microsoft Translator to translate the same way. Dictionaries are sometimes also called glossaries or term bases. --+ Last updated 07/18/2023
ai-services Document Formats Naming Convention https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/concepts/document-formats-naming-convention.md
description: This article is a guide to document formats and naming conventions in Custom Translator to avoid naming conflicts. --+ Last updated 07/18/2023
ai-services Model Training https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/concepts/model-training.md
description: A model is the system, which provides translation for a specific language pair. The outcome of a successful training is a model. To train a model, three mutually exclusive data sets are required training dataset, tuning dataset, and testing dataset. --+ Last updated 07/18/2023
ai-services Parallel Documents https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/concepts/parallel-documents.md
description: Parallel documents are pairs of documents where one is the translation of the other. One document in the pair contains sentences in the source language and the other document contains these sentences translated into the target language. --+ Last updated 07/18/2023
ai-services Sentence Alignment https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/concepts/sentence-alignment.md
description: During the training execution, sentences present in parallel documents are paired or aligned. Custom Translator learns translations one sentence at a time, by reading a sentence and translating it. Then it aligns words and phrases in these two sentences to each other. --+ Last updated 07/18/2023
ai-services Workspace And Project https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/concepts/workspace-and-project.md
description: This article will explain the differences between a workspace and a
--+ Last updated 07/18/2023
ai-services Faq https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/faq.md
description: This article contains answers to frequently asked questions about the Azure AI Translator Custom Translator. --+ Last updated 07/18/2023
ai-services Copy Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/how-to/copy-model.md
description: This article explains how to copy a custom model to another workspace using the Azure AI Translator Custom Translator. --+ Last updated 07/18/2023
ai-services Create Manage Project https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/how-to/create-manage-project.md
description: How to create and manage a project in the Azure AI Translator Custom Translator. --+ Last updated 07/18/2023
ai-services Create Manage Training Documents https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/how-to/create-manage-training-documents.md
description: How to build and upload parallel documents (two documents where one is the origin and the other is the translation) using Custom Translator. --+ Last updated 07/18/2023
ai-services Create Manage Workspace https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/how-to/create-manage-workspace.md
description: How to create and manage workspaces --+ Last updated 07/18/2023
ai-services Enable Vnet Service Endpoint https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/how-to/enable-vnet-service-endpoint.md
description: This article describes how to use Custom Translator service with an
--+ Last updated 08/08/2023
ai-services Publish Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/how-to/publish-model.md
description: This article explains how to publish a custom model using the Azure AI Translator Custom Translator. --+ Last updated 07/18/2023
ai-services Test Your Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/how-to/test-your-model.md
description: How to test your custom model BLEU score and evaluate translations --+ Last updated 07/18/2023
ai-services Train Custom Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/how-to/train-custom-model.md
description: How to train a custom model --+ Last updated 07/18/2023
ai-services Translate With Custom Model https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/how-to/translate-with-custom-model.md
description: How to make translation requests using custom models published with the Azure AI Translator Custom Translator. --+ Last updated 07/18/2023
ai-services Key Terms https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/key-terms.md
description: List of key terms used in Custom Translator articles. --+ Last updated 07/18/2023
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/overview.md
description: Custom Translator offers similar capabilities to what Microsoft Translator Hub does for Statistical Machine Translation (SMT), but exclusively for Neural Machine Translation (NMT) systems. --+ Last updated 07/18/2023
ai-services Platform Upgrade https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/platform-upgrade.md
description: Custom Translator v1.0 upgrade --+ Last updated 07/18/2023
ai-services Quickstart https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/quickstart.md
description: A step-by-step guide to building a translation system using the Custom Translator portal v2. --+ Last updated 07/05/2023
ai-services Release Notes https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/custom-translator/release-notes.md
description: Custom Translator releases, improvements, bug fixes, and known issues. --+ Last updated 07/18/2023
ai-services Document Sdk Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/document-sdk-overview.md
description: Document Translation software development kits (SDKs) expose Document Translation features and capabilities, using C#, Java, JavaScript, and Python programming language. --+ Last updated 07/18/2023
ai-services Faq https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/faq.md
--+ Last updated 07/18/2023
ai-services Create Sas Tokens https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/how-to-guides/create-sas-tokens.md
Title: Create shared access signature (SAS) tokens for storage containers and blobs description: How to create Shared Access Signature tokens (SAS) for containers and blobs with Microsoft Storage Explorer and the Azure portal.--+
ai-services Create Use Glossaries https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/how-to-guides/create-use-glossaries.md
Title: Create and use a glossary with Document Translation description: How to create and use a glossary with Document Translation. --+
ai-services Create Use Managed Identities https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/how-to-guides/create-use-managed-identities.md
description: Understand how to create and use managed identities in the Azure portal --+ Last updated 07/18/2023
ai-services Use Rest Api Programmatically https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/how-to-guides/use-rest-api-programmatically.md
description: "How to create a Document Translation service using C#, Go, Java, N
--+ Last updated 07/18/2023
ai-services Language Studio https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/language-studio.md
description: "Document Translation in Azure AI Language Studio."
--+ Last updated 09/19/2023
ai-services Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/overview.md
description: An overview of the cloud-based batch Document Translation service a
--+ Last updated 07/18/2023
ai-services Document Translation Rest Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/quickstarts/document-translation-rest-api.md
description: "How to create a Document Translation service using C#, Go, Java, N
--+ Last updated 07/18/2023
ai-services Document Translation Sdk https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/quickstarts/document-translation-sdk.md
description: Use the Translator C#/.NET or Python client library (SDK) for cloud
--+ Last updated 07/18/2023
ai-services Cancel Translation https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/reference/cancel-translation.md
--+ Last updated 07/18/2023
ai-services Get Document Status https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/reference/get-document-status.md
--+ Last updated 07/18/2023
ai-services Get Documents Status https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/reference/get-documents-status.md
--+ Last updated 07/18/2023
ai-services Get Supported Document Formats https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/reference/get-supported-document-formats.md
--+ Last updated 07/18/2023
ai-services Get Supported Glossary Formats https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/reference/get-supported-glossary-formats.md
--+ Last updated 07/18/2023
ai-services Get Supported Storage Sources https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/reference/get-supported-storage-sources.md
--+ Last updated 07/18/2023
ai-services Get Translation Status https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/reference/get-translation-status.md
--+ Last updated 07/18/2023
ai-services Get Translations Status https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/reference/get-translations-status.md
--+ Last updated 07/18/2023
ai-services Rest Api Guide https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/reference/rest-api-guide.md
description: View a list of with links to the Document Translation REST APIs.
--+ Last updated 09/07/2023
ai-services Start Translation https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/document-translation/reference/start-translation.md
--+ Last updated 09/07/2023
ai-services Dynamic Dictionary https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/dynamic-dictionary.md
description: This article explains how to use the dynamic dictionary feature of
--+ Last updated 07/18/2023
ai-services Encrypt Data At Rest https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/encrypt-data-at-rest.md
description: Microsoft lets you manage your Azure AI services subscriptions with your own keys, called customer-managed keys (CMK). This article covers data encryption at rest for Translator, and how to enable and manage CMK. --+ Last updated 07/18/2023
ai-services Firewalls https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/firewalls.md
description: Azure AI Translator can translate behind firewalls using either dom
--+ Last updated 07/18/2023
ai-services Language Support https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/language-support.md
description: Azure AI Translator supports the following languages for text to te
--+ Last updated 07/18/2023
ai-services Migrate To V3 https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/migrate-to-v3.md
description: This article provides the steps to help you migrate from V2 to V3 o
--+ Last updated 07/18/2023
ai-services Modifications Deprecations https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/modifications-deprecations.md
description: Translator Service changes, modifications, and deprecations
-+ - Last updated 07/18/2023
ai-services Prevent Translation https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/prevent-translation.md
description: Prevent translation of content with the Translator. The Translator
--+ Last updated 07/18/2023
ai-services Profanity Filtering https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/profanity-filtering.md
description: Use Translator profanity filtering to determine the level of profan
--+ Last updated 07/18/2023
ai-services Quickstart Text Rest Api https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/quickstart-text-rest-api.md
description: "Learn to translate text with the Translator service REST APIs. Exa
--+ Last updated 09/06/2023
ai-services Quickstart Text Sdk https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/quickstart-text-sdk.md
description: "Learn to translate text with the Translator service SDks in a prog
--+ Last updated 09/06/2023
ai-services Rest Api Guide https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/reference/rest-api-guide.md
description: View a list of with links to the Text Translation REST APIs.
--+ Last updated 09/18/2023
ai-services V3 0 Break Sentence https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/reference/v3-0-break-sentence.md
--+ Last updated 07/18/2023
ai-services V3 0 Detect https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/reference/v3-0-detect.md
--+ Last updated 09/19/2023
ai-services V3 0 Dictionary Examples https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/reference/v3-0-dictionary-examples.md
--+ Last updated 09/19/2023
ai-services V3 0 Dictionary Lookup https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/reference/v3-0-dictionary-lookup.md
--+ Last updated 09/19/2023
ai-services V3 0 Languages https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/reference/v3-0-languages.md
--+ Last updated 09/19/2023
ai-services V3 0 Reference https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/reference/v3-0-reference.md
description: Reference documentation for the Translator V3.0. Version 3.0 of the
--+ Last updated 09/19/2023
ai-services V3 0 Translate https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/reference/v3-0-translate.md
--+ Last updated 07/18/2023
ai-services V3 0 Transliterate https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/reference/v3-0-transliterate.md
--+ Last updated 09/18/2023
ai-services Service Limits https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/service-limits.md
description: This article lists service limits for the Translator text and docum
--+ Last updated 07/18/2023
ai-services Sovereign Clouds https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/sovereign-clouds.md
description: Using Translator in sovereign clouds
--+ Last updated 07/18/2023
ai-services Text Sdk Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/text-sdk-overview.md
description: Azure Text Translation software development kits (SDKs) expose Text Translation features and capabilities, using C#, Java, JavaScript, and Python programming language. --+ Last updated 07/18/2023
ai-services Text Translation Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/text-translation-overview.md
description: Integrate the Text Translation API into your applications, websites
-+ - Last updated 07/18/2023
ai-services Translator Faq https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/translator-faq.md
--+ Last updated 07/18/2023
ai-services Translator Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/translator-overview.md
description: Integrate Translator into your applications, websites, tools, and o
-+ - Last updated 07/18/2023
ai-services Translator Text Apis https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/translator-text-apis.md
description: "Learn to translate text, transliterate text, detect language and m
--+ Last updated 07/18/2023
ai-services Whats New https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/whats-new.md
description: Learn of the latest changes to the Translator Service API. --+ Last updated 09/12/2023
ai-services Word Alignment https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/ai-services/translator/word-alignment.md
description: To receive alignment information, use the Translate method and incl
--+ Last updated 07/18/2023
aks Access Private Cluster https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/aks/access-private-cluster.md
Last updated 09/15/2023
# Access a private Azure Kubernetes Service (AKS) cluster
-When you access a private AKS cluster, you must connect to the cluster from the cluster virtual network, from a peered network, or via a configured private endpoint. These approaches require configuring a VPN, Express Route, deploying a *jumpbox* within the cluster virtual network, or creating a private endpoint inside of another virtual network.
+When you access a private AKS cluster, you need to connect to the cluster from the cluster virtual network, a peered network, or a configured private endpoint. These approaches require configuring a VPN, Express Route, deploying a *jumpbox* within the cluster virtual network, or creating a private endpoint inside of another virtual network.
-With the Azure CLI, you can use `command invoke` to access private clusters without the need to configure a VPN or Express Route. `command invoke` allows you to remotely invoke commands, like `kubectl` and `helm`, on your private cluster through the Azure API without directly connecting to the cluster. The `Microsoft.ContainerService/managedClusters/runcommand/action` and `Microsoft.ContainerService/managedclusters/commandResults/read` actions control the permissions for using `command invoke`. With the Azure portal, you can use the `Run command` feature to run commands on your private cluster. The `Run command` feature uses the same `command invoke` functionality to run commands on your cluster.
+With the Azure CLI, you can use `command invoke` to access private clusters without the need to configure a VPN or Express Route. `command invoke` allows you to remotely invoke commands, like `kubectl` and `helm`, on your private cluster through the Azure API without directly connecting to the cluster. The `Microsoft.ContainerService/managedClusters/runcommand/action` and `Microsoft.ContainerService/managedclusters/commandResults/read` actions control the permissions for using `command invoke`.
-## Prerequisites
+With the Azure portal, you can use the `Run command` feature to run commands on your private cluster. The `Run command` feature uses the same `command invoke` functionality to run commands on your cluster.
-* An existing private cluster.
-* The Azure CLI version 2.24.0 or later.
+## Before you begin
+
+Before you begin, make sure you have the following resources and permissions:
+
+* An existing private cluster. If you don't have one, see [Create a private AKS cluster](./private-clusters.md).
+* The Azure CLI version 2.24.0 or later. Run `az --version` to find the version. If you need to install or upgrade, see [Install Azure CLI](/cli/azure/install-azure-cli).
* Access to the `Microsoft.ContainerService/managedClusters/runcommand/action` and `Microsoft.ContainerService/managedclusters/commandResults/read` roles on the cluster. ### Limitations
aks Api Server Vnet Integration https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/aks/api-server-vnet-integration.md
AKS clusters configured with API Server VNet Integration can have public network
--disable-private-cluster ```
+## Connect to cluster using kubectl
+
+* Configure `kubectl` to connect to your cluster using the [`az aks get-credentials`][az-aks-get-credentials] command.
+
+ ```azurecli-interactive
+ az aks get-credentials -g <resource-group> -n <cluster-name>
+ ```
+ ## Next steps For associated best practices, see [Best practices for network connectivity and security in AKS][operator-best-practices-network].
For associated best practices, see [Best practices for network connectivity and
[az-identity-create]: /cli/azure/identity#az-identity-create [az-role-assignment-create]: /cli/azure/role/assignment#az-role-assignment-create [ref-support-levels]: /cli/azure/reference-types-and-status
+[az-aks-get-credentials]: /cli/azure/aks#az-aks-get-credentials
aks Certificate Rotation https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/aks/certificate-rotation.md
Last updated 01/19/2023
# Certificate rotation in Azure Kubernetes Service (AKS)
-Azure Kubernetes Service (AKS) uses certificates for authentication with many of its components. If you have a RBAC-enabled cluster built after March 2022, it's enabled with certificate auto-rotation. Periodically, you may need to rotate those certificates for security or policy reasons. For example, you may have a policy to rotate all your certificates every 90 days.
+Azure Kubernetes Service (AKS) uses certificates for authentication with many of its components. RBAC-enabled clusters created after March 2022 are enabled with certificate auto-rotation. You may need to periodically rotate those certificates for security or policy reasons. For example, you may have a policy to rotate all your certificates every 90 days.
> [!NOTE]
-> Certificate auto-rotation will *only* be enabled by default for RBAC enabled AKS clusters.
+> Certificate auto-rotation is *only* enabled by default for RBAC enabled AKS clusters.
This article shows you how certificate rotation works in your AKS cluster. ## Before you begin
-This article requires that you are running the Azure CLI version 2.0.77 or later. Run `az --version` to find the version. If you need to install or upgrade, see [Install Azure CLI][azure-cli-install].
+This article requires the Azure CLI version 2.0.77 or later. Run `az --version` to find the version. If you need to install or upgrade, see [Install Azure CLI][azure-cli-install].
## AKS certificates, Certificate Authorities, and Service Accounts
-AKS generates and uses the following certificates, Certificate Authorities, and Service Accounts:
+AKS generates and uses the following certificates, Certificate Authorities (CA), and Service Accounts (SA):
-* The AKS API server creates a Certificate Authority (CA) called the Cluster CA.
+* The AKS API server creates a CA called the Cluster CA.
* The API server has a Cluster CA, which signs certificates for one-way communication from the API server to kubelets.
-* Each kubelet also creates a Certificate Signing Request (CSR), which is signed by the Cluster CA, for communication from the kubelet to the API server.
+* Each kubelet creates a Certificate Signing Request (CSR), which the Cluster CA signs, for communication from the kubelet to the API server.
* The API aggregator uses the Cluster CA to issue certificates for communication with other APIs. The API aggregator can also have its own CA for issuing those certificates, but it currently uses the Cluster CA.
-* Each node uses a Service Account (SA) token, which is signed by the Cluster CA.
+* Each node uses an SA token, which the Cluster CA signs.
* The `kubectl` client has a certificate for communicating with the AKS cluster.
-Certificates mentioned above are maintained by Microsoft, except the cluster certificate, which you have to maintain.
+Microsoft maintains all certificates mentioned in this section, except for the cluster certificate.
> [!NOTE]
-> AKS clusters created prior to May 2019 have certificates that expire after two years. Any cluster created after May 2019 or any cluster that has its certificates rotated have Cluster CA certificates that expire after 30 years. All other AKS certificates, which use the Cluster CA for signing, will expire after two years and are automatically rotated during an AKS version upgrade which happened after 8/1/2021. To verify when your cluster was created, use `kubectl get nodes` to see the *Age* of your node pools.
>
-> Additionally, you can check the expiration date of your cluster's certificate. For example, the following bash command displays the client certificate details for the *myAKSCluster* cluster in resource group *rg*:
-> ```console
-> kubectl config view --raw -o jsonpath="{.users[?(@.name == 'clusterUser_rg_myAKSCluster')].user.client-certificate-data}" | base64 -d | openssl x509 -text | grep -A2 Validity
-> ```
+> * **AKS clusters created *before* May 2019** have certificates that expire after two years.
+> * **AKS clusters created *after* May 2019** have Cluster CA certificates that expire after 30 years.
+>
+> You can verify when your cluster was created using the `kubectl get nodes` command, which shows you the *Age* of your node pools.
-To check expiration date of apiserver certificate, run the following command:
+## Check certificate expiration dates
-```console
-curl https://{apiserver-fqdn} -k -v 2>&1 |grep expire
-```
+### Check cluster certificate expiration date
-To check the expiration date of certificate on VMAS agent node, run the following command:
+* Check the expiration date of the cluster certificate using the `kubectl config view` command.
-```azurecli
-az vm run-command invoke -g MC_rg_myAKSCluster_region -n vm-name --command-id RunShellScript --query 'value[0].message' -otsv --scripts "openssl x509 -in /etc/kubernetes/certs/apiserver.crt -noout -enddate"
-```
+ ```console
+ kubectl config view --raw -o jsonpath="{.users[?(@.name == 'clusterUser_rg_myAKSCluster')].user.client-certificate-data}" | base64 -d | openssl x509 -text | grep -A2 Validity
+ ```
-To check expiration date of certificate on one virtual machine scale set agent node, run the following command:
+### Check API server certificate expiration date
-```azurecli
-az vmss run-command invoke --resource-group "MC_rg_myAKSCluster_region" --name "vmss-name " --command-id RunShellScript --instance-id 1 --scripts "openssl x509 -in /etc/kubernetes/certs/apiserver.crt -noout -enddate" --query "value[0].message"
-```
+* Check the expiration date of the API server certificate using the following `curl` command.
-## Certificate Auto Rotation
+ ```console
+ curl https://{apiserver-fqdn} -k -v 2>&1 |grep expire
+ ```
-For AKS to automatically rotate non-CA certificates, the cluster must have [TLS Bootstrapping](https://kubernetes.io/docs/reference/access-authn-authz/kubelet-tls-bootstrapping/) which has been enabled by default in all Azure regions.
+### Check VMAS agent node certificate expiration date
-> [!NOTE]
-> If you have an existing cluster you have to upgrade that cluster to enable Certificate Auto-Rotation.
-> Do not disable bootstrap to keep your auto-rotation enabled.
+* Check the expiration date of the VMAS agent node certificate using the `az vm run-command invoke` command.
-> [!NOTE]
-> If the cluster is in a stopped state during the auto certificate rotation only the control plane certificates are rotated. In this case the nodepool should be recreated, after certificate rotation, in order to initiate the nodepool certificate rotation.
+ ```azurecli-interactive
+ az vm run-command invoke -g MC_rg_myAKSCluster_region -n vm-name --command-id RunShellScript --query 'value[0].message' -otsv --scripts "openssl x509 -in /etc/kubernetes/certs/apiserver.crt -noout -enddate"
+ ```
-For any AKS clusters created or upgraded after March 2022 Azure Kubernetes Service will automatically rotate non-CA certificates on both the control plane and agent nodes within 80% of the client certificate valid time, before they expire with no downtime for the cluster.
+### Check Virtual Machine Scale Set agent node certificate expiration date
-### How to check whether current agent node pool is TLS Bootstrapping enabled?
+* Check the expiration date of the Virtual Machine Scale Set agent node certificate using the `az vm run-command invoke` command.
-To verify if TLS Bootstrapping is enabled on your cluster browse to the following paths:
+ ```azurecli-interactive
+ az vmss run-command invoke --resource-group "MC_rg_myAKSCluster_region" --name "vmss-name" --command-id RunShellScript --instance-id 1 --scripts "openssl x509 -in /etc/kubernetes/certs/apiserver.crt -noout -enddate" --query "value[0].message"
+ ```
-* On a Linux node: */var/lib/kubelet/bootstrap-kubeconfig* or */host/var/lib/kubelet/bootstrap-kubeconfig*
-* On a Windows node: *C:\k\bootstrap-config*
+## Certificate Auto Rotation
-To access agent nodes, see [Connect to Azure Kubernetes Service cluster nodes for maintenance or troubleshooting][aks-node-access] for more information.
+For AKS to automatically rotate non-CA certificates, the cluster must have [TLS Bootstrapping](https://kubernetes.io/docs/reference/access-authn-authz/kubelet-tls-bootstrapping/), which is enabled by default in all Azure regions.
> [!NOTE]
-> The file path may change as Kubernetes version evolves in the future.
+>
+> * If you have an existing cluster, you have to upgrade that cluster to enable Certificate Auto Rotation.
+> * Don't disable Bootstrap to keep auto rotation enabled.
+> * If the cluster is in a stopped state during the auto certificate rotation, only the control plane certificates are rotated. In this case, you should recreate the node pool after certificate rotation to initiate the node pool certificate rotation.
-Once a region is configured, create a new cluster or upgrade an existing cluster with `az aks upgrade` to set that cluster for auto-certificate rotation. A control plane and node pool upgrade is needed to enable this feature.
+For any AKS clusters created or upgraded after March 2022, Azure Kubernetes Service automatically rotates non-CA certificates on both the control plane and agent nodes within 80% of the client certificate valid time before they expire with no downtime for the cluster.
-```azurecli
-az aks upgrade -g $RESOURCE_GROUP_NAME -n $CLUSTER_NAME
-```
+### How to check whether current agent node pool is TLS Bootstrapping enabled?
-### Limitation
+1. Verify if your cluster has TLS Bootstrapping enabled by browsing to one to the following paths:
-Certificate auto-rotation will only be enabled by default for RBAC enabled AKS clusters.
+ * On a Linux node: */var/lib/kubelet/bootstrap-kubeconfig* or */host/var/lib/kubelet/bootstrap-kubeconfig*
+ * On a Windows node: *C:\k\bootstrap-config*
+
+ For more information, see [Connect to Azure Kubernetes Service cluster nodes for maintenance or troubleshooting][aks-node-access].
+
+ > [!NOTE]
+ > The file path may change as Kubernetes versions evolve.
+
+2. Once a region is configured, create a new cluster or upgrade an existing cluster to set auto rotation for the cluster certificate. You need to upgrade the control plane and node pool to enable this feature.
## Manually rotate your cluster certificates > [!WARNING]
-> Rotating your certificates using `az aks rotate-certs` will recreate all of your nodes, VM scale set and their Disks and can cause up to 30 minutes of downtime for your AKS cluster.
+> Rotating your certificates using `az aks rotate-certs` recreates all of your nodes, Virtual Machine Scale Sets and Disks and can cause up to *30 minutes of downtime* for your AKS cluster.
-Use [az aks get-credentials][az-aks-get-credentials] to sign in to your AKS cluster. This command also downloads and configures the `kubectl` client certificate on your local machine.
+1. Connect to your cluster using the [`az aks get-credentials`][az-aks-get-credentials] command.
-```azurecli
-az aks get-credentials -g $RESOURCE_GROUP_NAME -n $CLUSTER_NAME
-```
+ ```azurecli-interactive
+ az aks get-credentials -g $RESOURCE_GROUP_NAME -n $CLUSTER_NAME
+ ```
-Use `az aks rotate-certs` to rotate all certificates, CAs, and SAs on your cluster.
+2. Rotate all certificates, CAs, and SAs on your cluster using the [`az aks rotate-certs`][az-aks-rotate-certs] command.
-```azurecli
-az aks rotate-certs -g $RESOURCE_GROUP_NAME -n $CLUSTER_NAME
-```
+ ```azurecli-interactive
+ az aks rotate-certs -g $RESOURCE_GROUP_NAME -n $CLUSTER_NAME
+ ```
-> [!IMPORTANT]
-> It may take up to 30 minutes for `az aks rotate-certs` to complete. If the command fails before completing, use `az aks show` to verify the status of the cluster is *Certificate Rotating*. If the cluster is in a failed state, rerun `az aks rotate-certs` to rotate your certificates again.
+ > [!IMPORTANT]
+ > It may take up to 30 minutes for `az aks rotate-certs` to complete. If the command fails before completing, use `az aks show` to verify the status of the cluster is *Certificate Rotating*. If the cluster is in a failed state, rerun `az aks rotate-certs` to rotate your certificates again.
-Verify that the old certificates aren't valid by running any `kubectl` command. If you haven't updated the certificates used by `kubectl`, you'll see an error similar to the following example:
+3. Verify the old certificates are no longer valid using any `kubectl` command, such as `kubectl get nodes`.
-```console
-kubectl get nodes
-Unable to connect to the server: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "ca")
-```
+ ```azurecli-interactive
+ kubectl get nodes
+ ```
-To update the certificate used by `kubectl`, run the [az aks get-credentials][az-aks-get-credentials] command:
+ If you haven't updated the certificates used by `kubectl`, you see an error similar to the following example output:
-```azurecli
-az aks get-credentials -g $RESOURCE_GROUP_NAME -n $CLUSTER_NAME --overwrite-existing
-```
+ ```output
+ Unable to connect to the server: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "ca")
+ ```
-To verify the certificates have been updated, run the following [kubectl get][kubectl-get] command:
+4. Update the certificate used by `kubectl` using the [`az aks get-credentials`][az-aks-get-credentials] command with the `--overwrite-existing` flag.
-```console
-kubectl get nodes
-```
+ ```azurecli-interactive
+ az aks get-credentials -g $RESOURCE_GROUP_NAME -n $CLUSTER_NAME --overwrite-existing
+ ```
-> [!NOTE]
-> If you have any services that run on top of AKS, you might need to update their certificates.
+5. Verify the certificates have been updated using the [`kubectl get`][kubectl-get] command.
+
+ ```azurecli-interactive
+ kubectl get nodes
+ ```
+
+ > [!NOTE]
+ > If you have any services that run on top of AKS, you might need to update their certificates.
## Next steps
-This article showed you how to automatically rotate your cluster's certificates, CAs, and SAs. You can see [Best practices for cluster security and upgrades in Azure Kubernetes Service (AKS)][aks-best-practices-security-upgrades] for more information on AKS security best practices.
+This article showed you how to automatically rotate your cluster certificates, CAs, and SAs. For more information, see [Best practices for cluster security and upgrades in Azure Kubernetes Service (AKS)][aks-best-practices-security-upgrades].
+<!-- LINKS - internal -->
[azure-cli-install]: /cli/azure/install-azure-cli [az-aks-get-credentials]: /cli/azure/aks#az_aks_get_credentials
-[az-get]: https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#get
-[az-extension-add]: /cli/azure/extension#az_extension_add
-[az-extension-update]: /cli/azure/extension#az_extension_update
[aks-best-practices-security-upgrades]: operator-best-practices-cluster-security.md [aks-node-access]: ./node-access.md
+[az-aks-rotate-certs]: /cli/azure/aks#az_aks_rotate_certs
+
+<!-- LINKS - external -->
+[kubectl-get]: https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#get
aks Configure Kube Proxy https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/aks/configure-kube-proxy.md
Title: Configure kube-proxy (iptables/IPVS) (preview)
+ Title: Configure kube-proxy (iptables/IPVS) (Preview)
description: Learn how to configure kube-proxy to utilize different load balancing configurations with Azure Kubernetes Service (AKS). Previously updated : 10/25/2022 Last updated : 09/25/2023 #Customer intent: As a cluster operator, I want to utilize a different kube-proxy configuration.
-# Configure `kube-proxy` in Azure Kubernetes Service (AKS) (preview)
+# Configure `kube-proxy` in Azure Kubernetes Service (AKS) (Preview)
-`kube-proxy` is a component of Kubernetes that handles routing traffic for services within the cluster. There are two backends available for Layer 3/4 load balancing in upstream `kube-proxy` - iptables and IPVS.
+`kube-proxy` is a component of Kubernetes that handles routing traffic for services within the cluster. There are two backends available for Layer 3/4 load balancing in upstream `kube-proxy`: iptables and IPVS.
-- iptables is the default backend utilized in the majority of Kubernetes clusters. It is simple and well supported, but is not as efficient or intelligent as IPVS.-- IPVS utilizes the Linux Virtual Server, a layer 3/4 load balancer built into the Linux kernel. IPVS provides a number of advantages over the default iptables configuration, including state awareness, connection tracking, and more intelligent load balancing.
+- **iptables** is the default backend utilized in the majority of Kubernetes clusters. It's simple and well-supported, but not as efficient or intelligent as IPVS.
+- **IPVS** uses the Linux Virtual Server, a layer 3/4 load balancer built into the Linux kernel. IPVS provides a number of advantages over the default iptables configuration, including state awareness, connection tracking, and more intelligent load balancing. IPVS *doesn't support Azure Network Policy*.
-The AKS managed `kube-proxy` DaemonSet can also be disabled entirely if that is desired to support [bring-your-own CNI][aks-byo-cni].
+For more information, see the [Kubernetes documentation on kube-proxy](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/).
-## Prerequisites
-
-* Azure CLI with aks-preview extension 0.5.105 or later.
-* If using ARM or the REST API, the AKS API version must be 2022-08-02-preview or later.
-
-## Install the aks-preview Azure CLI extension
+> [!NOTE]
+> If you want, you can disable the AKS-managed `kube-proxy` DaemonSet to support [bring-your-own CNI][aks-byo-cni].
[!INCLUDE [preview features callout](includes/preview/preview-callout.md)]
-To install the aks-preview extension, run the following command:
-
-```azurecli-interactive
-az extension add --name aks-preview
-```
+## Before you begin
-Run the following command to update to the latest version of the extension released:
+- If using the Azure CLI, you need the `aks-preview` extension. See [Install the `aks-preview` Azure CLI extension](#install-the-aks-preview-azure-cli-extension).
+- If using ARM or the REST API, the AKS API version must be *2022-08-02-preview or later*.
+- You need to register the `KubeProxyConfigurationPreview` feature flag. See [Register the `KubeProxyConfigurationPreview` feature flag](#register-the-kubeproxyconfigurationpreview-feature-flag).
-```azurecli-interactive
-az extension update --name aks-preview
-```
+### Install the `aks-preview` Azure CLI extension
-## Register the 'KubeProxyConfigurationPreview' feature flag
+1. Install the `aks-preview` extension using the [`az extension add`][az-extension-add] command.
-Register the `KubeProxyConfigurationPreview` feature flag by using the [az feature register][az-feature-register] command, as shown in the following example:
+ ```azurecli-interactive
+ az extension add --name aks-preview
+ ```
-```azurecli-interactive
-az feature register --namespace "Microsoft.ContainerService" --name "KubeProxyConfigurationPreview"
-```
+2. Update to the latest version of the extension using the [`az extension update`][az-extension-update] command.
-It takes a few minutes for the status to show *Registered*. Verify the registration status by using the [az feature show][az-feature-show] command:
+ ```azurecli-interactive
+ az extension update --name aks-preview
+ ```
-```azurecli-interactive
-az feature show --namespace "Microsoft.ContainerService" --name "KubeProxyConfigurationPreview"
-```
+### Register the `KubeProxyConfigurationPreview` feature flag
-When the status reflects *Registered*, refresh the registration of the *Microsoft.ContainerService* resource provider by using the [az provider register][az-provider-register] command:
+1. Register the `KubeProxyConfigurationPreview` feature flag using the [`az feature register`][az-feature-register] command.
-```azurecli-interactive
-az provider register --namespace Microsoft.ContainerService
-```
+ ```azurecli-interactive
+ az feature register --namespace "Microsoft.ContainerService" --name "KubeProxyConfigurationPreview"
+ ```
-## Configurable options
+ It takes a few minutes for the status to show *Registered*.
-The full `kube-proxy` configuration structure can be found in the [AKS Cluster Schema][aks-schema-kubeproxyconfig].
+2. Verify the registration status using the [`az feature show`][az-feature-show] command.
-- `enabled` - whether or not to deploy the `kube-proxy` DaemonSet. Defaults to true.-- `mode` - can be set to `IPTABLES` or `IPVS`. Defaults to `IPTABLES`.-- `ipvsConfig` - if `mode` is `IPVS`, this object contains IPVS-specific configuration properties.
- - `scheduler` - which connection scheduler to utilize. Supported values:
- - `LeastConnection` - sends connections to the backend pod with the fewest connections
- - `RoundRobin` - distributes connections evenly between backend pods
- - `tcpFinTimeoutSeconds` - the value used for timeout after a FIN has been received in a TCP session
- - `tcpTimeoutSeconds` - the value used for timeout length for idle TCP sessions
- - `udpTimeoutSeconds` - the value used for timeout length for idle UDP sessions
+ ```azurecli-interactive
+ az feature show --namespace "Microsoft.ContainerService" --name "KubeProxyConfigurationPreview"
+ ```
-> [!NOTE]
-> IPVS load balancing operates in each node independently and is still only aware of connections flowing through the local node. This means that while `LeastConnection` results in more even load under higher number of connections, when low numbers of connections (# connects < 2 * node count) occur traffic may still be relatively unbalanced.
-
-## Utilize `kube-proxy` configuration in a new or existing AKS cluster using Azure CLI
+3. When the status reflects *Registered*, refresh the registration of the *Microsoft.ContainerService* resource provider using the [`az provider register`][az-provider-register] command.
-`kube-proxy` configuration is a cluster-wide setting. No action is needed to update your services.
-
->[!WARNING]
-> Changing the kube-proxy configuration may cause a slight interruption in cluster service traffic flow.
+ ```azurecli-interactive
+ az provider register --namespace Microsoft.ContainerService
+ ```
-To begin, create a JSON configuration file with the desired settings:
+## `kube-proxy` configuration options
-### Create a configuration file
+You can view the full `kube-proxy` configuration structure in the [AKS Cluster Schema][aks-schema-kubeproxyconfig].
-```json
-{
- "enabled": true,
- "mode": "IPVS",
- "ipvsConfig": {
- "scheduler": "LeastConnection",
- "TCPTimeoutSeconds": 900,
- "TCPFINTimeoutSeconds": 120,
- "UDPTimeoutSeconds": 300
- }
-}
-```
+- **`enabled`**: Determines deployment of the `kube-proxy` DaemonSet. Defaults to `true`.
+- **`mode`**: You can set to either `IPTABLES` or `IPVS`. Defaults to `IPTABLES`.
+- **`ipvsConfig`**: If `mode` is `IPVS`, this object contains IPVS-specific configuration properties.
+ - **`scheduler`**: Determines which connection scheduler to use. Supported values include:
+ - **`LeastConnection`**: Sends connections to the backend pod with the fewest connections.
+ - **`RoundRobin`**: Evenly distributes connections between backend pods.
+ - **`tcpFinTimeoutSeconds`**: Sets the timeout length value after a TCP session receives a FIN.
+ - **`tcpTimeoutSeconds`**: Sets the timeout length value for idle TCP sessions.
+ - **`udpTimeoutSeconds`**: Sets the timeout length value for idle UDP sessions.
-### Deploy a new cluster
-
-Deploy your cluster using `az aks create` and pass in the configuration file:
-
-```bash
-az aks create -g <resourceGroup> -n <clusterName> --kube-proxy-config kube-proxy.json
-```
-
-### Update an existing cluster
-
-Configure your cluster using `az aks update` and pass in the configuration file:
+> [!NOTE]
+> IPVS load balancing operates in each node independently and is only aware of connections flowing through the local node. This means that while `LeastConnection` results in a more even load under a higher number of connections, when a low amount of connections (# connects < 2 * node count) occur, traffic may be relatively unbalanced
-```bash
-az aks update -g <resourceGroup> -n <clusterName> --kube-proxy-config kube-proxy.json
-```
+## Use `kube-proxy` in a new or existing AKS cluster
-### Limitations
+`kube-proxy` configuration is a cluster-wide setting. You don't need to update your services.
-When using kube-proxy IPVS, the following restrictions apply:
+> [!WARNING]
+> Changing the kube-proxy configuration may cause a slight interruption in cluster service traffic flow.
-- Azure Network Policy is not supported.
+1. Create a configuration file with the desired `kube-proxy` configuration. For example, the following configuration enables IPVS with the `LeastConnection` scheduler and sets the TCP timeout to 900 seconds.
+
+ ```json
+ {
+ "enabled": true,
+ "mode": "IPVS",
+ "ipvsConfig": {
+ "scheduler": "LeastConnection",
+ "TCPTimeoutSeconds": 900,
+ "TCPFINTimeoutSeconds": 120,
+ "UDPTimeoutSeconds": 300
+ }
+ }
+ ```
+
+2. Create a new cluster or update an existing cluster with the configuration file using the [`az aks create`][az-aks-create] or [`az aks update`][az-aks-update] command with the `--kube-proxy-config` parameter set to the configuration file.
+
+ ```azurecli-interactive
+ # Create a new cluster
+ az aks create -g <resourceGroup> -n <clusterName> --kube-proxy-config kube-proxy.json
+
+ # Update an existing cluster
+ az aks update -g <resourceGroup> -n <clusterName> --kube-proxy-config kube-proxy.json
+ ```
## Next steps
-Learn more about utilizing the Standard Load Balancer for inbound traffic at the [AKS Standard Load Balancer documentation](load-balancer-standard.md).
-
-Learn more about using Internal Load Balancer for Inbound traffic at the [AKS Internal Load Balancer documentation](internal-lb.md).
+This article covered how to configure `kube-proxy` in Azure Kubernetes Service (AKS). To learn more about load balancing in AKS, see the following articles:
-Learn more about Kubernetes services at the [Kubernetes services documentation][kubernetes-services].
+- [Use a standard public load balancer in AKS](load-balancer-standard.md)
+- [Use an internal load balancer in AKS](internal-lb.md)
<!-- LINKS - External -->
-[kubernetes-services]: https://kubernetes.io/docs/concepts/services-networking/service/
[aks-schema-kubeproxyconfig]: /azure/templates/microsoft.containerservice/managedclusters?pivots=deployment-language-bicep#containerservicenetworkprofilekubeproxyconfig <!-- LINKS - Internal -->
Learn more about Kubernetes services at the [Kubernetes services documentation][
[az-provider-register]: /cli/azure/provider#az-provider-register [az-feature-register]: /cli/azure/feature#az-feature-register [az-feature-show]: /cli/azure/feature#az-feature-show
+[az-extension-add]: /cli/azure/extension#az-extension-add
+[az-extension-update]: /cli/azure/extension#az-extension-update
+[az-aks-create]: /cli/azure/aks#az-aks-create
+[az-aks-update]: /cli/azure/aks#az-aks-update
aks Csi Secrets Store Identity Access https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/aks/csi-secrets-store-identity-access.md
Before you begin, you must have the following prerequisites:
## Access with a user-assigned managed identity
-1. Access your key vault using the [`az aks show`][az-aks-show] command and the user-assigned managed identity you created when you [enabled a managed identity on your AKS cluster][use-managed-identity].
+1. Access your key vault using the [`az aks show`][az-aks-show] command and the user-assigned managed identity created by the add-on when you [enabled the Azure Key Vault Provider for Secrets Store CSI Driver on your AKS Cluster](./csi-secrets-store-driver.md#create-an-aks-cluster-with-azure-key-vault-provider-for-secrets-store-csi-driver-support).
```azurecli-interactive az aks show -g <resource-group> -n <cluster-name> --query addonProfiles.azureKeyvaultSecretsProvider.identity.clientId -o tsv
aks Quick Kubernetes Deploy Terraform https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/aks/learn/quick-kubernetes-deploy-terraform.md
In this article, you learn how to:
- **Kubernetes command-line tool (kubectl):** [Download kubectl](https://kubernetes.io/releases/download/).
+## Login to your Azure Account
++ ## Implement the Terraform code > [!NOTE]
aks Limit Egress Traffic https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/aks/limit-egress-traffic.md
You need to configure Azure Firewall inbound and outbound rules. The main purpos
Azure automatically routes traffic between Azure subnets, virtual networks, and on-premises networks. If you want to change any of Azure's default routing, you can create a route table.
+> [!IMPORTANT]
+> Outbound type of UDR requires a route for 0.0.0.0/0 and a next hop destination of NVA in the route table.
+> The route table already has a default 0.0.0.0/0 to the Internet. Without a public IP address for Azure to use for Source Network Address Translation (SNAT), simply adding this route won't provide you outbound Internet connectivity. AKS validates that you don't create a 0.0.0.0/0 route pointing to the Internet but instead to a gateway, NVA, etc.
+> When using an outbound type of UDR, a load balancer public IP address for **inbound requests** isn't created unless you configure a service of type *loadbalancer*. AKS never creates a public IP address for **outbound requests** if you set an outbound type of UDR.
+> For more information, see [Outbound rules for Azure Load Balancer](../load-balancer/outbound-rules.md#scenario6out).
+ 1. Create an empty route table to be associated with a given subnet using the [`az network route-table create`][az-network-route-table-create] command. The route table will define the next hop as the Azure Firewall created above. Each subnet can have zero or one route table associated to it. ```azurecli
api-management Self Hosted Gateway Enable Azure Ad https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/api-management/self-hosted-gateway-enable-azure-ad.md
Assign the API Management Configuration API Access Validator Service Role to the
Create a new Azure AD app. For steps, see [Create an Azure Active Directory application and service principal that can access resources](../active-directory/develop/howto-create-service-principal-portal.md). This app will be used by the self-hosted gateway to authenticate to the API Management instance.
-* Generate a [client secret](../active-directory/develop/howto-create-service-principal-portal.md#option-3-create-a-new-application-secret)
+* Generate a [client secret](../active-directory/develop/howto-create-service-principal-portal.md#option-3-create-a-new-client-secret)
* Take note of the following application values for use in the next section when deploying the self-hosted gateway: application (client) ID, directory (tenant) ID, and client secret #### Step 2: Assign API Management Gateway Configuration Reader Service Role
attestation Quickstart Terraform https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/attestation/quickstart-terraform.md
Previously updated : 07/26/2023 Last updated : 09/25/2023 content_well_notification: - AI-contribution # Quickstart: Create an Azure Attestation provider by using Terraform
-[Microsoft Azure Attestation](overview.md) is a solution for attesting Trusted Execution Environments (TEEs). This quickstart focuses on the process of deploying a Bicep file to create a Microsoft Azure Attestation policy.
+[Microsoft Azure Attestation](overview.md) is a solution for attesting Trusted Execution Environments (TEEs). This quickstart focuses on the process of creating a Microsoft Azure Attestation policy using Terraform.
In this article, you learn how to:
automation Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/automation/update-management/overview.md
# Update Management overview > [!Important]
-> - Automation Update management relies on [Log Analytics agent](../../azure-monitor/agents/log-analytics-agent.md) (aka MMA agent), which is on a deprecation path and wonΓÇÖt be supported after **August 31, 2024**.
-> - [Azure Update Manager](../../update-center/overview.md) (AUM) is the v2 version of Automation Update management and the future of Update management in Azure. AUM is a native service in Azure and does not rely on [Log Analytics agent](../../azure-monitor/agents/log-analytics-agent.md) or [Azure Monitor agent](../../azure-monitor/agents/agents-overview.md).
-> - Follow [guidance](../../update-center/guidance-migration-automation-update-management-azure-update-manager.md) to migrate machines and schedules from Automation Update Management to Azure Update Manager.
-> - If you are using Automation Update Management, we recommend that you continue to use the Log Analytics agent and *not* migrate to the Azure Monitor agent until machines and schedules are migrated to Azure Update Manager.
-> - The Log Analytics agent wouldn't be deprecated before moving all Automation Update Management customers to Update Manager.
+> Azure Log Analytics agent, also known as the Microsoft Monitoring Agent (MMA) will be [retired in August 2024](https://azure.microsoft.com/updates/were-retiring-the-log-analytics-agent-in-azure-monitor-on-31-august-2024/). Azure Automation Update Management solution relies on this agent and may encounter issues once the agent is retired as it does not work with Azure Monitoring Agent (AMA). Therefore, if you are using the Azure Automation Update Management solution, we recommend that you move to Azure Update Manager for your software update needs. All the capabilities of Azure Automation Update management solution will be available on Azure Update Manager before the retirement date. Follow the [guidance](../../update-center/guidance-migration-automation-update-management-azure-update-manager.md) to move your machines and schedules from Automation Update Management to Azure Update Manager.
You can use Update Management in Azure Automation to manage operating system updates for your Windows and Linux virtual machines in Azure, physical or VMs in on-premises environments, and in other cloud environments. You can quickly assess the status of available updates and manage the process of installing required updates for your machines reporting to Update Management.
azure-functions Functions Host Json V1 https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-functions/functions-host-json-v1.md
Configuration setting for the [SendGrind output binding](functions-bindings-send
Configuration setting for [Service Bus triggers and bindings](functions-bindings-service-bus.md). ```json
-{
+{ "extensions":
"serviceBus": { "maxConcurrentCalls": 16, "prefetchCount": 100,
azure-functions Update Java Versions https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-functions/update-java-versions.md
+
+ Title: Update Java versions in Azure Functions
+description: Learn how to update an existing function app in Azure Functions to run on a new version of Java.
+ Last updated : 09/14/2023
+zone_pivot_groups: app-service-platform-windows-linux
++
+# Update Java versions in Azure Functions
+
+The Azure Functions supports specific versions of Java. This support changes based on the support or Java versions. As these supported versions change, you need to update your Java function apps. You may also want to update your apps to take advantage of features in newer supported version of Java. For more information, see [Supported versions](functions-reference-java.md#supported-versions) in the Java developer guide.
+
+The way that you update your function app depends on whether you run on Windows or Linux. This version is for Windows. Choose your OS at the [top](#top) of the article.
+The way that you update your function app depends on whether you run on Windows or Linux. This version is for Linux. Choose your OS at the [top](#top) of the article.
+
+## Prepare to update
+
+Before you update the Java version in Azure, you should complete these tasks:
+
+### 1. Verify your functions locally
+
+Before upgrading the Java version used by your function app in Azure, make sure that you have fully tested and verified your function code locally on the new target version of Java. Examples in this article assume you're updating to Java 17.
+
+### 2. Move to the latest Functions runtime
+
+Before updating your Java version, make sure your function app is running on the latest version of the Functions runtime (version 4.x).
+
+### [Azure portal](#tab/azure-portal)
+
+Use these steps to determine your Functions runtime version:
+
+1. In the [Azure portal](https://portal.azure.com), locate your function app and select **Configuration** on the left-hand side under **Settings**.
+
+1. Select the **Function runtime settings** tab and check the **Runtime version** value to see if your function app is running on version 4.x of the Functions runtime (`~4`).
+
+ :::image type="content" source="media/update-java-versions/update-functions-version-portal.png" alt-text="Screenshot of how to view the Functions runtime version for your app in the Azure portal.":::
+
+### [Azure CLI](#tab/azure-cli)
+
+Use this [`az functionapp config appsettings list`](/cli/azure/functionapp/config/appsettings#az-functionapp-config-appsettings-list) command to check your runtime version:
+
+```azurecli
+az functionapp config appsettings list --name "<FUNCTION_APP_NAME>" --resource-group "<RESOURCE_GROUP_NAME>"
+```
+The `FUNCTIONS_EXTENSION_VERSION` setting sets the runtime version. A value of `~4` means that your function app is already running on the latest minor version of the latest major version (4.x).
+++
+If you need to first update your function app to version 4.x, seeΓÇ»[Migrate apps from Azure Functions version 3.x to version 4.x](./migrate-version-3-version-4.md). You should follow the instructions in this article rather than just manually changing the `FUNCTIONS_EXTENSION_VERSION` setting.
+
+## Update the Java version
+You can use the Azure portal, Azure CLI, or Azure PowerShell to update the Java version for your function app.
+These procedures apply to all [Functions hosting options](./functions-scale.md).
+>[!NOTE]
+> You can't change the Java version in the Azure portal when your function app is running on Linux in a [Consumption plan](./consumption-plan.md). Instead use the Azure CLI.
+### [Azure portal](#tab/azure-portal)
+You can only use these steps for function apps hosted in a [Premium plan](./functions-premium-plan.md) or a [Dedicated (App Service) plan](./dedicated-plan.md). For a [Consumption plan](./consumption-plan.md), you must instead use the Azure CLI.
+Use the following steps to update the Java version:
+
+1. In the [Azure portal](https://portal.azure.com), locate your function app and select **Configuration** on the left-hand side.
+
+1. In the **General settings** tab, update the **Java version** to `Java 17`.
+
+ :::image type="content" source="media/update-java-versions/update-java-version-portal.png" alt-text="Screenshot of how to set the desired Java version for a function app in the Azure portal.":::
+
+1. When notified about a restart, select **Continue**, and then **Save**.
+
+### [Azure CLI](#tab/azure-cli)
+
+You can use the Azure CLI to update the Java version for any hosting plan.
+
+Run the [`az functionapp config set`](/cli/azure/functionapp/config#az-functionapp-config-set) command to update the Java version site setting to `17`:
+
+```azurecli
+az functionapp config set --java-version "17" --name "<APP_NAME>" --resource-group "<RESOURCE_GROUP>"
+```
+Run the [`az functionapp config set`](/cli/azure/functionapp/config#az-functionapp-config-set) command to update the Linux site setting with the new Java version for your function app.
+
+```azurecli
+az functionapp config set --linux-fx-version "java|17" --name "<APP_NAME>" --resource-group "<RESOURCE_GROUP>"
+```
+
+In this example, replace `<APP_NAME>` and `<RESOURCE_GROUP>` with the name of your function app and resource group, respectively.
+++
+Your function app restarts after you update the Java version. To learn more about Functions support for Java, seeΓÇ»[Language runtime support policy](language-support-policy.md).
+
+## Next steps
+
+> [!div class="nextstepaction"]
+> [Java developer guide](./functions-reference-java.md)
+
azure-maps About Azure Maps https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-maps/about-azure-maps.md
Azure Maps consists of the following services that can provide geographic contex
### Data registry service
-Data is imperative for maps. Use the Data registry service to access geospatial data, used with spatial operations or image composition, previously uploaded to your [Azure Storage]. By bringing customer data closer to the Azure Maps service, you reduce latency and increase productivity. For more information on this service, see [Data registry service].
+Data is imperative for maps. Use the Data registry service to access geospatial data, used with spatial operations or image composition, previously uploaded to your [Azure Storage]. By bringing customer data closer to the Azure Maps service, you reduce latency and increase productivity. For more information, see [Data registry] in the Azure Maps REST API documentation.
> [!NOTE] > > **Azure Maps Data service retirement** >
-> The Azure Maps Data service (both [v1] and [v2]) is now deprecated and will be retired on 9/16/24. To avoid service disruptions, all calls to the Data service will need to be updated to use the Azure Maps [Data Registry service] by 9/16/24. For more information, see [How to create data registry].
+> The Azure Maps Data service (both [v1] and [v2]) is now deprecated and will be retired on 9/16/24. To avoid service disruptions, all calls to the Data service will need to be updated to use the Azure Maps [Data registry] service by 9/16/24. For more information, see [How to create data registry].
### Geolocation service Use the Geolocation service to retrieve the two-letter country/region code for an IP address. This service can help you enhance user experience by providing customized application content based on geographic location.
-For more information, see the [Geolocation service] documentation.
+For more information, see [Geolocation] in the Azure Maps REST API documentation.
### Render service
-[Render service] introduces a new version of the [Get Map Tile] API that supports using Azure Maps tiles not only in the Azure Maps SDKs but other map controls as well. It includes raster and vector tile formats, 256x256 or 512x512 tile sizes (where applicable) and numerous map types such as road, weather, contour, or map tiles. For a complete list, see [TilesetID] in the REST API documentation. You're required to display the appropriate copyright attribution on the map anytime you use the Azure Maps Render service, either as basemaps or layers, in any third-party map control. For more information, see [How to use the Get Map Attribution API].
+[Render] service introduces a new version of the [Get Map Tile] API that supports using Azure Maps tiles not only in the Azure Maps SDKs but other map controls as well. It includes raster and vector tile formats, 256x256 or 512x512 tile sizes (where applicable) and numerous map types such as road, weather, contour, or map tiles. For a complete list, see [TilesetID] in the REST API documentation. You're required to display the appropriate copyright attribution on the map anytime you use the Azure Maps Render service, either as basemaps or layers, in any third-party map control. For more information, see [How to use the Get Map Attribution API].
:::image type="content" source="./media/about-azure-maps/intro_map.png" border="false" alt-text="Example of a map from the Render service":::
The Route service offers advanced set features, such as:
* Matrices of travel time and distance between a set of origins and destinations. * Finding routes or distances that users can travel based on time or fuel requirements.
-For more information on routing capabilities, see the [Route service] documentation.
+For more information, see [Route] in the Azure Maps REST API documentation.
### Search service
The Search service also provides advanced features such as:
* Batch a group of search requests. * Search electric vehicle charging stations and Point of Interest (POI) data by brand name.
-For more information on search capabilities, see the [Search service] documentation.
+For more information, see [Search] in the Azure Maps REST API documentation.
### Spatial service The Spatial service quickly analyzes location information to help inform customers of ongoing events happening in time and space. It enables near real-time analysis and predictive modeling of events.
-The service enables customers to enhance their location intelligence with a library of common geospatial mathematical calculations. Common calculations include closest point, great circle distance, and buffers. For more information about the Spatial service and its various features, see the [Spatial service] documentation.
+The service enables customers to enhance their location intelligence with a library of common geospatial mathematical calculations. Common calculations include closest point, great circle distance, and buffers. For more information about the Spatial service and its various features, see [Spatial] in the Azure Maps REST API documentation.
### Timezone service
A typical JSON response for a query to the Time zone service looks like the foll
} ```
-For more information, see the [Time zone service] documentation.
+For more information, see [Timezone] in the Azure Maps REST API documentation.
### Traffic service
The Traffic service is a suite of web services that developers can use for web o
![Example of a map with traffic information](media/about-azure-maps/intro_traffic.png)
-For more information, see the [Traffic service] documentation.
+For more information, see [Traffic] in the Azure Maps REST API documentation.
### Weather service
Stay up to date on Azure Maps:
[What is Azure Maps Creator?]: about-creator.md [v1]: /rest/api/maps/data [v2]: /rest/api/maps/data-v2
-[Data Registry service]: /rest/api/maps/data-registry
[How to create data registry]: how-to-create-data-registries.md <! REST API Links >
-[Data registry service]: /rest/api/maps/data-registry
-[Geolocation service]: /rest/api/maps/geolocation
+[Data registry]: /rest/api/maps/data-registry
+[Geolocation]: /rest/api/maps/geolocation
[Get Map Tile]: /rest/api/maps/render-v2/get-map-tile [Get Weather along route API]: /rest/api/maps/weather/getweatheralongroute
-[Render service]: /rest/api/maps/render-v2
+[Render]: /rest/api/maps/render-v2
[REST APIs]: /rest/api/maps/
-[Route service]: /rest/api/maps/route
-[Search service]: /rest/api/maps/search
-[Spatial service]: /rest/api/maps/spatial
+[Route]: /rest/api/maps/route
+[Search]: /rest/api/maps/search
+[Spatial]: /rest/api/maps/spatial
[TilesetID]: /rest/api/maps/render-v2/get-map-tile#tilesetid
-[Time zone service]: /rest/api/maps/timezone
-[Traffic service]: /rest/api/maps/traffic
+[Timezone]: /rest/api/maps/timezone
+[Traffic]: /rest/api/maps/traffic
<! JavaScript API Links > [JavaScript map control]: /javascript/api/azure-maps-control <! External Links >
azure-maps About Creator https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-maps/about-creator.md
Creator is a platform for building indoor mapping solutions for all your needs.
An [onboarding tool] is provided to prepare your facility's DWGs by identifying the data to use and to positioning your facility on the map. The conversion service then converts the geometry and data from your DWG files into a digital indoor map.
-The first step in creating your indoor map is to upload a drawing package into your Azure Maps account. A drawing package contains one or more CAD (computer-aided design) drawings of your facility along with a manifest describing the drawings. The drawings define the elements of the facility while the manifest tells the Azure Maps [Conversion service] how to read the facility drawing files and metadata. For more
+The first step in creating your indoor map is to upload a drawing package into your Azure Maps account. A drawing package contains one or more CAD (computer-aided design) drawings of your facility along with a manifest describing the drawings. The drawings define the elements of the facility while the manifest tells the Azure Maps [Conversion] service how to read the facility drawing files and metadata. For more
information about manifest properties, see [Manifest file requirements] and for more information on creating and uploading a drawing package, see the [Drawing package guide]. ### Dataset
This section provides a high-level overview of the indoor map creation workflow.
account. Upload drawing packages using the [Data Upload API]. 1. **Convert**. Once the drawing package is uploaded into your Azure Maps account,
- use the [Conversion service] to validate the data in the uploaded drawing
+ use the [Conversion] service to validate the data in the uploaded drawing
package and convert it into map data. 1. **Dataset**. Create a [dataset] from the map data. A dataset is collection
This section provides a high-level overview of the indoor map creation workflow.
[Azure Maps Creator onboarding tool]: https://azure.github.io/azure-maps-creator-onboarding-tool [Azure Maps Creator REST API]: /rest/api/maps-creator
-[Conversion service]: /rest/api/maps/v2/conversion
+[Conversion]: /rest/api/maps/v2/conversion
[Create a feature stateset]: how-to-creator-feature-stateset.md [Create custom styles for indoor maps]: how-to-create-custom-styles.md [Create dataset using GeoJson package]: how-to-dataset-geojson.md
azure-maps Azure Maps Qps Rate Limits https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-maps/azure-maps-qps-rate-limits.md
The following list shows the QPS usage limits for each Azure Maps service by Pri
| Traffic service | 50 | 50 | 50 | | Weather service | 50 | 50 | 50 |
-<sup>1</sup> The Azure Maps Data service (both [v1] and [v2]) is now deprecated and will be retired on 9/16/24. To avoid service disruptions, all calls to the Data service will need to be updated to use the Azure Maps [Data Registry service] by 9/16/24. For more information, see [How to create data registry].
+<sup>1</sup> The Azure Maps Data service (both [v1] and [v2]) is now deprecated and will be retired on 9/16/24. To avoid service disruptions, all calls to the Data service will need to be updated to use the Azure Maps [Data Registry] service by 9/16/24. For more information, see [How to create data registry].
When QPS limits are reached, an HTTP 429 error is returned. If you're using the Gen 2 or Gen 1 S1 pricing tiers, you can create an Azure Maps *Technical* Support Request in the [Azure portal] to increase a specific QPS limit if needed. QPS limits for the Gen 1 S0 pricing tier can't be increased.
When QPS limits are reached, an HTTP 429 error is returned. If you're using the
[Manage the pricing tier of your Azure Maps account]: how-to-manage-pricing-tier.md [v1]: /rest/api/maps/data [v2]: /rest/api/maps/data-v2
-[Data Registry service]: /rest/api/maps/data-registry
+[Data Registry]: /rest/api/maps/data-registry
[How to create data registry]: how-to-create-data-registries.md
azure-maps How To Search For Address https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-maps/how-to-search-for-address.md
# Search for a location using Azure Maps Search services
-The [Search service] is a set of RESTful APIs designed to help developers search addresses, places, and business listings by name, category, and other geographic information. In addition to supporting traditional geocoding, services can also reverse geocode addresses and cross streets based on latitudes and longitudes. Latitude and longitude values returned by the search can be used as parameters in other Azure Maps services, such as [Route] and [Weather] services.
+The [Search] service is a set of RESTful APIs designed to help developers search addresses, places, and business listings by name, category, and other geographic information. In addition to supporting traditional geocoding, services can also reverse geocode addresses and cross streets based on latitudes and longitudes. Latitude and longitude values returned by the search can be used as parameters in other Azure Maps services, such as [Route] and [Weather].
This article demonstrates how to:
This example demonstrates how to search for a cross street based on the coordina
[Search Address]: /rest/api/maps/search/getsearchaddress [Search Coverage]: geocoding-coverage.md [Search Polygon API]: /rest/api/maps/search/getsearchpolygon
-[Search service]: /rest/api/maps/search
+[Search]: /rest/api/maps/search
[subscription key]: quick-demo-map-app.md#get-the-subscription-key-for-your-account [URI Parameter reference]: /rest/api/maps/search/getsearchfuzzy#uri-parameters [Weather]: /rest/api/maps/weather
azure-maps Migrate From Bing Maps Web Services https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-maps/migrate-from-bing-maps-web-services.md
In Azure Maps, pushpins can also be added to a static map image by specifying th
More styles can be used by adding more `pins` parameters to the URL with a different style and set of locations.
-Regarding pin locations, Azure Maps requires the coordinates to be in `longitude latitude` format whereas Bing Maps uses `latitude,longitude` format. Also note that **there is a space, not a comma** separating longitude and latitude in Azure Maps.
+Regarding pin locations, Azure Maps requires the coordinates to be in `longitude,latitude` format whereas Bing Maps uses `latitude,longitude` format. Also note that **there is a space, not a comma** separating longitude and latitude in Azure Maps.
The `iconType` value specifies the type of pin to create and can have the following values:
In Azure Maps, lines and polygons can also be added to a static map image by spe
> `&path=pathStyles||pathLocation1|pathLocation2|...`
-When it comes to path locations, Azure Maps requires the coordinates to be in `longitude latitude` format whereas Bing Maps uses `latitude,longitude` format. Also note that **there is a space, not a comma separating** longitude and latitude in Azure Maps. Azure Maps doesn't support encoded paths currently.
+When it comes to path locations, Azure Maps requires the coordinates to be in `longitude,latitude` format whereas Bing Maps uses `latitude,longitude` format. Also note that **there is a space, not a comma separating** longitude and latitude in Azure Maps. Azure Maps doesn't support encoded paths currently.
Path styles in Azure Maps are added with the format `optionNameValue`, with multiple styles separated by pipe (`|`) characters like this `optionName1Value1|optionName2Value2`. Note the option names and values aren't separated. The following style option names can be used to style paths in Azure Maps:
azure-maps Migrate From Google Maps Web Services https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-maps/migrate-from-google-maps-web-services.md
Add markers to a static map image by specifying the `pins` parameter in the URL.
To use other styles, add extra `pins` parameters to the URL with a different style and set of locations.
-In Azure Maps, the pin location needs to be in the "longitude latitude" format. Google Maps uses "latitude,longitude" format. A space, not a comma, separates longitude and latitude in the Azure Maps format.
+In Azure Maps, the pin location needs to be in the "longitude,latitude" format. Google Maps uses "latitude,longitude" format. A space, not a comma, separates longitude and latitude in the Azure Maps format.
The `iconType` specifies the type of pin to create. It can have the following values:
Add lines and polygons to a static map image by specifying the `path` parameter
&path=pathStyles||pathLocation1|pathLocation2|... ```
-When it comes to path locations, Azure Maps requires the coordinates to be in "longitude latitude" format. Google Maps uses "latitude,longitude" format. A space, not a comma, separates longitude and latitude in the Azure Maps format. Azure Maps doesn't support encoded paths or addresses for points.
+When it comes to path locations, Azure Maps requires the coordinates to be in "longitude,latitude" format. Google Maps uses "latitude,longitude" format. A space, not a comma, separates longitude and latitude in the Azure Maps format. Azure Maps doesn't support encoded paths or addresses for points.
Add path styles with the `optionNameValue` format. Separate multiple styles by pipe (\|) characters, like this `optionName1Value1|optionName2Value2`. The option names and values aren't separated. Use the following style option names to style paths in Azure Maps:
azure-maps Understanding Azure Maps Transactions https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-maps/understanding-azure-maps-transactions.md
The following table summarizes the Azure Maps services that generate transaction
| [Traffic] | Yes | One request = 1 transaction (except tiles)<br>15 tiles = 1 transaction | <ul><li>Location Insights Traffic (Gen2 pricing)</li><li>Standard S1 Traffic Transactions (Gen1 S1 pricing)</li><li>Standard Geolocation Transactions (Gen1 S0 pricing)</li><li>Maps Traffic Tiles (Gen2 pricing)</li><li>Standard S1 Tile Transactions (Gen1 S1 pricing)</li><li>Standard Tile Transactions (Gen1 S0 pricing)</li></ul> | | [Weather] | Yes | One request = 1 transaction | <ul><li>Location Insights Weather (Gen2 pricing)</li><li>Standard S1 Weather Transactions (Gen1 S1 pricing)</li><li>Standard Weather Transactions (Gen1 S0 pricing)</li></ul> |
-<sup>1</sup> The Azure Maps Data service (both [v1] and [v2]) is now deprecated and will be retired on 9/16/24. To avoid service disruptions, all calls to the Data service will need to be updated to use the Azure Maps [Data Registry service] by 9/16/24. For more information, see [How to create data registry].
+<sup>1</sup> The Azure Maps Data service (both [v1] and [v2]) is now deprecated and will be retired on 9/16/24. To avoid service disruptions, all calls to the Data service will need to be updated to use the Azure Maps [Data Registry] service by 9/16/24. For more information, see [How to create data registry].
<!-- In Bing Maps, any time a synchronous Truck Routing request is made, three transactions are counted. Does this apply also to Azure Maps?-->
The following table summarizes the Azure Maps services that generate transaction
[Data registry]: /rest/api/maps/data-registry [v1]: /rest/api/maps/data [v2]: /rest/api/maps/data-v2
-[Data Registry service]: /rest/api/maps/data-registry
[How to create data registry]: how-to-create-data-registries.md [Dataset]: /rest/api/maps/v2/dataset [Feature State]: /rest/api/maps/v2/feature-state
azure-monitor Api Filtering Sampling https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/app/api-filtering-sampling.md
Insert a telemetry initializer by adding the onInit callback function in the [Ja
```html <script type="text/javascript"> !function(v,y,T){<!-- Removed the JavaScript (Web) SDK Loader Script code for brevity -->}(window,document,{
-src: "https://js.monitor.azure.com/scripts/b/ai.2.min.js",
+src: "https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js",
crossOrigin: "anonymous", onInit: function (sdk) { sdk.addTelemetryInitializer(function (envelope) {
azure-monitor App Insights Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/app/app-insights-overview.md
Autoinstrumentation is available for [Azure App Service](azure-web-apps-nodejs.m
The [Application Insights SDK](nodejs.md) is an alternative. We also have an [OpenTelemetry](opentelemetry-enable.md?tabs=nodejs) offering available.
-### [JavaScript](#tab/javascript)
-
-JavaScript requires the [Application Insights SDK](javascript.md).
- ### [Python](#tab/python)
-Python applications can be monitored by using [OpenCensus Python SDK via the Azure Monitor exporters](opencensus-python.md).
+Python applications can be monitored by using the [Azure Monitor OpenTelemetry Distro](opentelemetry-enable.md?tabs=python).
-An extension is available for monitoring [Azure Functions](opencensus-python.md#integrate-with-azure-functions).
+### [JavaScript](#tab/javascript)
-An [OpenTelemetry](opentelemetry-enable.md?tabs=python) offering is also available.
+JavaScript requires the [Application Insights SDK](javascript.md).
An [OpenTelemetry](opentelemetry-enable.md?tabs=python) offering is also availab
This section outlines supported scenarios.
-* [C#|VB (.NET)](./asp-net.md)
+### Automatic instrumentation (enable without code changes)
+* [Autoinstrumentation supported environments and languages](codeless-overview.md#supported-environments-languages-and-resource-providers)
+
+### Manual instrumentation
+
+#### OpenTelemetry Distro
+
+* [ASP.NET](opentelemetry-enable.md?tabs=net)
+* [Java](opentelemetry-enable.md?tabs=java)
+* [Node.js](opentelemetry-enable.md?tabs=nodejs)
+* [Python](opentelemetry-enable.md?tabs=python)
+* [ASP.NET Core](opentelemetry-enable.md?tabs=aspnetcore) (preview)
+
+#### Application Insights SDK (Classic API)
+
+* [ASP.NET](./asp-net.md)
* [Java](./opentelemetry-enable.md?tabs=java)
-* [JavaScript](./javascript.md)
* [Node.js](./nodejs.md) * [Python](./opencensus-python.md)
+* [ASP.NET Core](./asp-net-core.md)
+
+#### Client-side JavaScript SDK
+
+* [JavaScript](./javascript.md)
+ * [React](./javascript-framework-extensions.md)
+ * [React Native](./javascript-framework-extensions.md)
+ * [Angular](./javascript-framework-extensions.md)
### Supported platforms and frameworks
This section lists all supported platforms and frameworks.
* [Azure Spring Apps](../../spring-apps/how-to-application-insights.md) * [Azure Cloud Services](./azure-web-apps-net-core.md), including both web and worker roles
-#### Autoinstrumentation (enable without code changes)
-* [ASP.NET: For web apps hosted with IIS](./application-insights-asp-net-agent.md)
-* [ASP.NET Core: For web apps hosted with IIS](./application-insights-asp-net-agent.md)
-* [Java](./opentelemetry-enable.md?tabs=java)
-
-#### Manual instrumentation/SDK (some code changes required)
-* [ASP.NET](./asp-net.md)
-* [ASP.NET Core](./asp-net-core.md)
-* [Node.js](./nodejs.md)
-* [Python](./opencensus-python.md)
-* [JavaScript: Web](./javascript.md)
- * [React](./javascript-framework-extensions.md)
- * [React Native](./javascript-framework-extensions.md)
- * [Angular](./javascript-framework-extensions.md)
-
-> [!NOTE]
-> OpenTelemetry-based instrumentation is available for [C#, Node.js, and Python](opentelemetry-enable.md). Review the limitations noted at the beginning of each language's official documentation. If you require a full-feature experience, use the existing Application Insights SDKs.
-
-### Logging frameworks
-* [ILogger](./ilogger.md)
+#### Logging frameworks
+* [`ILogger`](./ilogger.md)
* [Log4Net, NLog, or System.Diagnostics.Trace](./asp-net-trace-logs.md)
-* [Log4J, Logback, or java.util.logging](./opentelemetry-add-modify.md?tabs=java#logs)
+* [`Log4J`, Logback, or java.util.logging](./opentelemetry-add-modify.md?tabs=java#logs)
* [LogStash plug-in](https://github.com/Azure/azure-diagnostics-tools/tree/master/Logstash/logstash-output-applicationinsights) * [Azure Monitor](/archive/blogs/msoms/application-insights-connector-in-oms)
-### Export and data analysis
+#### Export and data analysis
* [Power BI](https://powerbi.microsoft.com/blog/explore-your-application-insights-data-with-power-bi/) * [Power BI for workspace-based resources](../logs/log-powerbi.md) ### Unsupported SDKs
-Several other community-supported Application Insights SDKs exist. Azure Monitor only provides support when you use the supported instrumentation options listed in this article.
+Many community-supported Application Insights SDKs exist. Azure Monitor only provides support when you use the supported instrumentation options listed in this article.
-We're constantly assessing opportunities to expand our support for other languages. For the latest SDK news, see [Azure updates for Application Insights](https://azure.microsoft.com/updates/?query=application%20insights).
+We're constantly assessing opportunities to expand our support for other languages. For the latest news, see [Azure updates for Application Insights](https://azure.microsoft.com/updates/?query=application%20insights).
From server web apps:
* HTTP requests. * [Dependencies](./asp-net-dependencies.md). Calls to SQL databases, HTTP calls to external services, Azure Cosmos DB, Azure Table Storage, Azure Blob Storage, and Azure Queue Storage. * [Exceptions](./asp-net-exceptions.md) and stack traces.
-* [Performance counters](./performance-counters.md): If you use the [Azure Monitor Application Insights agent](./application-insights-asp-net-agent.md), [Azure monitoring for VMs or virtual machine scale sets](./azure-vm-vmss-apps.md), or the [Application Insights collectd writer](/previous-versions/azure/azure-monitor/app/deprecated-java-2x#collectd-linux-performance-metrics-in-application-insights-deprecated).
+* [Performance counters](./performance-counters.md): Performance counters are available when using:
+- [Azure Monitor Application Insights agent](application-insights-asp-net-agent.md)
+- [Azure monitoring for VMs or virtual machine scale sets](./azure-vm-vmss-apps.md)
+- [Application Insights `collectd` writer](/previous-versions/azure/azure-monitor/app/deprecated-java-2x#collectd-linux-performance-metrics-in-application-insights-deprecated).
* [Custom events and metrics](./api-custom-events-metrics.md) that you code. * [Trace logs](./asp-net-trace-logs.md) if you configure the appropriate collector.
You can [write PowerShell scripts](./powershell.md) by using Azure Resource Moni
You can't set up a metrics explorer report or set up continuous export.
-### How can I query Application Insights telemetery?
+### How can I query Application Insights telemetry?
Use the [REST API](/rest/api/application-insights/) to run [Log Analytics](../logs/log-query-overview.md) queries.
Post general questions to the Microsoft Q&A [answers forum](/answers/topics/2422
### Stack Overflow
-Post coding questions to [Stack Overflow](https://stackoverflow.com/questions/tagged/azure-application-insights) by using an Application Insights tag.
+Post coding questions to [Stack Overflow](https://stackoverflow.com/questions/tagged/azure-application-insights) by using an `azure-application-insights` tag.
### Feedback Community
azure-monitor Data Model Complete https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/app/data-model-complete.md
ibiza Previously updated : 06/23/2023 Last updated : 09/25/2023 # Application Insights telemetry data model
PageView Telemetry includes URL and you could parse the UTM parameter using a re
Occasionally, this data might be missing or inaccurate if the user or enterprise disables sending User Agent in browser settings. The [UA Parser regexes](https://github.com/ua-parser/uap-core/blob/master/regexes.yaml) might not include all device information. Or Application Insights might not have adopted the latest updates.
+### Why would a custom measurement succeed without error but the log doesn't show up?
+
+This can occur if you're using string values. Only numeric values work with custom measurements.
+ ## Next steps Learn how to use the [Application Insights API for custom events and metrics](./api-custom-events-metrics.md), including:
azure-monitor Java Get Started Supplemental https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/app/java-get-started-supplemental.md
For more information, see [Using Azure Monitor Application Insights with Spring
## Java Application servers
-The following sections show how to set the Application Insights Java agent path for different application servers. You can find the configuration options [here](./java-standalone-config.md).
+For information on setting up the Application Insights Java agent, see [Enabling Azure Monitor OpenTelemetry for Java](./opentelemetry-enable.md?tabs=java). The following sections provide additional details which may be helpful when configuring the `-javaagent:...` JVM arg on different application servers.
### Tomcat 8 (Linux)
azure-monitor Javascript Feature Extensions https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/app/javascript-feature-extensions.md
Users can set up the Click Analytics Auto-Collection plug-in via JavaScript (Web
}; // Application Insights JavaScript (Web) SDK Loader Script code !function(v,y,T){<!-- Removed the JavaScript (Web) SDK Loader Script code for brevity -->}(window,document,{
- src: "https://js.monitor.azure.com/scripts/b/ai.2.min.js",
+ src: "https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js",
crossOrigin: "anonymous", cfg: configObj // configObj is defined above. });
azure-monitor Javascript Sdk Upgrade https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/app/javascript-sdk-upgrade.md
If you're using the current application insights PRODUCTION SDK (1.0.20) and wan
- Download via CDN scenario: Update the JavaScript (Web) SDK Loader Script that you currently use to point to the following URL: ```
- "https://js.monitor.azure.com/scripts/b/ai.2.min.js"
+ "https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js"
``` - npm scenario: Call `downloadAndSetup` to download the full ApplicationInsights script from CDN and initialize it with a connection string:
If you're using the current application insights PRODUCTION SDK (1.0.20) and wan
```ts appInsights.downloadAndSetup({ connectionString: "Copy connection string from Application Insights Resource Overview",
- url: "https://js.monitor.azure.com/scripts/b/ai.2.min.jss"
+ url: "https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js"
}); ```
azure-monitor Javascript Sdk https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/app/javascript-sdk.md
# Enable Azure Monitor Application Insights Real User Monitoring
-The Microsoft Azure Monitor Application Insights JavaScript SDK collects usage data which allows you to monitor and analyze the performance of JavaScript web applications. This is commonly referred to as Real User Monitoring or RUM.
+The Microsoft Azure Monitor Application Insights JavaScript SDK collects usage data, which allows you to monitor and analyze the performance of JavaScript web applications. This is commonly referred to as Real User Monitoring or RUM.
-The Application Insights JavaScript SDK has a base SDK and several plugins for additional capabilities.
+The Application Insights JavaScript SDK has a base SDK and several plugins for more capabilities.
:::image type="content" source="media/javascript-sdk/conceptual-diagram-javascript-sdk.png" alt-text="Conceptual diagram that shows the Application Insights JavaScript SDK, its plugins/extensions, and their relationship to each other." lightbox="media/javascript-sdk/conceptual-diagram-javascript-sdk.png"::: We collect page views by default. But if you want to also collect clicks by default, consider adding the [Click Analytics Auto-Collection plug-in](./javascript-feature-extensions.md): -- If you're adding a [framework extension](./javascript-framework-extensions.md), which you can [add](#optional-add-advanced-sdk-configuration) after you follow the steps to get started below, you'll have the option to add Click Analytics when you add the framework extension.
+- If you're adding a [framework extension](./javascript-framework-extensions.md), which you can [add](#optional-add-advanced-sdk-configuration) after you follow the steps to get started below, you can optionally add Click Analytics when you add the framework extension.
- If you're not adding a framework extension, [add the Click Analytics plug-in](./javascript-feature-extensions.md) after you follow the steps to get started. We provide the [Debug plugin](https://github.com/microsoft/ApplicationInsights-JS/blob/main/extensions/applicationinsights-debugplugin-js/README.md) and [Performance plugin](https://github.com/microsoft/ApplicationInsights-JS/blob/main/extensions/applicationinsights-perfmarkmeasure-js/README.md) for debugging/testing. In rare cases, it's possible to build your own extension by adding a [custom plugin](https://github.com/microsoft/ApplicationInsights-JS/blob/e4be62c0aa9318b540157118b729bb0c4d8b6c6e/API-reference.md#custom-extension).
Two methods are available to add the code to enable Application Insights via the
Preferably, you should add it as the first script in your `<head>` section so that it can monitor any potential issues with all of your dependencies.
+ If Internet Explorer 8 is detected, JavaScript SDK v2.x is automatically loaded.
+ ```html <script type="text/javascript">
- !function(v,y,T){var S=v.location,k="script",D="instrumentationKey",C="ingestionendpoint",I="disableExceptionTracking",E="ai.device.",b="toLowerCase",w=(D[b](),"crossOrigin"),N="POST",e="appInsightsSDK",t=T.name||"appInsights",n=((T.name||v[e])&&(v[e]=t),v[t]||function(l){var u=!1,d=!1,g={initialize:!0,queue:[],sv:"6",version:2,config:l};function m(e,t){var n={},a="Browser";return n[E+"id"]=a[b](),n[E+"type"]=a,n["ai.operation.name"]=S&&S.pathname||"_unknown_",n["ai.internal.sdkVersion"]="javascript:snippet_"+(g.sv||g.version),{time:(a=new Date).getUTCFullYear()+"-"+i(1+a.getUTCMonth())+"-"+i(a.getUTCDate())+"T"+i(a.getUTCHours())+":"+i(a.getUTCMinutes())+":"+i(a.getUTCSeconds())+"."+(a.getUTCMilliseconds()/1e3).toFixed(3).slice(2,5)+"Z",iKey:e,name:"Microsoft.ApplicationInsights."+e.replace(/-/g,"")+"."+t,sampleRate:100,tags:n,data:{baseData:{ver:2}}};function i(e){e=""+e;return 1===e.length?"0"+e:e}}var e,n,f=l.url||T.src;function a(e){var t,n,a,i,o,s,r,c,p;u=!0,g.queue=[],d||(d=!0,i=f,r=(c=function(){var e,t={},n=l.connectionString;if(n)for(var a=n.split(";"),i=0;i<a.length;i++){var o=a[i].split("=");2===o.length&&(t[o[0][b]()]=o[1])}return t[C]||(t[C]="https://"+((e=(n=t.endpointsuffix)?t.location:null)?e+".":"")+"dc."+(n||"services.visualstudio.com")),t}()).instrumentationkey||l[D]||"",c=(c=c[C])?c+"/v2/track":l.endpointUrl,(p=[]).push((t="SDK LOAD Failure: Failed to load Application Insights SDK script (See stack for details)",n=i,o=c,(s=(a=m(r,"Exception")).data).baseType="ExceptionData",s.baseData.exceptions=[{typeName:"SDKLoadFailed",message:t.replace(/\./g,"-"),hasFullStack:!1,stack:t+"\nSnippet failed to load ["+n+"] -- Telemetry is disabled\nHelp Link: https://go.microsoft.com/fwlink/?linkid=2128109\nHost: "+(S&&S.pathname||"_unknown_")+"\nEndpoint: "+o,parsedStack:[]}],a)),p.push((s=i,t=c,(o=(n=m(r,"Message")).data).baseType="MessageData",(a=o.baseData).message='AI (Internal): 99 message:"'+("SDK LOAD Failure: Failed to load Application Insights SDK script (See stack for details) ("+s+")").replace(/\"/g,"")+'"',a.properties={endpoint:t},n)),i=p,r=c,JSON&&((o=v.fetch)&&!T.useXhr?o(r,{method:N,body:JSON.stringify(i),mode:"cors"}):XMLHttpRequest&&((s=new XMLHttpRequest).open(N,r),s.setRequestHeader("Content-type","application/json"),s.send(JSON.stringify(i)))))}function i(e,t){d||setTimeout(function(){!t&&g.core||a()},500)}f&&((n=y.createElement(k)).src=f,!(o=T[w])&&""!==o||"undefined"==n[w]||(n[w]=o),n.onload=i,n.onerror=a,n.onreadystatechange=function(e,t){"loaded"!==n.readyState&&"complete"!==n.readyState||i(0,t)},e=n,T.ld<0?y.getElementsByTagName("head")[0].appendChild(e):setTimeout(function(){y.getElementsByTagName(k)[0].parentNode.appendChild(e)},T.ld||0));try{g.cookie=y.cookie}catch(h){}function t(e){for(;e.length;)!function(t){g[t]=function(){var e=arguments;u||g.queue.push(function(){g[t].apply(g,e)})}}(e.pop())}var s,r,o="track",c="TrackPage",p="TrackEvent",o=(t([o+"Event",o+"PageView",o+"Exception",o+"Trace",o+"DependencyData",o+"Metric",o+"PageViewPerformance","start"+c,"stop"+c,"start"+p,"stop"+p,"addTelemetryInitializer","setAuthenticatedUserContext","clearAuthenticatedUserContext","flush"]),g.SeverityLevel={Verbose:0,Information:1,Warning:2,Error:3,Critical:4},(l.extensionConfig||{}).ApplicationInsightsAnalytics||{});return!0!==l[I]&&!0!==o[I]&&(t(["_"+(s="onerror")]),r=v[s],v[s]=function(e,t,n,a,i){var o=r&&r(e,t,n,a,i);return!0!==o&&g["_"+s]({message:e,url:t,lineNumber:n,columnNumber:a,error:i,evt:v.event}),o},l.autoExceptionInstrumented=!0),g}(T.cfg));function a(){T.onInit&&T.onInit(n)}(v[t]=n).queue&&0===n.queue.length?(n.queue.push(a),n.trackPageView({})):a()}(window,document,{
- src: "https://js.monitor.azure.com/scripts/b/ai.2.min.js",
+ !(function (cfg){function e(){cfg.onInit&&cfg.onInit(i)}var S,u,D,t,n,i,C=window,x=document,w=C.location,I="script",b="ingestionendpoint",E="disableExceptionTracking",A="ai.device.";"instrumentationKey"[S="toLowerCase"](),u="crossOrigin",D="POST",t="appInsightsSDK",n=cfg.name||"appInsights",(cfg.name||C[t])&&(C[t]=n),i=C[n]||function(l){var d=!1,g=!1,f={initialize:!0,queue:[],sv:"7",version:2,config:l};function m(e,t){var n={},i="Browser";function a(e){e=""+e;return 1===e.length?"0"+e:e}return n[A+"id"]=i[S](),n[A+"type"]=i,n["ai.operation.name"]=w&&w.pathname||"_unknown_",n["ai.internal.sdkVersion"]="javascript:snippet_"+(f.sv||f.version),{time:(i=new Date).getUTCFullYear()+"-"+a(1+i.getUTCMonth())+"-"+a(i.getUTCDate())+"T"+a(i.getUTCHours())+":"+a(i.getUTCMinutes())+":"+a(i.getUTCSeconds())+"."+(i.getUTCMilliseconds()/1e3).toFixed(3).slice(2,5)+"Z",iKey:e,name:"Microsoft.ApplicationInsights."+e.replace(/-/g,"")+"."+t,sampleRate:100,tags:n,data:{baseData:{ver:2}},ver:4,seq:"1",aiDataContract:undefined}}var h=-1,v=0,y=["js.monitor.azure.com","js.cdn.applicationinsights.io","js.cdn.monitor.azure.com","js0.cdn.applicationinsights.io","js0.cdn.monitor.azure.com","js2.cdn.applicationinsights.io","js2.cdn.monitor.azure.com","az416426.vo.msecnd.net"],k=l.url||cfg.src;if(k){if((n=navigator)&&(~(n=(n.userAgent||"").toLowerCase()).indexOf("msie")||~n.indexOf("trident/"))&&~k.indexOf("ai.3")&&(k=k.replace(/(\/)(ai\.3\.)([^\d]*)$/,function(e,t,n){return t+"ai.2"+n})),!1!==cfg.cr)for(var e=0;e<y.length;e++)if(0<k.indexOf(y[e])){h=e;break}var i=function(e){var a,t,n,i,o,r,s,c,p,u;f.queue=[],g||(0<=h&&v+1<y.length?(a=(h+v+1)%y.length,T(k.replace(/^(.*\/\/)([\w\.]*)(\/.*)$/,function(e,t,n,i){return t+y[a]+i})),v+=1):(d=g=!0,o=k,c=(p=function(){var e,t={},n=l.connectionString;if(n)for(var i=n.split(";"),a=0;a<i.length;a++){var o=i[a].split("=");2===o.length&&(t[o[0][S]()]=o[1])}return t[b]||(e=(n=t.endpointsuffix)?t.location:null,t[b]="https://"+(e?e+".":"")+"dc."+(n||"services.visualstudio.com")),t}()).instrumentationkey||l.instrumentationKey||"",p=(p=p[b])?p+"/v2/track":l.endpointUrl,(u=[]).push((t="SDK LOAD Failure: Failed to load Application Insights SDK script (See stack for details)",n=o,r=p,(s=(i=m(c,"Exception")).data).baseType="ExceptionData",s.baseData.exceptions=[{typeName:"SDKLoadFailed",message:t.replace(/\./g,"-"),hasFullStack:!1,stack:t+"\nSnippet failed to load ["+n+"] -- Telemetry is disabled\nHelp Link: https://go.microsoft.com/fwlink/?linkid=2128109\nHost: "+(w&&w.pathname||"_unknown_")+"\nEndpoint: "+r,parsedStack:[]}],i)),u.push((s=o,t=p,(r=(n=m(c,"Message")).data).baseType="MessageData",(i=r.baseData).message='AI (Internal): 99 message:"'+("SDK LOAD Failure: Failed to load Application Insights SDK script (See stack for details) ("+s+")").replace(/\"/g,"")+'"',i.properties={endpoint:t},n)),o=u,c=p,JSON&&((r=C.fetch)&&!cfg.useXhr?r(c,{method:D,body:JSON.stringify(o),mode:"cors"}):XMLHttpRequest&&((s=new XMLHttpRequest).open(D,c),s.setRequestHeader("Content-type","application/json"),s.send(JSON.stringify(o))))))},a=function(e,t){g||setTimeout(function(){!t&&f.core||i()},500),d=!1},T=function(e){var n=x.createElement(I),e=(n.src=e,cfg[u]);return!e&&""!==e||"undefined"==n[u]||(n[u]=e),n.onload=a,n.onerror=i,n.onreadystatechange=function(e,t){"loaded"!==n.readyState&&"complete"!==n.readyState||a(0,t)},cfg.ld&&cfg.ld<0?x.getElementsByTagName("head")[0].appendChild(n):setTimeout(function(){x.getElementsByTagName(I)[0].parentNode.appendChild(n)},cfg.ld||0),n};T(k)}try{f.cookie=x.cookie}catch(p){}function t(e){for(;e.length;)!function(t){f[t]=function(){var e=arguments;d||f.queue.push(function(){f[t].apply(f,e)})}}(e.pop())}var r,s,n="track",o="TrackPage",c="TrackEvent",n=(t([n+"Event",n+"PageView",n+"Exception",n+"Trace",n+"DependencyData",n+"Metric",n+"PageViewPerformance","start"+o,"stop"+o,"start"+c,"stop"+c,"addTelemetryInitializer","setAuthenticatedUserContext","clearAuthenticatedUserContext","flush"]),f.SeverityLevel={Verbose:0,Information:1,Warning:2,Error:3,Critical:4},(l.extensionConfig||{}).ApplicationInsightsAnalytics||{});return!0!==l[E]&&!0!==n[E]&&(t(["_"+(r="onerror")]),s=C[r],C[r]=function(e,t,n,i,a){var o=s&&s(e,t,n,i,a);return!0!==o&&f["_"+r]({message:e,url:t,lineNumber:n,columnNumber:i,error:a,evt:C.event}),o},l.autoExceptionInstrumented=!0),f}(cfg.cfg),(C[n]=i).queue&&0===i.queue.length?(i.queue.push(e),i.trackPageView({})):e();})({
+ src: "https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js",
// name: "appInsights", // ld: 0, // useXhr: 1, crossOrigin: "anonymous", // onInit: null,
+ // cr: 0,
cfg: { // Application Insights Configuration connectionString: "YOUR_CONNECTION_STRING" }});
Two methods are available to add the code to enable Application Insights via the
| useXhr | boolean | Optional | This setting is used only for reporting SDK load failures. For example, this setting is useful when the JavaScript (Web) SDK Loader Script is preventing the HTML page from loading, causing fetch() to be unavailable.<br><br>Reporting first attempts to use fetch() if available and then fallback to XHR. Set this setting to `true` to bypass the fetch check. This setting is only required if your application is being used in an environment where fetch would fail to send the failure events such as if the JavaScript (Web) SDK Loader Script isn't loading successfully. | crossOrigin | string | Optional | By including this setting, the script tag added to download the SDK includes the crossOrigin attribute with this string value. Use this setting when you need to provide support for CORS. When not defined (the default), no crossOrigin attribute is added. Recommended values are not defined (the default), "", or "anonymous". For all valid values, see the [cross origin HTML attribute](https://developer.mozilla.org/docs/Web/HTML/Attributes/crossorigin) documentation. | onInit | function(aiSdk) { ... } | Optional | This callback function is called after the main SDK script has been successfully loaded and initialized from the CDN (based on the src value). This callback function is useful when you need to insert a telemetry initializer. It's passed one argument, which is a reference to the SDK instance that's being called for and is also called before the first initial page view. If the SDK has already been loaded and initialized, this callback is still called. NOTE: During the processing of the sdk.queue array, this callback is called. You CANNOT add any more items to the queue because they're ignored and dropped. (Added as part of JavaScript (Web) SDK Loader Script version 5--the sv:"5" value within the script). |
+ | cr | boolean | Optional | If the SDK fails to load and the endpoint value defined for `src` is the public CDN location, this configuration option attempts to immediately load the SDK from one of the following backup CDN endpoints:<ul><li>js.monitor.azure.com</li><li>js.cdn.applicationinsights.io</li><li>js.cdn.monitor.azure.com</li><li>js0.cdn.applicationinsights.io</li><li>js0.cdn.monitor.azure.com</li><li>js2.cdn.applicationinsights.io</li><li>js2.cdn.monitor.azure.com</li><li>az416426.vo.msecnd.net</li></ul>NOTE: az416426.vo.msecnd.net is partially supported, so it's not recommended.<br><br>If the SDK successfully loads from a backup CDN endpoint, it loads from the first available one, which is determined when the server performs a successful load check. If the SDK fails to load from any of the backup CDN endpoints, the SDK Failure error message appears.<br><br>When not defined, the default value is `true`. If you donΓÇÖt want to load the SDK from the backup CDN endpoints, set this configuration option to `false`.<br><br>If youΓÇÖre loading the SDK from your own privately hosted CDN endpoint, this configuration option is not applicable.
#### [npm package](#tab/npmpackage)
To paste the connection string in your environment, follow these steps:
1. Replace the placeholder `"YOUR_CONNECTION_STRING"` in the JavaScript code with your [connection string](./sdk-connection-string.md) copied to the clipboard.
+ The `connectionString` format must follow "InstrumentationKey=xxxx;....". If the string provided does not meet this format, the SDK load process fails.
+ The connection string isn't considered a security token or key. For more information, see [Do new Azure regions require the use of connection strings?](./sdk-connection-string.md#do-new-azure-regions-require-the-use-of-connection-strings). ### (Optional) Add SDK configuration
If you want to use the extra features provided by plugins for specific framework
It might take a few minutes for data to show up in the portal. If the only data you see showing up is a load failure exception, see [Troubleshoot SDK load failure for JavaScript web apps](/troubleshoot/azure/azure-monitor/app-insights/javascript-sdk-troubleshooting#troubleshoot-sdk-load-failure-for-javascript-web-apps).
+ In some cases, if multiple instances of different versions of Application Insights are running on the same page, errors can occur during initialization. For these cases and the error message that appears, see [Running multiple versions of the Application Insights JavaScript SDK in one session](https://github.com/microsoft/ApplicationInsights-JS/blob/main/versionConflict.md). If you've encountered one of these errors, try changing the namespace by using the `name` setting. For more information, see [JavaScript (Web) SDK Loader Script configuration](#javascript-web-sdk-loader-script-configuration).
+ :::image type="content" source="media/javascript-sdk/confirm-data-flowing.png" alt-text="Screenshot of the Application Insights Transaction search pane in the Azure portal with the Page View option selected. The page views are highlighted." lightbox="media/javascript-sdk/confirm-data-flowing.png"::: 1. If you want to query data to confirm data is flowing:
azure-monitor Opentelemetry Add Modify https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/app/opentelemetry-add-modify.md
Dependencies
- [Redis-4](https://github.com/open-telemetry/opentelemetry-js-contrib/tree/main/plugins/node/opentelemetry-instrumentation-redis-4) - [Azure SDK](https://github.com/Azure/azure-sdk-for-js/tree/main/sdk/instrumentation/opentelemetry-instrumentation-azure-sdk)
-Auto instrumentation of Logs is currently only supported when using `applicationinsights` v3 Beta package. (https://www.npmjs.com/package/applicationinsights/v/beta)
+Automatic instrumentation of Logs is currently only supported when using `applicationinsights` v3 Beta package. (https://www.npmjs.com/package/applicationinsights/v/beta)
+ Logs - [Node.js console](https://nodejs.org/api/console.html) - [Bunyan](https://github.com/trentm/node-bunyan#readme)
To add a community instrumentation library (not officially supported/included in
> Instrumenting a [supported instrumentation library](.\opentelemetry-add-modify.md?tabs=python#included-instrumentation-libraries) manually with `instrument()` in conjunction with the distro `configure_azure_monitor()` is not recommended. This is not a supported scenario and you may get undesired behavior for your telemetry. ```python
+# Import the `configure_azure_monitor()`, `SQLAlchemyInstrumentor`, `create_engine`, and `text` functions from the appropriate packages.
from azure.monitor.opentelemetry import configure_azure_monitor from opentelemetry.instrumentation.sqlalchemy import SQLAlchemyInstrumentor from sqlalchemy import create_engine, text
+# Configure OpenTelemetry to use Azure Monitor.
configure_azure_monitor()
+# Create a SQLAlchemy engine.
engine = create_engine("sqlite:///:memory:")
-# SQLAlchemy instrumentation is not officially supported by this package
-# However, you can use the OpenTelemetry instrument() method manually in
-# conjunction with configure_azure_monitor
+
+# SQLAlchemy instrumentation is not officially supported by this package, however, you can use the OpenTelemetry `instrument()` method manually in conjunction with `configure_azure_monitor()`.
SQLAlchemyInstrumentor().instrument( engine=engine, )
-# Database calls using the SqlAlchemy library will be automatically captured
+# Database calls using the SQLAlchemy library will be automatically captured.
with engine.connect() as conn: result = conn.execute(text("select 'hello world'")) print(result.all())
public class Program {
#### [Python](#tab/python) ```python
+# Import the `configure_azure_monitor()` and `metrics` functions from the appropriate packages.
from azure.monitor.opentelemetry import configure_azure_monitor from opentelemetry import metrics
+# Configure OpenTelemetry to use Azure Monitor with the specified connection string.
+# Replace `<your-connection-string>` with the connection string to your Azure Monitor Application Insights resource.
configure_azure_monitor( connection_string="<your-connection-string>", )+
+# Get a meter provider and a meter with the name "otel_azure_monitor_histogram_demo".
meter = metrics.get_meter_provider().get_meter("otel_azure_monitor_histogram_demo")
+# Record three values to the histogram.
histogram = meter.create_histogram("histogram") histogram.record(1.0, {"test_key": "test_value"}) histogram.record(100.0, {"test_key2": "test_value"}) histogram.record(30.0, {"test_key": "test_value2"})
+# Wait for background execution.
input() ```
public class Program {
#### [Python](#tab/python) ```python
+# Import the `configure_azure_monitor()` and `metrics` functions from the appropriate packages.
from azure.monitor.opentelemetry import configure_azure_monitor from opentelemetry import metrics
+# Configure OpenTelemetry to use Azure Monitor with the specified connection string.
+# Replace `<your-connection-string>` with the connection string to your Azure Monitor Application Insights resource.
configure_azure_monitor( connection_string="<your-connection-string>", )
+# Get a meter provider and a meter with the name "otel_azure_monitor_counter_demo".
meter = metrics.get_meter_provider().get_meter("otel_azure_monitor_counter_demo")
+# Create a counter metric with the name "counter".
counter = meter.create_counter("counter")+
+# Add three values to the counter.
+# The first argument to the `add()` method is the value to add.
+# The second argument is a dictionary of dimensions.
+# Dimensions are used to group related metrics together.
counter.add(1.0, {"test_key": "test_value"}) counter.add(5.0, {"test_key2": "test_value"}) counter.add(3.0, {"test_key": "test_value2"})
+# Wait for background execution.
input() ```
public class Program {
#### [Python](#tab/python) ```python
+# Import the necessary packages.
from typing import Iterable from azure.monitor.opentelemetry import configure_azure_monitor from opentelemetry import metrics from opentelemetry.metrics import CallbackOptions, Observation
+# Configure OpenTelemetry to use Azure Monitor with the specified connection string.
+# Replace `<your-connection-string>` with the connection string to your Azure Monitor Application Insights resource.
configure_azure_monitor( connection_string="<your-connection-string>", )+
+# Get a meter provider and a meter with the name "otel_azure_monitor_gauge_demo".
meter = metrics.get_meter_provider().get_meter("otel_azure_monitor_gauge_demo")
+# Define two observable gauge generators.
+# The first generator yields a single observation with the value 9.
+# The second generator yields a sequence of 10 observations with the value 9 and a different dimension value for each observation.
def observable_gauge_generator(options: CallbackOptions) -> Iterable[Observation]: yield Observation(9, {"test_key": "test_value"})
def observable_gauge_sequence(options: CallbackOptions) -> Iterable[Observation]
) return observations
+# Create two observable gauges using the defined generators.
gauge = meter.create_observable_gauge("gauge", [observable_gauge_generator]) gauge2 = meter.create_observable_gauge("gauge2", [observable_gauge_sequence])
+# Wait for background execution.
input() ```
You can use `opentelemetry-api` to update the status of a span and record except
The OpenTelemetry Python SDK is implemented in such a way that exceptions thrown are automatically captured and recorded. See the following code sample for an example of this behavior. ```python
+# Import the necessary packages.
from azure.monitor.opentelemetry import configure_azure_monitor from opentelemetry import trace
+# Configure OpenTelemetry to use Azure Monitor with the specified connection string.
+# Replace `<your-connection-string>` with the connection string to your Azure Monitor Application Insights resource.
configure_azure_monitor( connection_string="<your-connection-string>", )+
+# Get a tracer for the current module.
tracer = trace.get_tracer("otel_azure_monitor_exception_demo") # Exception events try:
+ # Start a new span with the name "hello".
with tracer.start_as_current_span("hello") as span: # This exception will be automatically recorded raise Exception("Custom exception message.")
within the context manager and use `record_exception()` directly as shown in the
```python ...
+# Start a new span with the name "hello" and disable exception recording.
with tracer.start_as_current_span("hello", record_exception=False) as span: try:
+ # Raise an exception.
raise Exception("Custom exception message.") except Exception as ex: # Manually record exception
The code example shows how to use the `tracer.start_as_current_span()` method to
```python ...
+# Import the necessary packages.
from opentelemetry import trace
+# Get a tracer for the current module.
tracer = trace.get_tracer(__name__)
+# Start a new span with the name "my first span" and make it the current span.
# The "with" context manager starts, makes the span current, and ends the span within it's context with tracer.start_as_current_span("my first span") as span: try:
- # Do stuff within the context of this
+ # Do stuff within the context of this span.
+ # All telemetry generated within this scope will be attributed to this span.
except Exception as ex:
+ # Record the exception on the span.
span.record_exception(ex) ...
If your method represents a background job not already captured by autoinstrumen
```python ...
+# Import the necessary packages.
from opentelemetry import trace from opentelemetry.trace import SpanKind
+# Get a tracer for the current module.
tracer = trace.get_tracer(__name__)+
+# Start a new span with the name "my request span" and the kind set to SpanKind.SERVER.
with tracer.start_as_current_span("my request span", kind=SpanKind.SERVER) as span:
+ # Do stuff within the context of this span.
... ```
Not available in .NET.
If you want to add custom events or access the Application Insights API, replace the @azure/monitor-opentelemetry package with the `applicationinsights` [v3 Beta package](https://www.npmjs.com/package/applicationinsights/v/beta). It offers the same methods and interfaces, and all sample code for @azure/monitor-opentelemetry applies to the v3 Beta package.
-To send custom telemetry with the Application Insights Classic API, use the `applicationinsights` [v3 Beta package](https://www.npmjs.com/package/applicationinsights/v/beta).
+You need to use the `applicationinsights` v3 Beta package to send custom telemetry using the Application Insights classic API. (https://www.npmjs.com/package/applicationinsights/v/beta)
```javascript const { TelemetryClient } = require("applicationinsights");
Use a custom processor:
```python ...
+# Import the necessary packages.
from azure.monitor.opentelemetry import configure_azure_monitor from opentelemetry import trace
+# Configure OpenTelemetry to use Azure Monitor with the specified connection string.
+# Replace `<your-connection-string>` with the connection string to your Azure Monitor Application Insights resource.
configure_azure_monitor( connection_string="<your-connection-string>", )+
+# Create a SpanEnrichingProcessor instance.
span_enrich_processor = SpanEnrichingProcessor()
-# Add the processor shown below to the current `TracerProvider`
+
+# Add the span enrich processor to the current TracerProvider.
trace.get_tracer_provider().add_span_processor(span_enrich_processor) ... ```
trace.get_tracer_provider().add_span_processor(span_enrich_processor)
Add `SpanEnrichingProcessor.py` to your project with the following code: ```python
+# Import the SpanProcessor class from the opentelemetry.sdk.trace module.
from opentelemetry.sdk.trace import SpanProcessor class SpanEnrichingProcessor(SpanProcessor): def on_end(self, span):
+ # Prefix the span name with the string "Updated-".
span._name = "Updated-" + span.name
+ # Add the custom dimension "CustomDimension1" with the value "Value1".
span._attributes["CustomDimension1"] = "Value1"
+ # Add the custom dimension "CustomDimension2" with the value "Value2".
span._attributes["CustomDimension2"] = "Value2" ```
Use the add [custom property example](#add-a-custom-property-to-a-span), but rep
Use the add [custom property example](#add-a-custom-property-to-a-span), but replace the following lines of code in `SpanEnrichingProcessor.py`: ```python
+# Set the `http.client_ip` attribute of the span to the specified IP address.
span._attributes["http.client_ip"] = "<IP Address>" ```
Use the add [custom property example](#add-a-custom-property-to-a-span), but rep
Use the add [custom property example](#add-a-custom-property-to-a-span), but replace the following lines of code: ```python
+# Set the `enduser.id` attribute of the span to the specified user ID.
span._attributes["enduser.id"] = "<User ID>" ```
The Python [logging](https://docs.python.org/3/howto/logging.html) library is [a
```python ...
+# Create a warning log message with the properties "key1" and "value1".
logger.warning("WARNING: Warning log with properties", extra={"key1": "value1"}) ...
Use the add [custom property example](#add-a-custom-property-to-a-span), but rep
```python ...
+ # Import the Flask and Azure Monitor OpenTelemetry SDK libraries.
import flask from azure.monitor.opentelemetry import configure_azure_monitor
- # Configure Azure monitor collection telemetry pipeline
+ # Configure OpenTelemetry to use Azure Monitor with the specified connection string.
+ # Replace `<your-connection-string>` with the connection string to your Azure Monitor Application Insights resource.
configure_azure_monitor( connection_string="<your-connection-string>", )
+
+ # Create a Flask application.
app = flask.Flask(__name__)
- # Requests sent to this endpoint will not be tracked due to
- # flask_config configuration
+ # Define a route. Requests sent to this endpoint will not be tracked due to
+ # flask_config configuration.
@app.route("/ignore") def ignore(): return "Request received but not tracked."
Use the add [custom property example](#add-a-custom-property-to-a-span), but rep
```python ...
+ # Import the necessary libraries.
from azure.monitor.opentelemetry import configure_azure_monitor from opentelemetry import trace
+ # Configure OpenTelemetry to use Azure Monitor with the specified connection string.
+ # Replace `<your-connection-string>` with the connection string to your Azure Monitor Application Insights resource.
configure_azure_monitor( connection_string="<your-connection-string>", )
+
+ # Add a SpanFilteringProcessor to the tracer provider.
trace.get_tracer_provider().add_span_processor(SpanFilteringProcessor()) ... ```
Use the add [custom property example](#add-a-custom-property-to-a-span), but rep
Add `SpanFilteringProcessor.py` to your project with the following code: ```python
+ # Import the necessary libraries.
from opentelemetry.trace import SpanContext, SpanKind, TraceFlags from opentelemetry.sdk.trace import SpanProcessor
+ # Define a custom span processor called `SpanFilteringProcessor`.
class SpanFilteringProcessor(SpanProcessor):
- # prevents exporting spans from internal activities
+ # Prevents exporting spans from internal activities.
def on_start(self, span):
+ # Check if the span is an internal activity.
if span._kind is SpanKind.INTERNAL:
+ # Create a new span context with the following properties:
+ # * The trace ID is the same as the trace ID of the original span.
+ # * The span ID is the same as the span ID of the original span.
+ # * The is_remote property is set to `False`.
+ # * The trace flags are set to `DEFAULT`.
+ # * The trace state is the same as the trace state of the original span.
span._context = SpanContext( span.context.trace_id, span.context.span_id,
Get the request trace ID and the span ID in your code:
Get the request trace ID and the span ID in your code:
- ```python
- from opentelemetry import trace
+```python
+# Import the necessary libraries.
+from opentelemetry import trace
- trace_id = trace.get_current_span().get_span_context().trace_id
- span_id = trace.get_current_span().get_span_context().span_id
- ```
+# Get the trace ID and span ID of the current span.
+trace_id = trace.get_current_span().get_span_context().trace_id
+span_id = trace.get_current_span().get_span_context().span_id
+```
azure-monitor Opentelemetry Configuration https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/app/opentelemetry-configuration.md
Use one of the following two ways to configure the connection string:
- Pass into `configure_azure_monitor`: ```python
+# Import the `configure_azure_monitor()` function from the `azure.monitor.opentelemetry` package.
from azure.monitor.opentelemetry import configure_azure_monitor
+# Configure OpenTelemetry to use Azure Monitor with the specified connection string.
+# Replace `<your-connection-string>` with the connection string of your Azure Monitor Application Insights resource.
configure_azure_monitor( connection_string="<your-connection-string>", )
useAzureMonitor(options);
#### [Python](#tab/python) ```python
+# Import the `ManagedIdentityCredential` class from the `azure.identity` package.
from azure.identity import ManagedIdentityCredential
+# Import the `configure_azure_monitor()` function from the `azure.monitor.opentelemetry` package.
from azure.monitor.opentelemetry import configure_azure_monitor
+# Configure OpenTelemetry to use Azure Monitor with a managed identity credential.
+# This will allow OpenTelemetry to authenticate to Azure Monitor without requiring you to provide a connection string.
configure_azure_monitor( credential=ManagedIdentityCredential(), )
To override the default directory, you should set `storage_directory` to the dir
For example: ```python ...
+# Configure OpenTelemetry to use Azure Monitor with the specified connection string and storage directory.
+# Replace `your-connection-string` with the connection string to your Azure Monitor Application Insights resource.
+# Replace `C:\\SomeDirectory` with the directory where you want to store the telemetry data before it is sent to Azure Monitor.
configure_azure_monitor( connection_string="your-connection-string", storage_directory="C:\\SomeDirectory",
To disable this feature, you should set `disable_offline_storage` to `True`. Def
For example: ```python ...
+# Configure OpenTelemetry to use Azure Monitor with the specified connection string and disable offline storage.
+# Replace `your-connection-string` with the connection string to your Azure Monitor Application Insights resource.
configure_azure_monitor( connection_string="your-connection-string", disable_offline_storage=True,
For more information about Java, see the [Java supplemental documentation](java-
1. Add the following code snippet. This example assumes you have an OpenTelemetry Collector with an OTLP receiver running. For details, see this [README](https://github.com/Azure/azure-sdk-for-python/tree/main/sdk/monitor/azure-monitor-opentelemetry-exporter/samples/traces#collector). ```python
+ # Import the `configure_azure_monitor()`, `trace`, `OTLPSpanExporter`, and `BatchSpanProcessor` classes from the appropriate packages.
from azure.monitor.opentelemetry import configure_azure_monitor from opentelemetry import trace from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import OTLPSpanExporter from opentelemetry.sdk.trace.export import BatchSpanProcessor
+ # Configure OpenTelemetry to use Azure Monitor with the specified connection string.
+ # Replace `<your-connection-string>` with the connection string to your Azure Monitor Application Insights resource.
configure_azure_monitor( connection_string="<your-connection-string>", )
+
+ # Get the tracer for the current module.
tracer = trace.get_tracer(__name__)
+ # Create an OTLP span exporter that sends spans to the specified endpoint.
+ # Replace `http://localhost:4317` with the endpoint of your OTLP collector.
otlp_exporter = OTLPSpanExporter(endpoint="http://localhost:4317")
+
+ # Create a batch span processor that uses the OTLP span exporter.
span_processor = BatchSpanProcessor(otlp_exporter)
+
+ # Add the batch span processor to the tracer provider.
trace.get_tracer_provider().add_span_processor(span_processor)
+ # Start a new span with the name "test".
with tracer.start_as_current_span("test"): print("Hello world!") ```
azure-monitor Container Insights Onboard https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/containers/container-insights-onboard.md
- Title: Enable Container insights description: This article describes how to enable and configure Container insights so that you can understand how your container is performing and what performance-related issues have been identified.
If you're going to configure the cluster to [collect Prometheus metrics](contain
### Permissions
-To enable container monitoring, you require the following permissions:
+To enable Container insights, you require the following permissions:
-- You must be a member of the [Log Analytics contributor](../logs/manage-access.md#azure-rbac) role.-- You must be a member of the [*Owner* group](../../role-based-access-control/built-in-roles.md#owner) on any AKS cluster resources.
+- You must have at least [Contributor](../../role-based-access-control/built-in-roles.md#contributor) access to the AKS cluster.
To view data after container monitoring is enabled, you require the following permissions: -- You must be a member of the [Log Analytics reader](../logs/manage-access.md#azure-rbac) role if you aren't already a member of the [Log Analytics contributor](../logs/manage-access.md#azure-rbac) role.
+- You must have [Monitoring Reader](../roles-permissions-security.md#monitoring-reader) or [Monitoring Contributor](../roles-permissions-security.md#monitoring-contributor) role.
### Kubelet secure port
The following table lists the extra firewall configuration required for managed
After you've enabled monitoring, you can begin analyzing the performance of your Kubernetes clusters that are hosted on AKS, Azure Stack, or another environment. To learn how to use Container insights, see [View Kubernetes cluster performance](container-insights-analyze.md).+
azure-monitor Profiler Aspnetcore Linux https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-aspnetcore-linux.md
description: Learn how to enable Profiler on your ASP.NET Core web application h
ms.devlang: csharp Previously updated : 08/30/2023 Last updated : 09/22/2023 # Customer Intent: As a .NET developer, I'd like to enable Application Insights Profiler for my .NET web application hosted in Linux
azure-monitor Profiler Azure Functions https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-azure-functions.md
Title: Profile Azure Functions app with Application Insights Profiler
description: Enable Application Insights Profiler for Azure Functions app. ms.contributor: charles.weininger Previously updated : 07/15/2022- Last updated : 09/22/2023+ # Profile live Azure Functions app with Application Insights
azure-monitor Profiler Bring Your Own Storage https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-bring-your-own-storage.md
reviewer: cweining Previously updated : 07/07/2023 Last updated : 09/22/2023
azure-monitor Profiler Cloudservice https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-cloudservice.md
Title: Enable Profiler for Azure Cloud Services | Microsoft Docs
description: Profile Azure Cloud Services in real time with Application Insights Profiler. Previously updated : 07/07/2023 Last updated : 09/22/2023 # Enable Profiler for Azure Cloud Services
azure-monitor Profiler Containers https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-containers.md
Title: Profile Azure containers with Application Insights Profiler
description: Learn how to enable the Application Insights Profiler for your ASP.NET Core application running in Azure containers. ms.contributor: charles.weininger Previously updated : 08/30/2023- Last updated : 09/22/2023+ # Customer Intent: As a .NET developer, I'd like to learn how to enable Profiler on my ASP.NET Core application running in my container.
azure-monitor Profiler Data https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-data.md
Title: Generate load and view Application Insights Profiler data
description: Generate load to your Azure service to view the Profiler data ms.contributor: charles.weininger Previously updated : 04/11/2023 Last updated : 09/22/2023
azure-monitor Profiler Overview https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-overview.md
Title: Profile production apps in Azure with Application Insights Profiler
+ Title: Analyze application performance traces with Application Insights Profiler
description: Identify the hot path in your web server code with a low-footprint profiler. ms.contributor: charles.weininger Previously updated : 07/15/2022- Last updated : 09/21/2023+ # Profile production applications in Azure with Application Insights Profiler
-Diagnosing performance issues can be difficult, especially when your application is running on a production environment in the cloud. The cloud is dynamic. Machines come and go, and user input and other conditions are constantly changing. There's also potential for high scale. Slow responses in your application could be caused by infrastructure, framework, or application code handling the request in the pipeline.
+Diagnosing your application's performance issues can be difficult, especially when running on a production environment in the dynamic cloud. Slow responses in your application could be caused by infrastructure, framework, or application code handling the request in the pipeline.
-With Application Insights Profiler, you can capture and view performance traces for your application in all these dynamic situations. The process occurs automatically at scale and doesn't negatively affect your users. Profiler captures the following information so that you can easily identify performance issues while your app is running in Azure:
+With Application Insights Profiler, you can capture, identify, and view performance traces for your application running in Azure, regardless of the scenario. The Profiler trace process occurs automatically, at scale, and doesn't negatively affect your users. The Profiler identifies:
-- Identifies the median, fastest, and slowest response times for each web request made by your customers.-- Helps you identify the "hot" code path spending the most time handling a particular web request.
+- The median, fastest, and slowest response times for each web request made by your customers.
+- The "hot" code path spending the most time handling a particular web request.
-Enable the Profiler on all your Azure applications to catch issues early and prevent your customers from being widely affected. When you enable Profiler, it gathers data with these triggers:
+Enable the Profiler on all your Azure applications to gather data with the following triggers:
- **Sampling trigger**: Starts Profiler randomly about once an hour for two minutes. - **CPU trigger**: Starts Profiler when the CPU usage percentage is over 80 percent. - **Memory trigger**: Starts Profiler when memory usage is above 80 percent.
-Each of these triggers can be configured, enabled, or disabled on the [Configure Profiler page](./profiler-settings.md#trigger-settings).
+Each of these triggers can be [configured, enabled, or disabled](./profiler-settings.md#trigger-settings).
## Overhead and sampling algorithm
-Profiler randomly runs two minutes per hour on each virtual machine hosting the application with Profiler enabled for capturing traces. When Profiler is running, it adds from 5 percent to 15 percent CPU overhead to the server.
+Profiler randomly runs two minutes per hour on each virtual machine hosting applications with Profiler enabled. When Profiler is running, it adds from 5 percent to 15 percent CPU overhead to the server.
## Supported in Profiler
Profiler works with .NET applications deployed on the following Azure services.
| [Azure Container Instances for Linux](profiler-containers.md) | No | Yes | No | | Kubernetes | No | Yes | No | | [Azure Functions](./profiler-azure-functions.md) | Yes | Yes | No |
-| Azure Spring Cloud | N/A | No | No |
| [Azure Service Fabric](profiler-servicefabric.md) | Yes | Yes | No | If you've enabled Profiler but aren't seeing traces, see the [Troubleshooting guide](profiler-troubleshooting.md).
azure-monitor Profiler Servicefabric https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-servicefabric.md
Title: Enable Profiler for Azure Service Fabric applications
description: Profile live Azure Service Fabric apps with Application Insights. Previously updated : 07/15/2022 Last updated : 09/22/2023 # Enable Profiler for Azure Service Fabric applications
azure-monitor Profiler Settings https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-settings.md
Title: Configure Application Insights Profiler | Microsoft Docs
description: Use the Application Insights Profiler settings pane to see Profiler status and start profiling sessions ms.contributor: Charles.Weininger Previously updated : 08/09/2022 Last updated : 09/22/2023 # Configure Application Insights Profiler
To open the Application Insights Profiler settings pane, select **Performance**
You can view Profiler traces across your Azure resources via two methods: -- By the **Profiler** button:
+- The **Profiler** button:
Select **Profiler**. :::image type="content" source="./media/profiler-overview/profiler-button-inline.png" alt-text="Screenshot that shows the Profiler button on the Performance pane." lightbox="media/profiler-settings/profiler-button.png"::: -- By operation:
+- Operations:
1. Select an operation from the **Operation name** list. **Overall** is highlighted by default. 1. Select **Profiler traces**.
Within Profiler, you can configure and view Profiler. The **Application Insights
**Recent profiling sessions** | Displays information about past profiling sessions, which you can sort by using the filters at the top of the page. ## Profile now+ Select **Profile now** to start a profiling session on demand. When you select this link, all Profiler agents that are sending data to this Application Insights instance start to capture a profile. After 5 to 10 minutes, the profile session is shown in the list. To manually trigger a Profiler session, you need, at minimum, *write* access on your role for the Application Insights component. In most cases, you get write access automatically. If you're having issues, you need the **Application Insights Component Contributor** subscription scope role added. For more information, see [Resources, roles, and access control in Application Insights](../app/resources-roles-access-control.md).
CPU % | Percentage of CPU used while Profiler was running.
Memory % | Percentage of memory used while Profiler was running. ## Next steps+ [Enable Profiler and view traces](profiler-overview.md?toc=/azure/azure-monitor/toc.json) [profiler-on-demand]: ./media/profiler-settings/profiler-on-demand.png
azure-monitor Profiler Trackrequests https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-trackrequests.md
Title: Write code to track requests with Application Insights | Microsoft Docs
description: Write code to track requests with Application Insights so you can get profiles for your requests. Previously updated : 08/09/2022 Last updated : 09/22/2023 # Write code to track requests with Application Insights
-Application Insights needs to track requests for your application to provide profiles for your application on the **Performance** page in the Azure portal.
-
-For applications built on already-instrumented frameworks (like ASP.NET and ASP.NET Core), Application Insights can automatically track requests.
+Application Insights needs to track requests for your application to provide profiles for your application on the **Performance** page in the Azure portal. For applications built on already-instrumented frameworks (like ASP.NET and ASP.NET Core), Application Insights can automatically track requests.
For other applications (like Azure Cloud Services worker roles and Azure Service Fabric stateless APIs), you need to track requests with code that tells Application Insights where your requests begin and end. Requests telemetry is then sent to Application Insights, which you can view on the **Performance** page. Profiles are collected for those requests.
azure-monitor Profiler Vm https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler-vm.md
Title: Enable Profiler for web apps on an Azure virtual machine description: Profile web apps running on an Azure virtual machine or a virtual machine scale set by using Application Insights Profiler Previously updated : 07/18/2022 Last updated : 09/22/2023
[!INCLUDE [updated-for-az](../../../includes/updated-for-az.md)]
-In this article, you learn how to run Application Insights Profiler on your Azure virtual machine (VM) or Azure virtual machine scale set via three different methods. With any of these methods, you:
+In this article, you learn how to run Application Insights Profiler on your Azure virtual machine (VM) or Azure virtual machine scale set via three different methods:
+
+- Visual Studio and Azure Resource Manager
+- PowerShell
+- Azure Resource Explorer
+
+With any of these methods, you:
- Configure the Azure Diagnostics extension to run Profiler. - Install the Application Insights SDK on a VM.
In this article, you learn how to run Application Insights Profiler on your Azur
## Prerequisites
-You need:
- - A functioning [ASP.NET Core application](/aspnet/core/getting-started). - An [Application Insights resource](../app/create-workspace-resource.md). - To review the Azure Resource Manager templates (ARM templates) for the Azure Diagnostics extension:
You need:
You can enable Profiler by any of three ways: -- Within your ASP.NET Core application by using an Azure Resource Manager template and Visual Studio. We recommend this method.
+- Within your ASP.NET Core application by using an Azure Resource Manager template and Visual Studio. **Recommended.**
- By using a PowerShell command via the Azure CLI. - By using Azure Resource Explorer.
azure-monitor Profiler https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/profiler/profiler.md
Title: Enable Profiler for Azure App Service apps | Microsoft Docs description: Profile live apps on Azure App Service with Application Insights Profiler. Previously updated : 05/01/2023- Last updated : 09/21/2023+ # Enable Profiler for Azure App Service apps
-Application Insights Profiler is preinstalled as part of the Azure App Service runtime. You can run Profiler on ASP.NET and ASP.NET Core apps running on App Service by using the Basic service tier or higher. Follow these steps even if you've included the Application Insights SDK in your application at build time.
+Application Insights Profiler is preinstalled as part of the Azure App Service runtime. You can run Profiler on ASP.NET and ASP.NET Core apps running on App Service by using the Basic service tier or higher. Follow these steps, even if you included the Application Insights SDK in your application at build time.
To enable Profiler on Linux, walk through the [ASP.NET Core Azure Linux web apps instructions](profiler-aspnetcore-linux.md). > [!NOTE]
-> Codeless installation of Application Insights Profiler follows the .NET Core support policy.
-> For more information about supported runtime, see [.NET Core Support Policy](https://dotnet.microsoft.com/platform/support/policy/dotnet-core).
+> Codeless installation of Application Insights Profiler follows the .NET Core support policy. For more information about supported runtime, see [.NET Core Support Policy](https://dotnet.microsoft.com/platform/support/policy/dotnet-core).
## Prerequisites
-You need:
- - An [Azure App Service ASP.NET/ASP.NET Core app](../../app-service/quickstart-dotnetcore.md). - An [Application Insights resource](/previous-versions/azure/azure-monitor/app/create-new-resource) connected to your App Service app.
-## Verify the Always on setting is enabled
+## Verify the "Always on" setting is enabled
1. In the Azure portal, go to your App Service instance. 1. Under **Settings** on the left pane, select **Configuration**.
azure-resource-manager Async Operations https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-resource-manager/management/async-operations.md
There are two different ways to monitor the status the asynchronous operation. Y
If `Azure-AsyncOperation` isn't one of the header values, then look for:
-* `Location` - URL for determining when an operation has completed. Only use this value only when `Azure-AsyncOperation` isn't returned.
+* `Location` - URL for determining when an operation has completed. Use this value only when `Azure-AsyncOperation` isn't returned.
* `Retry-After` - The number of seconds to wait before checking the status of the asynchronous operation. > [!NOTE]
If the request is still running, you receive a status code 202. If the request h
## Next steps * For documentation about each REST operation, see [REST API documentation](/rest/api/azure/).
-* For information about deploying templates through the Resource Manager REST API, see [Deploy resources with Resource Manager templates and Resource Manager REST API](../templates/deploy-rest.md).
+* For information about deploying templates through the Resource Manager REST API, see [Deploy resources with Resource Manager templates and Resource Manager REST API](../templates/deploy-rest.md).
backup Save Backup Passphrase Securely In Azure Key Vault https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/backup/save-backup-passphrase-securely-in-azure-key-vault.md
Based on the Key Vault permission model (either role-based access permissions or
To assign the permissions, follow these steps: 1. Go to your *Azure Key Vault* > **Settings** > **Access Configuration** to ensure that the permission model is **RBAC**.
-
+
+ :::image type="content" source="./media/save-backup-passphrase-securely-in-azure-key-vault/open-access-configuration.png" alt-text="Screenshot shows how to open access configuration under settings." lightbox="./media/save-backup-passphrase-securely-in-azure-key-vault/open-access-configuration.png":::
+ 2. Select **Access control (IAM)** > **+Add** to add role assignment. 3. The Recovery Services vault identity requires the **Set permission on Secret** to create and add the passphrase as a Secret to the Key Vault. You can select a *built-in role* such as **Key Vault Secrets Officer** that has the permission (along with other permissions not required for this feature) or [create a custom role](../key-vault/general/rbac-guide.md?tabs=azurepowershell#creating-custom-roles) with only Set permission on Secret.
- Select **Details** to view the permissions granted by the role and ensure Set permission on Secret is available.
+ Under **Details**, select **View** to view the permissions granted by the role and ensure *Set* permission on *Secret* is available.
+ :::image type="content" source="./media/save-backup-passphrase-securely-in-azure-key-vault/view-permission-details.png" alt-text="Screenshot shows how to view the permission details." lightbox="./media/save-backup-passphrase-securely-in-azure-key-vault/view-permission-details.png":::
+
+ :::image type="content" source="./media/save-backup-passphrase-securely-in-azure-key-vault/check-set-permission-availability-on-secret.png" alt-text="Screenshot shows how to check the Set permission availability." lightbox="./media/save-backup-passphrase-securely-in-azure-key-vault/check-set-permission-availability-on-secret.png":::
+ 4. Select **Next** to proceed to select Members for assignment. 5. Select **Managed identity** and then **+ Select members**. choose the **Subscription** of the target Recovery Services vault, select Recovery Services vault under **System-assigned managed identity**. Search and select the *name of the Recovery Services vault*.+
+ :::image type="content" source="./media/save-backup-passphrase-securely-in-azure-key-vault/add-members-in-managed-identity.png" alt-text="Screenshot shows how to add members in managed identity." lightbox="./media/save-backup-passphrase-securely-in-azure-key-vault/add-members-in-managed-identity.png":::
6. Select **Next**, review the assignment, and select **Review + assign**.
-
-7. Go to **Access control (IAM)** in the Key Vault, select **Role assignments** and ensure that the Recovery Services vault is listed.
+
+ :::image type="content" source="./media/save-backup-passphrase-securely-in-azure-key-vault/review-and-assign-permissions.png" alt-text="Screenshot shows how to review and assign permissions." lightbox="./media/save-backup-passphrase-securely-in-azure-key-vault/review-and-assign-permissions.png":::
+
+7. Go to **Access control (IAM)** in the Key Vault, select **Role assignments** and ensure that the Recovery Services vault is listed.
+
+ :::image type="content" source="./media/save-backup-passphrase-securely-in-azure-key-vault/recovery-services-vault-listed-in-access-control.png" alt-text="Screenshot shows the Recovery Services vault is listed in access control." lightbox="./media/save-backup-passphrase-securely-in-azure-key-vault/recovery-services-vault-listed-in-access-control.png":::
# [PowerShell](#tab/powershell)
chaos-studio Chaos Studio Target Selection https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/chaos-studio/chaos-studio-target-selection.md
+
+ Title: Target selection in Azure Chaos Studio Preview
+description: Understand two different ways to select experiment targets in Azure Chaos Studio Preview.
++++ Last updated : 09/25/2023+++
+# Target selection in Azure Chaos Studio Preview
+
+Every chaos experiment is made up of a different combination of faults and targets, building up to a unique outage scenario to test your system's resilience against. You may want to select a fixed set of targets for your chaos experiment, or provide a rule in which all matching fault-onboarded resources are included as targets in your experiment. Chaos Studio enables you to do both by providing both manual and query-based target selection.
+
+## List-based manual target selection
+
+List-based manual target selection allows you to select a fixed set of onboarded targets for a particular fault in your chaos experiment. Depending on the selected fault, you may select one or more onboarded resources to target. The aforementioned resources are added to the experiment upon creation time. In order to modify the list, you must navigate to the experiment's page and add or remove fault targets manually. An example of manual target selection is shown below.
+
+[ ![Screenshot that shows the list-based manual target selection option in the Azure portal.](images/manual-target-selection.png) ](images/manual-target-selection.png#lightbox)
+
+## Query-based dynamic target selection
+
+Query-based dynamic target selection allows you to input a KQL query that will select all onboarded targets that match the query result set. Using your query, you may filter targets based on common Azure resource parameters including type, region, name, and more. Upon experiment creation time, only the query itself will be added to your chaos experiment.
+
+The inputted query will run and add onboarded targets that match its result set upon experiment execution time. Thus, any resources onboarded to Chaos Studio after experiment creation time that match the query result set upon experiment execution time will be targeted by your experiment. You may preview your query's result set when adding it to your experiment, but be aware that it may not match the result set at experiment execution time. An example of a possible dynamic target query is shown below.
+
+[ ![Screenshot that shows the query-based dynamic target selection option in the Azure portal.](images/dynamic-target-selection-preview.png) ](images/dynamic-target-selection-preview.png#lightbox)
+
+## Next steps
+Now that you understand both ways to select targets within a chaos experiment, you're ready to:
+
+- [Create and run your first experiment](chaos-studio-tutorial-service-direct-portal.md)
communication-services Call Recording https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/communication-services/concepts/voice-video-calling/call-recording.md
Call Recording enables you to record multiple calling scenarios available in Azure Communication Services by providing you with a set of APIs to start, stop, pause and resume recording. Whether it's a PSTN, WebRTC, or SIP call, these APIs can be accessed from your server-side business logic. Also, recordings can be triggered by a user action that tells the server application to start recording. Depending on your business needs, you can use Call Recording for different Azure Communication Services calling implementations.
-For example, you can record 1:1 or 1:N scenarios for audio and video calls enabled by [Calling Client SDK](./calling-sdk-features.md).
+For example, you can record 1:1 or 1:N audio and video calls:
![Diagram showing a call that it's being recorded.](../media/call-recording-client.png)
But also, you can use Call Recording to record complex PSTN or VoIP inbound and
Regardless of how you established the call, Call Recording allows you to produce mixed or unmixed media files that are stored for 48 hours on a built-in temporary storage. You can retrieve the files and take them to the long-term storage solution of your choice. Call Recording supports all Azure Communication Services data regions.
-![Diagram showing call recording architecture using calling client sdk.](../media/call-recording-with-call-automation.png)
+![Diagram showing call recording architecture.](../media/call-recording-with-call-automation.png)
## Call Recording that supports your business needs Call Recording supports multiple media outputs and content types to address your business needs and use cases. You might use mixed formats for scenarios such as keeping records, meeting notes, coaching and training, or even compliance and adherence. Or, you can use unmixed audio format to address quality assurance use cases or even more complex scenarios like advanced analytics or AI-based (Artificial Intelligence) sophisticated post-call processes.
communication-services Calling Sdk Features https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/communication-services/concepts/voice-video-calling/calling-sdk-features.md
The Azure Communication Services Calling SDK supports the following streaming co
| Limit | Web | Windows/Android/iOS | | - | | -- | | **Maximum # of outgoing local streams that can be sent simultaneously** | 1 video and 1 screen sharing | 1 video + 1 screen sharing |
-| **Maximum # of incoming remote streams that can be rendered simultaneously** | 9 videos + 1 screen sharing WebSDK version [1.16.3](https://github.com/Azure/Communication/blob/master/releasenotes/acs-javascript-calling-library-release-notes.md#1163-stable-2023-08-24) or greater | 9 videos + 1 screen sharing |
+| **Maximum # of incoming remote streams that can be rendered simultaneously** | 9 videos + 1 screen sharing on desktop browsers*, 4 videos + 1 screen sharing on web mobile browsers | 9 videos + 1 screen sharing |
+\* Starting from ACS Web Calling SDK version [1.16.3](https://github.com/Azure/Communication/blob/master/releasenotes/acs-javascript-calling-library-release-notes.md#1163-stable-2023-08-24)
While the Calling SDK don't enforce these limits, your users may experience performance degradation if they're exceeded. Use the API of [Optimal Video Count](../../how-tos/calling-sdk/manage-video.md?pivots=platform-web#remote-video-quality) to determine how many current incoming video streams your web environment can support. ## Calling SDK timeouts
confidential-computing Vmss Deployment From Hardened Linux Image https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/confidential-computing/vmss-deployment-from-hardened-linux-image.md
+
+ Title: Deploy a virtual machine scale set using a hardened Linux image
+description: Learn how to use vmss to deploy a scale set using the hardened linux image.
++
+m
++ Last updated : 9/12/2023++++
+# Deploy a virtual machine scale set using a hardened Linux image
+
+**Applies to:** :heavy_check_mark: Hardened Linux Images
+
+Virtual machine scale set deployments using images from Azure marketplace can be done following the steps described for standard [VMSS deployments](/azure/virtual-machine-scale-sets/flexible-virtual-machine-scale-sets-cli).
+
+However, if you have chosen to create a hardened linux image by removing the Azure guest agents, it's crucial to comprehend what functionalities the VM loses before you decide to remove the Azure Linux Agent, and how it affects vmss deployment.
+
+This "how to" document describes the steps to deploy a virtual machine scale set instance while comprehending the functional limitations of the hardened image on deploying the vmss instance.
+## Prerequisites
+
+- Azure subscription - If you don't have an Azure subscription, [create a free Azure account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin.
+- If your free trial accounts don't have access to the VMs used in this tutorial, one option is to use a [pay as you go subscription](https://azure.microsoft.com/pricing/purchase-options/pay-as-you-go/).
+- A hardened linux image - you can create one from this [article](harden-a-linux-image-to-remove-azure-guest-agent.md).
+
+### VMSS confidential VM deployment from a hardened Linux image
+
+Steps to deploy a scale set using VMSS and a hardened image are as follows:
+
+1. Follow the steps to harden a Linux image.
+
+ [Harden a Linux image to remove Azure guest agent](harden-a-linux-image-to-remove-azure-guest-agent.md).
+
+ [Harden a Linux image to remove sudo users](harden-the-linux-image-to-remove-sudo-users.md).
+
+2. Log in to the Azure CLI.
+
+ Make sure that you've installed the latest [Azure CLI](/cli/azure/install-azure-cli) and are logged in to an Azure account with [az login](/cli/azure/reference-index).
+
+3. Launch Azure Cloud Shell.
+
+ The [Azure Cloud Shell](https://shell.azure.com/cli) is a free interactive shell that you can use to run the steps in this article. It has common Azure tools preinstalled and configured to use with your account.
+
+ To open the Cloud Shell, just select Try it from the upper right corner of a code block. You can also open Cloud Shell in a separate browser tab by going to https://shell.azure.com/bash. Select Copy to copy the blocks of code, paste it into the Cloud Shell, and select Enter to run i