Merge branch 'master' into tibre/multiTenantSample

Tiago Brenck · Tiago Brenck · commit 5ac63fadfd1e · 2019-11-27T17:16:36.000-08:00
diff --git a/.gitignore b/.gitignore
@@ -107,3 +107,6 @@
 /4-WebApp-your-API/4-2-B2C/.vs
 /4-WebApp-your-API/4-2-B2C/Client/obj
 /4-WebApp-your-API/4-2-B2C/TodoListService/obj
+/2-WebApp-graph-user/2-3-Multi-Tenant/.vs/WebApp-OpenIDConnect-DotNet
+/2-WebApp-graph-user/2-3-Multi-Tenant/bin/Debug/netcoreapp2.2
+/2-WebApp-graph-user/2-3-Multi-Tenant/obj
diff --git a/1-WebApp-OIDC/1-1-MyOrg/README.md b/1-WebApp-OIDC/1-1-MyOrg/README.md
@@ -9,7 +9,7 @@ endpoint: Microsoft identity platform
 
 # An ASP.NET Core Web app signing-in users with the Microsoft identity platform in your organization
 
-> This sample is for Azure AD, not Azure AD B2C. See [active-directory-b2c-dotnetcore-webapp](https://github.com/Azure-Samples/active-directory-b2c-dotnetcore-webapp), until we incorporate the B2C variation in the tutorial.
+> This sample is for Azure AD, not Azure AD B2C. See [sample 1-5-B2C](https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2/tree/master/1-WebApp-OIDC/1-5-B2C), for B2C scenario.
 
 [![Build status](https://identitydivision.visualstudio.com/IDDP/_apis/build/status/AAD%20Samples/.NET%20client%20samples/ASP.NET%20Core%20Web%20App%20tutorial)](https://identitydivision.visualstudio.com/IDDP/_build/latest?definitionId=819)
 
diff --git a/2-WebApp-graph-user/2-1-Call-MSGraph/README.md b/2-WebApp-graph-user/2-1-Call-MSGraph/README.md
@@ -26,6 +26,8 @@ To run this sample:
 >
 > go through the previous phase of the tutorial showing how the [WebApp signs-in users with Microsoft Identity (OIDC) / with work and school or personal accounts](../../1-WebApp-OIDC/1-3-AnyOrgOrPersonal). This page shows the incremental change required to call the Microsoft Graph API on behalf of a user that has successfully signed in to the web app.
 
+- Developers who wish to gain good familiarity of programming for Microsoft Graph are advised to go through the [An introduction to Microsoft Graph for developers](https://www.youtube.com/watch?v=EBbnpFdB92A) recorded session.
+
 ### Step 1: Register the sample with your Azure AD tenant
 
 You first need to [register](../../1-WebApp-OIDC/1-1-MyOrg#step-1-register-the-sample-with-your-azure-ad-tenant) your app as described in [the first tutorial](../../1-WebApp-OIDC/1-1-MyOrg)
diff --git a/2-WebApp-graph-user/2-4-Sovereign-Call-MSGraph/README.md b/2-WebApp-graph-user/2-4-Sovereign-Call-MSGraph/README.md
@@ -26,6 +26,8 @@ To run this sample:
 >
 > go through the previous phase of the tutorial showing how the [WebApp signs-in users with Microsoft Identity (OIDC) / with work and school](../../1-WebApp-OIDC/1-2-AnyOrg). This page shows the incremental change required to call the Microsoft Graph API on behalf of a user that has successfully signed in to the web app.
 
+- Developers who wish to gain good familiarity of programming for Microsoft Graph are advised to go through the [An introduction to Microsoft Graph for developers](https://www.youtube.com/watch?v=EBbnpFdB92A) recorded session.
+
 ### Step 1: Register the sample with your Azure AD tenant
 
 You first need to [register](https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2/tree/master/1-WebApp-OIDC/1-4-Sovereign#step-2-register-the-sample-with-your-azure-ad-tenant) your app as described in [Web app signing-in users in Sovereign](hhttps://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2/tree/master/1-WebApp-OIDC/1-4-Sovereign#scenario)
diff --git a/5-WebApp-AuthZ/5-2-Groups/README-incremental-instructions.md b/5-WebApp-AuthZ/5-2-Groups/README-incremental-instructions.md
@@ -133,6 +133,8 @@ If a user is member of more groups than the overage limit (**150 for SAML tokens
 
 > When attending to overage scenarios, which requires a call to [Microsoft Graph](https://graph.microsoft.com) to read the signed-in user's group memberships, your app will need to have the [Directory.Read.All](https://docs.microsoft.com/en-us/graph/permissions-reference#group-permissions) for the [getMemberObjects](https://docs.microsoft.com/en-us/graph/api/user-getmemberobjects?view=graph-rest-1.0) function to execute successfully.
 
+- Developers who wish to gain good familiarity of programming for Microsoft Graph are advised to go through the [An introduction to Microsoft Graph for developers](https://www.youtube.com/watch?v=EBbnpFdB92A) recorded session.
+
 #### When using the implicit_grant flow to authenticate
 
 In case, you are authenticating using the [implicit grant flow](https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-oauth2-implicit-grant-flow), the **overage** indication and limits are different than the apps using other flows.
diff --git a/5-WebApp-AuthZ/5-2-Groups/README.md b/5-WebApp-AuthZ/5-2-Groups/README.md
@@ -214,7 +214,7 @@ If a user is member of more groups than the overage limit (**150 for SAML tokens
 
 > An Identity Office Hours session covered Azure AD App roles and security groups, featuring this scenario and how to handle the overage claim. Watch the video [Using Security Groups and Application Roles in your apps](https://www.youtube.com/watch?v=V8VUPixLSiM)
 
- > You can use the `BulkCreateGroups.ps1` provided in the [App Creation Scripts](./AppCreationScripts/) folder to create a large number of groups and assign users to them. This will help test overage scenarios during development.
+> You can use the `BulkCreateGroups.ps1` provided in the [App Creation Scripts](./AppCreationScripts/) folder to create a large number of groups and assign users to them. This will help test overage scenarios during development.
 
 ##### Order of processing the overage claim
 
@@ -226,6 +226,8 @@ If a user is member of more groups than the overage limit (**150 for SAML tokens
 
 > When attending to overage scenarios, which requires a call to [Microsoft Graph](https://graph.microsoft.com) to read the signed-in user's group memberships, your app will need to have the [Directory.Read.All](https://docs.microsoft.com/en-us/graph/permissions-reference#group-permissions) for the [getMemberObjects](https://docs.microsoft.com/en-us/graph/api/user-getmemberobjects?view=graph-rest-1.0) function to execute successfully.
 
+- Developers who wish to gain good familiarity of programming for Microsoft Graph are advised to go through the [An introduction to Microsoft Graph for developers](https://www.youtube.com/watch?v=EBbnpFdB92A) recorded session.
+
 #### When using the implicit_grant flow to authenticate
 
 In case, you are authenticating using the [implicit grant flow](https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-oauth2-implicit-grant-flow), the **overage** indication and limits are different than the apps using other flows.

Original file line number	Diff line number	Diff line change
`@@ -26,6 +26,8 @@ To run this sample:`
`26`	`26`	`>`
`27`	`27`	`> go through the previous phase of the tutorial showing how the [WebApp signs-in users with Microsoft Identity (OIDC) / with work and school or personal accounts](../../1-WebApp-OIDC/1-3-AnyOrgOrPersonal). This page shows the incremental change required to call the Microsoft Graph API on behalf of a user that has successfully signed in to the web app.`
`28`	`28`
	`29`	`+- Developers who wish to gain good familiarity of programming for Microsoft Graph are advised to go through the [An introduction to Microsoft Graph for developers](https://www.youtube.com/watch?v=EBbnpFdB92A) recorded session.`
	`30`	`+`
`29`	`31`	`### Step 1: Register the sample with your Azure AD tenant`
`30`	`32`
`31`	`33`	`You first need to [register](../../1-WebApp-OIDC/1-1-MyOrg#step-1-register-the-sample-with-your-azure-ad-tenant) your app as described in [the first tutorial](../../1-WebApp-OIDC/1-1-MyOrg)`