Merge branch 'main' into freshness-perm-differences

Author: FaithOmbongi

api-reference/beta/resources/user.md

@@ -168,6 +168,8 @@ This resource supports:
 |[Upgrade app installed for user](../api/userteamwork-teamsappinstallation-upgrade.md) | None | Upgrades to the latest version of the app installed in the personal scope of a user.|
 |[Get chat between user and app](../api/userscopeteamsappinstallation-get-chat.md)| [Chat](chat.md)| Lists one-on-one chat between the user and the app. |
 |[List permission grants](../api/user-list-permissiongrants.md)| [resourceSpecificPermissionGrant](resourcespecificpermissiongrant.md) collection| List all [resource-specific permission grants](../resources/resourcespecificpermissiongrant.md) of a [user](../resources/user.md). |
+| **Terms of use agreements** |||
+| [Agreement acceptances for a user](../api/user-list-agreementacceptances.md) | [agreementAcceptance](agreementacceptance.md) | Retrieve a user's agreementAcceptance objects. |
 | **To-do tasks** |||
 |[List tasks](../api/todotasklist-list-tasks.md)|[todoTask](todotask.md) collection|Get all the [todoTask](todotask.md) resources in the specified list.|
 |[Create task](../api/todotasklist-post-tasks.md)|[todoTask](todotask.md)| Create a [todoTask](todotask.md) in the specified task list.|

api-reference/beta/toc/users/toc.yml

@@ -282,6 +282,10 @@ items:
       href: ../../api/userscopeteamsappinstallation-get-chat.md
     - name: List permission grants
       href: ../../api/user-list-permissiongrants.md
+  - name: Terms of use agreements
+    items:
+    - name: Agreement acceptances for a user
+      href: ../../api/user-list-agreementacceptances.md
   - name: To-do tasks
     items:
     - name: List tasks

api-reference/v1.0/resources/user.md

@@ -138,6 +138,8 @@ This resource supports:
 | [Upgrade app installed for user](../api/userteamwork-teamsappinstallation-upgrade.md) | None | Upgrades to the latest version of the app installed in the personal scope of a user. |
 | [Get chat between user and app](../api/userscopeteamsappinstallation-get-chat.md) | [Chat](chat.md) | Lists one-on-one chat between the user and the app. |
 |[List permission grants](../api/user-list-permissiongrants.md)| [resourceSpecificPermissionGrant](resourcespecificpermissiongrant.md) collection| List all [resource-specific permission grants](../resources/resourcespecificpermissiongrant.md) of a [user](../resources/user.md). |
+| **Terms of use agreements** |||
+| [Agreement acceptances for a user](../api/user-list-agreementacceptances.md) | [agreementAcceptance](agreementacceptance.md) | Retrieve a user's agreementAcceptance objects. |
 | **To-do tasks** |  |  |
 | [List tasks](../api/todotasklist-list-tasks.md) | [todoTask](todotask.md) collection | Get all the [todoTask](todotask.md) resources in the specified list. |
 | [Create task](../api/todotasklist-post-tasks.md) | [todoTask](todotask.md) | Create a [todoTask](todotask.md) in the specified task list. |

api-reference/v1.0/toc/users/toc.yml

@@ -234,6 +234,10 @@ items:
       href: ../../api/userscopeteamsappinstallation-get-chat.md
     - name: List permission grants
       href: ../../api/user-list-permissiongrants.md
+  - name: Terms of use agreements
+    items:
+    - name: Agreement acceptances for a user
+      href: ../../api/user-list-agreementacceptances.md
   - name: To-do tasks
     items:
     - name: List tasks

concepts/migrate-azure-ad-graph-authentication-library.md

@@ -7,7 +7,7 @@ ms.reviewer: krbash
 ms.localizationpriority: medium
 ms.topic: how-to
 ms.subservice: entra-applications
-ms.date: 01/12/2024
+ms.date: 01/24/2025
 #Customer intent: As a developer, I want to learn what authentication libraries to use, so that I can update my code accordingly as I migrate my app from Azure AD Graph to Microsoft Graph.
 ---
 
@@ -24,19 +24,13 @@ Most apps use an authentication library to acquire and manage access tokens to c
 
 If your app still uses ADAL, use a two-stage migration approach:
 
-1. Update your app to acquire access tokens for Microsoft Graph. Continue to use ADAL for this step. Update the **resourceURL**, which holds the URI representing the resource web API, from:
-
-    `https://graph.windows.net`  
-
-    To:  
-
-    `https://graph.microsoft.com`
+1. Update your app to acquire access tokens for Microsoft Graph. Continue to use ADAL for this step. Update the **resourceURL**, which holds the URI representing the resource web API, from  `https://graph.windows.net` to `https://graph.microsoft.com`.
 
     Newly acquired tokens have the same scopes after this change, but the audience of the access tokens is now Microsoft Graph.  
 
     Once you update **resourceURL** and verified functionality, release an interim update for your app users.
 
-1.  Next, begin migrating your app to use MSAL, which is the only supported library, now that ADAL is retired.
+1. Next, begin migrating your app to use MSAL, which is the only supported library, now that ADAL is retired.
 
 ## Migrating to MSAL
 
@@ -48,7 +42,7 @@ When you switch your app over to MSAL, you need to make a few changes, including
 var scopes = new string[] { "https://graph.microsoft.com/.default" };
 ```
 
-The expression above limits the permission scopes request to the scopes configured during application registration in the Microsoft Entra admin center, and saves your existing users from having to consent to your app again.
+This expression restricts the permission scopes to those configured on the app registration in the Microsoft Entra admin center, preventing existing users from needing to re-consent to your app.
 
 Learn [.NET client library](migrate-azure-ad-graph-client-libraries.md) differences between Azure Active Directory (Azure AD) Graph and Microsoft Graph.
 

concepts/migrate-azure-ad-graph-planning-checklist.md

@@ -7,7 +7,7 @@ ms.reviewer: krbash
 ms.topic: quickstart
 ms.localizationpriority: medium
 ms.subservice: entra-applications
-ms.date: 01/12/2024
+ms.date: 01/20/2025
 #Customer intent: As a developer, what are some of the things I need to consider when migrating my app from Azure AD Graph to Microsoft Graph?
 ---
 
@@ -17,26 +17,26 @@ Use the following checklist to plan your migration from Azure Active Directory (
 
 ## Step 1: Review the differences between the APIs
 
-In many respects, Microsoft Graph is similar to the earlier Azure AD Graph. In many cases, change the endpoint, version, and resource name in your code, and everything should continue to work.
+In many ways, Microsoft Graph resembles Azure AD Graph. Often, you can simply update the endpoint, version, and resource name in your code, and it should function as expected.
 
-Nonetheless, there are differences. Certain resources, properties, methods, and core capabilities changed.
+However, there are differences where some resources, properties, methods, and core capabilities have changed.
 
-Specifically, look for differences in the following areas:
+Look for differences in the following areas:
 
-- [Request call syntax](migrate-azure-ad-graph-request-differences.md) between the two services
-- [Feature differences](migrate-azure-ad-graph-feature-differences.md), such as directory extensions, batching, differential queries, and so on
-- [Entity resource names](migrate-azure-ad-graph-resource-differences.md) and their types
-- [Properties](migrate-azure-ad-graph-property-differences.md) of request and response objects
-- [Methods](migrate-azure-ad-graph-method-differences.md), including parameters and types
-- [Permissions](migrate-azure-ad-graph-permissions-differences.md)
+- [Request call syntax](migrate-azure-ad-graph-request-differences.md) between the two services.
+- [Feature differences](migrate-azure-ad-graph-feature-differences.md), such as directory extensions, batching, differential queries, and so on.
+- [Entity resource names](migrate-azure-ad-graph-resource-differences.md) and their types.
+- [Properties](migrate-azure-ad-graph-property-differences.md) of request and response objects.
+- [Methods](migrate-azure-ad-graph-method-differences.md), including parameters and types.
+- [Permissions](migrate-azure-ad-graph-permissions-differences.md).
 
 ## Step 2: Examine API use
 
 [Examine the APIs](migrate-azure-ad-graph-audit-api-use.md) used by your app, the permissions they require, and compare to the list of known differences.  
 
-For production, verify that the APIs your app needs are generally available in Microsoft Graph v1.0 and inspect whether they work like in Azure AD Graph or differently.
+For production, ensure that the APIs your app requires are generally available in Microsoft Graph v1.0 and verify if they function the same as in Azure AD Graph or have differences.
 
-For testing, use [Graph Explorer](https://aka.ms/ge) to experiment with API calls and to develop new approaches. For best results, sign in using the credentials of a test user in a test tenant so that you verify the API behavior in a realistic environment.
+For testing, use [Graph Explorer](https://aka.ms/ge) to experiment with API calls and develop new approaches. For best results, sign in with the credentials of a test user in a test tenant to verify the API behavior in a realistic environment.
 
 ## Step 3: Review app details
 
@@ -46,7 +46,7 @@ For testing, use [Graph Explorer](https://aka.ms/ge) to experiment with API call
 
 ## Step 4: Deploy, test, and extend your app
 
-Before updating your app for production, ensure you test thoroughly and stage your rollout to your customer audience.
+Before updating your app for production, thoroughly test it and stage the rollout to your customer audience.
 
 After switching to Microsoft Graph, you unlock many more datasets and features that are defined in [Major services and features in Microsoft Graph](./overview-major-services.md).
 

concepts/migrate-azure-ad-graph-request-differences.md

@@ -6,7 +6,8 @@ ms.author: ombongifaith
 ms.reviewer: krbash
 ms.localizationpriority: medium
 ms.subservice: "entra-applications"
-ms.date: 01/12/2024
+ms.date: 01/21/2025
+
 #Customer intent: As a developer, I want to understand how REST API endpoints differ between Azure AD Graph and Microsoft Graph, so that I can update my code accordingly as I migrate my app from Azure AD Graph to Microsoft Graph.
 ---
 
@@ -54,7 +55,7 @@ In addition to the primary key, some entities support an alternate key identifie
 
 It's a best practice to only request the properties your app really needs. Use the `$select` query parameter, in GET requests, to customize the response to include only the properties that your app requires.
 
-In some cases in Microsoft Graph, for example, the **GET** or **LIST** operations for **user** and **group** resources, only a subset of all properties are returned. These _default properties_ represent the most commonly used properties for the resources. On the other hand, Azure AD Graph returns the full set of all properties for the respective resource. Where the resource returns only the default properties, your app needs to explicitly request other properties using the `$select` query parameter.
+In some cases in Microsoft Graph, for example, the **GET** or **LIST** operations for **user** and **group** resources, only a subset of all properties are returned. These *default properties* represent the most commonly used properties for the resources. On the other hand, Azure AD Graph returns the full set of all properties for the respective resource. Where the resource returns only the default properties, your app needs to explicitly request other properties using the `$select` query parameter.
 
 To illustrate the difference, use Graph Explorer to run the following requests and compare the different responses.
 
@@ -72,7 +73,7 @@ https://graph.microsoft.com/v1.0/me?$select=displayName,streetAddress,city,state
 To learn more about:
 
 - Default properties on user and group resources, see [users](/graph/api/resources/users) and [groups](/graph/api/resources/groups-overview)
-- The `$select` parameter and other supported ODATA query parameters, see [Use query parameters to customize responses](./query-parameters.md).
+- The `$select` parameter and other supported OData query parameters, see [Use query parameters to customize responses](./query-parameters.md).
 - Other recommended optimizations, see [Best practices](./best-practices-concept.md).
 
 ## Relationships and navigation properties

concepts/toc.yml

@@ -293,7 +293,7 @@ items:
     - name: Upgrade to the latest version
       href: toolkit/upgrade.md
   - name: Deploy with Bicep
-    href: /graph/templates?context=graph/context
+    href: /graph/templates?toc=/graph/toc.json
 - name: Services and features
   expanded: true
   items:
@@ -303,13 +303,13 @@ items:
       href: azuread-users-concept-overview.md
       displayName: users
     - name: Default user permissions
-      href: /azure/active-directory/fundamentals/users-default-permissions?context=graph/context
+      href: /entra/fundamentals/users-default-permissions?toc=/graph/toc.json
     - name: Profile photo settings
       href: profilephoto-configure-settings.md
   - name: Groups
     items:
     - name: Overview
-      href: /graph/api/resources/groups-overview?context=graph/context
+      href: /graph/api/resources/groups-overview?toc=/graph/toc.json
       displayName: groups
     - name: Microsoft 365 group behaviors and provisioning options
       href: group-set-options.md
@@ -321,10 +321,12 @@ items:
       href: applications-concept-overview.md
     - name: Applications and service principals
       items:
+      - name: App manifest
+        href: /entra/identity-platform/reference-microsoft-graph-app-manifest?toc=/graph/toc.json
       - name: Manage applications
         href: tutorial-applications-basics.md
       - name: Validation differences for signInAudience
-        href: /azure/active-directory/develop/supported-accounts-validation?context=graph/context
+        href: /entra/identity-platform/supported-accounts-validation?toc=/graph/toc.json
       - name: Grant or revoke permissions
         displayName: grant delegated and application permissions
         href: permissions-grant-via-msgraph.md
@@ -336,7 +338,7 @@ items:
       - name: Configure application proxy
         href: application-proxy-configure-api.md
       - name: Automate provisioning
-        href: /azure/active-directory/app-provisioning/application-provisioning-configuration-api?context=graph/context
+        href: /entra/identity/app-provisioning/application-provisioning-configuration-api?toc=/graph/toc.json
       - name: Generate proof of possession tokens for rolling keys
         href: application-rollkey-prooftoken.md
       - name: Authentication behaviors
@@ -621,7 +623,7 @@ items:
     - name: Identity and sign-in
       items:
       - name: Configure a custom claim provider token issuance event
-        href: /azure/active-directory/develop/custom-extension-get-started?tabs=microsoft-graph?toc=/graph/toc.json&context=graph/context&tabs=microsoft-graph
+        href: /entra/identity-platform/custom-extension-tokenissuancestart-configuration?tabs=microsoft-graph?toc=/graph/toc.json&tabs=microsoft-graph
       - name: Authentication methods
         href: authenticationmethods-get-started.md
         displayName: identity, authenticate, sign-in, sign in, signin
@@ -1168,7 +1170,7 @@ items:
     displayName: Microsoft Graph error responses and error resource types
   - name: Microsoft Entra service limits
     displayName: Azure AD service limits and restrictions
-    href: /azure/active-directory/enterprise-users/directory-service-limits-restrictions?context=graph/context
+    href: /entra/identity/users/directory-service-limits-restrictions?toc=/graph/toc.json
 - name: Migrate
   items:
   - name: Azure AD Graph