From 0c8c2d1395065bb7c363e9e66fd4e5aafa8a5cfd Mon Sep 17 00:00:00 2001
From: Joey Caparas <macapara@microsoft.com>
Date: Mon, 9 Sep 2019 14:16:39 -0700
Subject: [PATCH] delete topic, add notes

---
 .openpublishing.redirection.json              |  5 ++
 windows/security/threat-protection/TOC.md     |  1 -
 .../enable-custom-ti.md                       | 56 -------------------
 .../post-ti-indicator.md                      |  5 +-
 .../microsoft-defender-atp/ti-indicator.md    |  4 +-
 5 files changed, 11 insertions(+), 60 deletions(-)
 delete mode 100644 windows/security/threat-protection/microsoft-defender-atp/enable-custom-ti.md

diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index 5fb03f440d..fc08bbe0f7 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -1336,6 +1336,11 @@
 "redirect_document_id": true
 },
 {
+"source_path": "windows/security/threat-protection/microsoft-defender-atp/enable-custom-ti.md",
+"redirect_url": "/windows/security/threat-protection/microsoft-defender-atp/manage-indicators",
+"redirect_document_id": false
+},
+{
 "source_path": "windows/security/threat-protection/windows-defender-atp/enable-security-analytics-windows-defender-advanced-threat-protection.md",
 "redirect_url": "/windows/security/threat-protection/windows-defender-atp/enable-secure-score-windows-defender-advanced-threat-protection",
 "redirect_document_id": true
diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index 2783c5080d..6d30d66678 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -429,7 +429,6 @@
 ##### [Get CVE-KB map](microsoft-defender-atp/get-cvekbmap-collection.md)
 
 #### [API for custom alerts (Deprecated)]()
-##### [Enable the custom threat intelligence application (Deprecated)](microsoft-defender-atp/enable-custom-ti.md)
 ##### [Use the threat intelligence API to create custom alerts (Deprecated)](microsoft-defender-atp/use-custom-ti.md)
 ##### [Create custom threat intelligence alerts (Deprecated)](microsoft-defender-atp/custom-ti-api.md)
 ##### [PowerShell code examples (Deprecated)](microsoft-defender-atp/powershell-example-code.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-custom-ti.md b/windows/security/threat-protection/microsoft-defender-atp/enable-custom-ti.md
deleted file mode 100644
index 42bfea4ccf..0000000000
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-custom-ti.md
+++ /dev/null
@@ -1,56 +0,0 @@
----
-title: Enable the custom threat intelligence API in Microsoft Defender ATP
-description: Learn how to setup the custom threat intelligence application in Microsoft Defender ATP to create custom threat intelligence (TI).
-keywords: enable custom threat intelligence application, custom ti application, application name, client id, authorization url, resource, client secret, access tokens
-search.product: eADQiWindows 10XVcnh
-search.appverid: met150
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-ms.author: macapara
-author: mjcaparas
-ms.localizationpriority: medium
-manager: dansimp
-audience: ITPro
-ms.collection: M365-security-compliance 
-ms.topic: article
----
-
-# Enable the custom threat intelligence API in Microsoft Defender ATP (Deprecated)
-
-**Applies to:**
-
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-> [!TIP]
-> This topic has been deprecated. See [Indicators](ti-indicator.md) for the updated content.
-> 
-> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-enablecustomti-abovefoldlink) 
-
-Before you can create custom threat intelligence (TI) using REST API, you'll need to set up the custom threat intelligence application through Microsoft Defender Security Center.
-
-1. In the navigation pane, select **Settings** >  **Threat intel**.
-
-   ![Image of threat intel API menu](images/atp-threat-intel-api.png)
-
-2. Select **Enable threat intel API**. This activates the **Azure Active Directory application** setup sections with pre-populated values.
-
-3. Copy the individual values or select **Save details to file** to download a file that contains all the values.
-
-   >[!WARNING]
-   >The client secret is only displayed once. Make sure you keep a copy of it in a safe place. <br>
-   For more information about getting a new secret see, [Learn how to get a new secret](troubleshoot-custom-ti.md#learn-how-to-get-a-new-client-secret).
-
-4. Select **Generate tokens** to get an access and refresh token.
-
-You’ll need to use the access token in the Authorization header when doing REST API calls.
-
-## Related topics
-- [Understand threat intelligence concepts](threat-indicator-concepts.md)
-- [Create custom alerts using the threat intelligence API](custom-ti-api.md)
-- [PowerShell code examples for the custom threat intelligence API](powershell-example-code.md)
-- [Python code examples for the custom threat intelligence API](python-example-code.md)
-- [Experiment with custom threat intelligence alerts](experiment-custom-ti.md)
-- [Troubleshoot custom threat intelligence issues](troubleshoot-custom-ti.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md b/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md
index 10fbaec373..c11e8a4597 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md
@@ -22,13 +22,14 @@ ms.topic: article
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
 
->[!Note]
+>[!NOTE]
 > Currently this API is supported only for AppOnly context requests. (See [Get access with application context](exposed-apis-create-app-webapp.md) for more information)
 
 
 - Submits or Updates new [Indicator](ti-indicator.md) entity.
 
-
+>[!NOTE]
+>There is a limit of 5000 indicators per tenant. 
 
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Get started](apis-intro.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/ti-indicator.md b/windows/security/threat-protection/microsoft-defender-atp/ti-indicator.md
index 4d110a041b..1c38ae5395 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/ti-indicator.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/ti-indicator.md
@@ -28,7 +28,9 @@ Method|Return Type |Description
 [Submit Indicator](post-ti-indicator.md) | [Indicator](ti-indicator.md) | Submits [Indicator](ti-indicator.md) entity.
 [Delete Indicator](delete-ti-indicator-by-id.md) | No Content | Deletes [Indicator](ti-indicator.md) entity.
 
-- See the corresponding [page](https://securitycenter.windows.com/preferences2/custom_ti_indicators/files) in the portal: 
+- See the corresponding [page](https://securitycenter.windows.com/preferences2/custom_ti_indicators/files) in the portal. 
+
+For more information on creating indicators, see [Manage indicators](manage-indicators.md).
 
 # Properties
 Property |	Type	|	Description