From 6b209962f6599188ba2f461f510079e9c4d2e283 Mon Sep 17 00:00:00 2001
From: Joseph Knierman <joknierm@microsoft.com>
Date: Wed, 16 Dec 2020 08:24:58 -0800
Subject: [PATCH 01/18] added draft changes to Assigned Access Configuration
 section

---
 windows/client-management/mdm/assignedaccess-csp.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/windows/client-management/mdm/assignedaccess-csp.md b/windows/client-management/mdm/assignedaccess-csp.md
index 3a48ac399e..7eb3a57caf 100644
--- a/windows/client-management/mdm/assignedaccess-csp.md
+++ b/windows/client-management/mdm/assignedaccess-csp.md
@@ -75,6 +75,10 @@ The supported operations are Add, Delete, Get and Replace. When there's no confi
 <a href="" id="assignedaccess-configuration"></a>**./Device/Vendor/MSFT/AssignedAccess/Configuration**
 Added in Windows 10, version 1709. Specifies the settings that you can configure in the kiosk or device. This node accepts an AssignedAccessConfiguration xml as input to configure the device experience. For details about the configuration settings in the XML, see [Create a Windows 10 kiosk that runs multiple apps](https://docs.microsoft.com/windows/configuration/lock-down-windows-10-to-specific-apps). Here is the schema for the [AssignedAccessConfiguration](#assignedaccessconfiguration-xsd).
 
+Supports Microsoft Edge kiosk mode, which allows Microsoft Edge to be the specified kiosk application. For details about configuring Microsoft Edge kiosk mode, see [Create a Windows 10 kiosk that runs Microsoft Edge](https://docs.microsoft.com/windows/configuration/test).
+
+Allows for configuration of the breakout sequence. The breakout sequence specifies the keyboard shortcut that returns a kiosk session to the lock screen. By default this is set to ctrl+alt+delete. For details on how to customize a breakout sequence, see [Create a custom breakout sequence for a kiosk](https://docs.microsoft.com/windows/configuration/test).
+
 > [!Note]
 > In Windows 10, version 1803 the Configuration node introduces single app kiosk profile to replace KioskModeApp CSP node. KioskModeApp node will be deprecated soon, so you should use the single app kiosk profile in config xml for Configuration node to configure public-facing single app Kiosk.
 >

From 86847b0904ed624e0abfbd05fa067a821c9ec329 Mon Sep 17 00:00:00 2001
From: Joseph Knierman <joknierm@microsoft.com>
Date: Wed, 16 Dec 2020 08:54:50 -0800
Subject: [PATCH 02/18] added draft changes to Assigned Access Configuration
 XML

---
 .../mdm/assignedaccess-csp.md                 | 46 ++++++++++++++++++-
 1 file changed, 45 insertions(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/assignedaccess-csp.md b/windows/client-management/mdm/assignedaccess-csp.md
index 7eb3a57caf..b2005cb0ae 100644
--- a/windows/client-management/mdm/assignedaccess-csp.md
+++ b/windows/client-management/mdm/assignedaccess-csp.md
@@ -77,7 +77,7 @@ Added in Windows 10, version 1709. Specifies the settings that you can configure
 
 Supports Microsoft Edge kiosk mode, which allows Microsoft Edge to be the specified kiosk application. For details about configuring Microsoft Edge kiosk mode, see [Create a Windows 10 kiosk that runs Microsoft Edge](https://docs.microsoft.com/windows/configuration/test).
 
-Allows for configuration of the breakout sequence. The breakout sequence specifies the keyboard shortcut that returns a kiosk session to the lock screen. By default this is set to ctrl+alt+delete. For details on how to customize a breakout sequence, see [Create a custom breakout sequence for a kiosk](https://docs.microsoft.com/windows/configuration/test).
+Allows for configuration of the breakout sequence. The breakout sequence specifies the keyboard shortcut that returns a kiosk session to the lock screen. By default the breakout sequence is set to ctrl+alt+delete. For details on how to customize a breakout sequence, see [Create a custom breakout sequence for a kiosk](https://docs.microsoft.com/windows/configuration/test).
 
 > [!Note]
 > In Windows 10, version 1803 the Configuration node introduces single app kiosk profile to replace KioskModeApp CSP node. KioskModeApp node will be deprecated soon, so you should use the single app kiosk profile in config xml for Configuration node to configure public-facing single app Kiosk.
@@ -516,6 +516,7 @@ To authorize a compatible configuration XML that includes 1809 or prerelease ele
 
 ## Example AssignedAccessConfiguration XML
 
+Example XML configuration for a multi app kiosk.
 ```xml
 <?xml version="1.0" encoding="utf-8" ?>
 <AssignedAccessConfiguration xmlns="http://schemas.microsoft.com/AssignedAccess/2017/config">
@@ -567,6 +568,49 @@ To authorize a compatible configuration XML that includes 1809 or prerelease ele
 </AssignedAccessConfiguration>
 ```
 
+Example XML configuration for a Microsoft Edge kiosk. This Edge kiosk s configure to launch www.bing.com on startup.
+```xml
+<?xml version="1.0" encoding="utf-8" ?>
+<AssignedAccessConfiguration
+  xmlns="http://schemas.microsoft.com/AssignedAccess/2017/config"
+  xmlns:v4="http://schemas.microsoft.com/AssignedAccess/2021/config"
+  >
+  <Profiles>
+    <Profile Id="{AFF9DA33-AE89-4039-B646-3A5706E92957}">
+      <KioskModeApp v4:ClassicAppPath="%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe --no-first-run --kiosk www.bing.com"/>
+    </Profile>
+  </Profiles>
+  <Configs>
+    <Config>
+      <Account>EdgeKioskUser</Account>
+      <DefaultProfile Id="{AFF9DA33-AE89-4039-B646-3A5706E92957}"/>
+    </Config>
+  </Configs>
+</AssignedAccessConfiguration>
+```
+
+Example XML configuration for setting a breakout sequence to be Shift+Windows on a Microsoft Edge kiosk. Note BreakoutSequence can be applied to any kiosk type not just an Edge kiosk.
+```xml
+<?xml version="1.0" encoding="utf-8" ?>
+<AssignedAccessConfiguration
+  xmlns="http://schemas.microsoft.com/AssignedAccess/2017/config"
+  xmlns:v4="http://schemas.microsoft.com/AssignedAccess/2021/config"
+  >
+  <Profiles>
+    <Profile Id="{AFF9DA33-AE89-4039-B646-3A5706E92957}">
+      <KioskModeApp v4:ClassicAppPath="%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe --no-first-run --kiosk www.bing.com"/>
+      <v4:BreakoutSequence Key="Shift+Win"/>
+    </Profile>
+  </Profiles>
+  <Configs>
+    <Config>
+      <Account>EdgeKioskUser</Account>
+      <DefaultProfile Id="{AFF9DA33-AE89-4039-B646-3A5706E92957}"/>
+    </Config>
+  </Configs>
+</AssignedAccessConfiguration>
+```
+
 ## Configuration examples
 
 XML encoding (escaped) and CDATA of the XML in the Data node both ensure that DM client can properly interpret the SyncML and send the configuration xml as string (in original format, unescaped) to AssignedAccess CSP to handle.

From e5a3daaefd6ad20add89cda0ac18aafe8a21c134 Mon Sep 17 00:00:00 2001
From: Joseph Knierman <joknierm@microsoft.com>
Date: Wed, 16 Dec 2020 13:31:47 -0800
Subject: [PATCH 03/18] added draft changes examples added from code

---
 .../mdm/assignedaccess-csp.md                 |   4 +-
 .../mdm/assignedaccess-ddf.md                 | 175 +++++++++++++++++-
 2 files changed, 175 insertions(+), 4 deletions(-)

diff --git a/windows/client-management/mdm/assignedaccess-csp.md b/windows/client-management/mdm/assignedaccess-csp.md
index b2005cb0ae..0cae125012 100644
--- a/windows/client-management/mdm/assignedaccess-csp.md
+++ b/windows/client-management/mdm/assignedaccess-csp.md
@@ -75,9 +75,7 @@ The supported operations are Add, Delete, Get and Replace. When there's no confi
 <a href="" id="assignedaccess-configuration"></a>**./Device/Vendor/MSFT/AssignedAccess/Configuration**
 Added in Windows 10, version 1709. Specifies the settings that you can configure in the kiosk or device. This node accepts an AssignedAccessConfiguration xml as input to configure the device experience. For details about the configuration settings in the XML, see [Create a Windows 10 kiosk that runs multiple apps](https://docs.microsoft.com/windows/configuration/lock-down-windows-10-to-specific-apps). Here is the schema for the [AssignedAccessConfiguration](#assignedaccessconfiguration-xsd).
 
-Supports Microsoft Edge kiosk mode, which allows Microsoft Edge to be the specified kiosk application. For details about configuring Microsoft Edge kiosk mode, see [Create a Windows 10 kiosk that runs Microsoft Edge](https://docs.microsoft.com/windows/configuration/test).
-
-Allows for configuration of the breakout sequence. The breakout sequence specifies the keyboard shortcut that returns a kiosk session to the lock screen. By default the breakout sequence is set to ctrl+alt+delete. For details on how to customize a breakout sequence, see [Create a custom breakout sequence for a kiosk](https://docs.microsoft.com/windows/configuration/test).
+Currently in Windows 10 Insider Preview Build is Microsoft Edge kiosk mode. This allows Microsoft Edge to be the specified kiosk application. For details about configuring Microsoft Edge kiosk mode, see [Create a Windows 10 kiosk that runs Microsoft Edge](https://docs.microsoft.com/windows/configuration/test). The Windows 10 Insider Preview Build also allows for configuration of the breakout sequence. The breakout sequence specifies the keyboard shortcut that returns a kiosk session to the lock screen. By default the breakout sequence is set to ctrl+alt+delete. For details on how to customize a breakout sequence, see [Create a custom breakout sequence for a kiosk](https://docs.microsoft.com/windows/configuration/test).
 
 > [!Note]
 > In Windows 10, version 1803 the Configuration node introduces single app kiosk profile to replace KioskModeApp CSP node. KioskModeApp node will be deprecated soon, so you should use the single app kiosk profile in config xml for Configuration node to configure public-facing single app Kiosk.
diff --git a/windows/client-management/mdm/assignedaccess-ddf.md b/windows/client-management/mdm/assignedaccess-ddf.md
index 703958aa0e..f5562707ae 100644
--- a/windows/client-management/mdm/assignedaccess-ddf.md
+++ b/windows/client-management/mdm/assignedaccess-ddf.md
@@ -1,4 +1,4 @@
----
+ ---
 title: AssignedAccess DDF
 description: Learn how the OMA DM device description framework (DDF) for the AssignedAccess configuration service provider.
 ms.assetid: 224FADDB-0EFD-4E5A-AE20-1BD4ABE24306
@@ -195,6 +195,179 @@ This node supports Add, Delete, Replace and Get methods. When there's no configu
 </MgmtTree>
 ```
 
+The XML below is for Windows 10, version 1909.
+```xml
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE MgmtTree PUBLIC " -//OMA//DTD-DM-DDF 1.2//EN"
+  "http://www.openmobilealliance.org/tech/DTD/DM_DDF-V1_2.dtd"
+  [
+    <?oma-dm-ddf-ver supported-versions="1.2"?>
+]>
+<MgmtTree xmlns:MSFT="http://schemas.microsoft.com/MobileDevice/DM">
+    <VerDTD>1.2</VerDTD>
+    <Node>
+        <NodeName>AssignedAccess</NodeName>
+        <Path>./Vendor/MSFT</Path>
+        <DFProperties>
+            <AccessType>
+                <Get />
+            </AccessType>
+            <DFFormat>
+                <node />
+            </DFFormat>
+            <Occurrence>
+                <One />
+            </Occurrence>
+            <Scope>
+                <Permanent />
+            </Scope>
+            <DFType>
+                <MIME>com.microsoft/4.0/MDM/AssignedAccess</MIME>
+            </DFType>
+        </DFProperties>
+        <Node>
+            <NodeName>KioskModeApp</NodeName>
+            <DFProperties>
+                <AccessType>
+                    <Get />
+                    <Add />
+                    <Delete />
+                    <Replace />
+                </AccessType>
+                <Description>This node can accept and return json string which comprises of account name, and AUMID for Kiosk mode app.
+
+Example: {"User":"domain\\user", "AUMID":"Microsoft.WindowsCalculator_8wekyb3d8bbwe!App"}. 
+
+When configuring kiosk mode app, account name will be used to find the target user. Account name includes domain name and user name. Domain name can be optional if user name is unique across the system. For a local account, domain name should be machine name. When "Get" is executed on this node, domain name is always returned in the output.
+
+This node supports Add, Delete, Replace and Get methods. When there's no configuration, "Get" and "Delete" methods fail. When there's already a configuration for kiosk mode app, "Add" method fails. The data pattern for "Add" and "Replace" is the same.</Description>
+                <DFFormat>
+                    <chr />
+                </DFFormat>
+                <Occurrence>
+                    <One />
+                </Occurrence>
+                <Scope>
+                    <Dynamic />
+                </Scope>
+                <CaseSense>
+                    <CIS />
+                </CaseSense>
+                <DFType>
+                    <MIME>text/plain</MIME>
+                </DFType>
+            </DFProperties>
+        </Node>
+        <Node>
+            <NodeName>Configuration</NodeName>
+            <DFProperties>
+                <AccessType>
+                    <Get />
+                    <Add />
+                    <Delete />
+                    <Replace />
+                </AccessType>
+                <Description>This node accepts an AssignedAccessConfiguration xml as input. Please check out samples and required xsd on MSDN.</Description>
+                <DFFormat>
+                    <chr />
+                </DFFormat>
+                <Occurrence>
+                    <One />
+                </Occurrence>
+                <Scope>
+                    <Dynamic />
+                </Scope>
+                <CaseSense>
+                    <CIS />
+                </CaseSense>
+                <DFType>
+                    <MIME>text/plain</MIME>
+                </DFType>
+            </DFProperties>
+        </Node>
+        <Node>
+            <NodeName>Status</NodeName>
+            <DFProperties>
+                <AccessType>
+                    <Get />
+                </AccessType>
+                <Description>This read only node contains kiosk health event xml</Description>
+                <DFFormat>
+                    <chr />
+                </DFFormat>
+                <Occurrence>
+                    <One />
+                </Occurrence>
+                <Scope>
+                    <Permanent />
+                </Scope>
+                <CaseSense>
+                    <CIS />
+                </CaseSense>
+                <DFType>
+                    <MIME>text/plain</MIME>
+                </DFType>
+            </DFProperties>
+        </Node>
+        <Node>
+            <NodeName>ShellLauncher</NodeName>
+            <DFProperties>
+                <AccessType>
+                    <Get />
+                    <Add />
+                    <Delete />
+                    <Replace />
+                </AccessType>
+                <Description>This node accepts a ShellLauncherConfiguration xml as input. Please check out samples and required xsd on MSDN.</Description>
+                <DFFormat>
+                    <chr />
+                </DFFormat>
+                <Occurrence>
+                    <One />
+                </Occurrence>
+                <Scope>
+                    <Dynamic />
+                </Scope>
+                <CaseSense>
+                    <CIS />
+                </CaseSense>
+                <DFType>
+                    <MIME>text/plain</MIME>
+                </DFType>
+            </DFProperties>
+        </Node>
+        <Node>
+            <NodeName>StatusConfiguration</NodeName>
+            <DFProperties>
+                <AccessType>
+                    <Get />
+                    <Add />
+                    <Delete />
+                    <Replace />
+                </AccessType>
+                <Description>This node accepts a StatusConfiguration xml as input. Please check out samples and required xsd on MSDN.</Description>
+                <DFFormat>
+                    <chr />
+                </DFFormat>
+                <Occurrence>
+                    <One />
+                </Occurrence>
+                <Scope>
+                    <Dynamic />
+                </Scope>
+                <CaseSense>
+                    <CIS />
+                </CaseSense>
+                <DFType>
+                    <MIME>text/plain</MIME>
+                </DFType>
+            </DFProperties>
+        </Node>
+    </Node>
+</MgmtTree>
+
+```
+
 ## Related topics
 
 

From 9376302517f01894cff9c75fec27d1d7c4b99621 Mon Sep 17 00:00:00 2001
From: Joseph Knierman <joknierm@microsoft.com>
Date: Wed, 16 Dec 2020 14:01:34 -0800
Subject: [PATCH 04/18] draft update guidelines for choosing an app for
 assigned access

---
 windows/configuration/guidelines-for-assigned-access-app.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/configuration/guidelines-for-assigned-access-app.md b/windows/configuration/guidelines-for-assigned-access-app.md
index bbe21777b6..500a3ccc14 100644
--- a/windows/configuration/guidelines-for-assigned-access-app.md
+++ b/windows/configuration/guidelines-for-assigned-access-app.md
@@ -45,6 +45,8 @@ Avoid selecting Windows apps that are designed to launch other apps as part of t
 
 ## Guidelines for web browsers
 
+In Windows 10, Version 1909, Assigned access adds support for the new Microsoft Edge kiosk mode support. [Learn how to deploy Microsoft Edge kiosk mode](https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-configure-kiosk-mode).
+
 In Windows 10, version 1809, Microsoft Edge includes support for kiosk mode. [Learn how to deploy Microsoft Edge kiosk mode.](https://docs.microsoft.com/microsoft-edge/deploy/microsoft-edge-kiosk-mode-deploy)
 
 In Windows 10, version 1803 and later, you can install the **Kiosk Browser** app from Microsoft to use as your kiosk app. For digital signage scenarios, you can configure **Kiosk Browser** to navigate to a URL and show only that content -- no navigation buttons, no address bar, etc. For kiosk scenarios, you can configure additional settings, such as allowed and blocked URLs, navigation buttons, and end session buttons. For example, you could configure your kiosk to show the online catalog for your store, where customers can navigate between departments and items, but aren’t allowed to go to a competitor's website. 

From 7c6758fbe221fdf840a8270dec92cdbf67b0851b Mon Sep 17 00:00:00 2001
From: Joseph Knierman <joknierm@microsoft.com>
Date: Wed, 16 Dec 2020 14:08:12 -0800
Subject: [PATCH 05/18] draft update guidelines for choosing an app for
 assigned access

---
 windows/configuration/guidelines-for-assigned-access-app.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/configuration/guidelines-for-assigned-access-app.md b/windows/configuration/guidelines-for-assigned-access-app.md
index 500a3ccc14..431ffa6832 100644
--- a/windows/configuration/guidelines-for-assigned-access-app.md
+++ b/windows/configuration/guidelines-for-assigned-access-app.md
@@ -47,7 +47,7 @@ Avoid selecting Windows apps that are designed to launch other apps as part of t
 
 In Windows 10, Version 1909, Assigned access adds support for the new Microsoft Edge kiosk mode support. [Learn how to deploy Microsoft Edge kiosk mode](https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-configure-kiosk-mode).
 
-In Windows 10, version 1809, Microsoft Edge includes support for kiosk mode. [Learn how to deploy Microsoft Edge kiosk mode.](https://docs.microsoft.com/microsoft-edge/deploy/microsoft-edge-kiosk-mode-deploy)
+In Windows 10, version 1809, Microsoft Edge includes support for legacy kiosk mode. [Learn how to deploy Microsoft Edge kiosk mode.](https://docs.microsoft.com/microsoft-edge/deploy/microsoft-edge-kiosk-mode-deploy)
 
 In Windows 10, version 1803 and later, you can install the **Kiosk Browser** app from Microsoft to use as your kiosk app. For digital signage scenarios, you can configure **Kiosk Browser** to navigate to a URL and show only that content -- no navigation buttons, no address bar, etc. For kiosk scenarios, you can configure additional settings, such as allowed and blocked URLs, navigation buttons, and end session buttons. For example, you could configure your kiosk to show the online catalog for your store, where customers can navigate between departments and items, but aren’t allowed to go to a competitor's website. 
 

From ed0180bdc5ea15106bf7137f86a133cf495f701c Mon Sep 17 00:00:00 2001
From: Joseph Knierman <joknierm@microsoft.com>
Date: Thu, 17 Dec 2020 07:39:14 -0800
Subject: [PATCH 06/18] draft update 1 for set up a single-app kiosk

---
 .../guidelines-for-assigned-access-app.md     |  6 +++
 windows/configuration/kiosk-xml.md            | 51 ++++++++++++++++---
 2 files changed, 51 insertions(+), 6 deletions(-)

diff --git a/windows/configuration/guidelines-for-assigned-access-app.md b/windows/configuration/guidelines-for-assigned-access-app.md
index 431ffa6832..1270ea3283 100644
--- a/windows/configuration/guidelines-for-assigned-access-app.md
+++ b/windows/configuration/guidelines-for-assigned-access-app.md
@@ -156,6 +156,12 @@ You can create your own web browser Windows app by using the WebView class. Lear
 
 Avoid selecting Windows apps that may expose the information you don’t want to show in your kiosk, since kiosk usually means anonymous access and locates in a public setting like a shopping mall. For example, an app that has a file picker allows the user to gain access to files and folders on the user's system, avoid selecting these types of apps if they provide unnecessary data access.
 
+## Customize your breakout sequence
+
+Assigned access allows for the specification of a new breakout sequence. A breakout sequence is a keyboard shortcut that stops the kiosk experience and brings the user back to the lock screen. By default the breakout sequence is configured to be ctrl+alt+delete, a common windows keyboard shortcut. It is recommended that this is set to a non-standard windows shortcut to prevent disruptions in the kiosk experience.
+
+The Breakout Sequence can only be customized at the provision time of the kiosk. There is also no GUI for specifying this currently, so it would need to be specified in a provision method like MDM or WMI which allow the user to specify the configuration in an XML format.
+
 ## App configuration
 
 Some apps may require additional configurations before they can be used appropriately in assigned access. For example, Microsoft OneNote requires you to set up a Microsoft account for the assigned access user account before OneNote will open in assigned access. 
diff --git a/windows/configuration/kiosk-xml.md b/windows/configuration/kiosk-xml.md
index c0eb573c32..1cc2cd11d9 100644
--- a/windows/configuration/kiosk-xml.md
+++ b/windows/configuration/kiosk-xml.md
@@ -254,6 +254,29 @@ This sample demonstrates that both UWP and Win32 apps can be configured to autom
 
 ```
 
+## Microsoft Edge Kiosk XML Sample
+```xml
+<?xml version="1.0" encoding="utf-8" ?>
+<AssignedAccessConfiguration
+  xmlns="http://schemas.microsoft.com/AssignedAccess/2017/config"
+  xmlns:v4="http://schemas.microsoft.com/AssignedAccess/2021/config"
+  >
+  <Profiles>
+    <Profile Id="{AFF9DA33-AE89-4039-B646-3A5706E92957}">
+      <KioskModeApp v4:ClassicAppPath="%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe"
+        v4:ClassicAppArguments="--no-first-run --kiosk-idle-timeout-minutes=5 --kiosk www.youtube.com"/>
+        <v4:BreakoutSequence Key="Shift+Win"/>
+    </Profile>
+  </Profiles>
+  <Configs>
+    <Config>
+      <Account>EdgeKioskUser</Account>
+      <DefaultProfile Id="{AFF9DA33-AE89-4039-B646-3A5706E92957}"/>
+    </Config>
+  </Configs>
+</AssignedAccessConfiguration>
+```
+
 ## [Preview] Global Profile Sample XML
 Global Profile is currently supported in Windows 10 Insider Preview (20H1 builds). Global Profile is designed for scenarios where a user does not have a designated profile, yet IT Admin still wants the user to run in lockdown mode, or used as mitigation when a profile cannot be determined for a user.
 
@@ -635,12 +658,7 @@ IT Admin now can specify user access to Downloads folder, Removable drives, or n
 
 ## XSD for AssignedAccess configuration XML
 
->[!NOTE]
->Updated for Windows 10, version 1903 and Windows 10 Insider Preview (19H2, 20H1 builds).
-Below schema is for AssignedAccess Configuration up to Windows 10 1803 release.
-
 ```xml
-<?xml version="1.0" encoding="utf-8"?>
 <xs:schema
     elementFormDefault="qualified"
     xmlns:xs="http://www.w3.org/2001/XMLSchema"
@@ -648,11 +666,13 @@ Below schema is for AssignedAccess Configuration up to Windows 10 1803 release.
     xmlns:default="http://schemas.microsoft.com/AssignedAccess/2017/config"
     xmlns:rs5="http://schemas.microsoft.com/AssignedAccess/201810/config"
     xmlns:v3="http://schemas.microsoft.com/AssignedAccess/2020/config"
+    xmlns:v4="http://schemas.microsoft.com/AssignedAccess/2021/config"
     targetNamespace="http://schemas.microsoft.com/AssignedAccess/2017/config"
     >
 
     <xs:import namespace="http://schemas.microsoft.com/AssignedAccess/201810/config"/>
     <xs:import namespace="http://schemas.microsoft.com/AssignedAccess/2020/config"/>
+    <xs:import namespace="http://schemas.microsoft.com/AssignedAccess/2021/config"/>
 
     <xs:complexType name="profile_list_t">
         <xs:sequence minOccurs="1" >
@@ -662,8 +682,14 @@ Below schema is for AssignedAccess Configuration up to Windows 10 1803 release.
 
     <xs:complexType name="kioskmodeapp_t">
         <xs:attribute name="AppUserModelId" type="xs:string"/>
+        <xs:attributeGroup ref="ClassicApp_attributeGroup"/>
     </xs:complexType>
 
+    <xs:attributeGroup name="ClassicApp_attributeGroup">
+        <xs:attribute ref="v4:ClassicAppPath"/>
+        <xs:attribute ref="v4:ClassicAppArguments" use="optional"/>
+    </xs:attributeGroup>
+
     <xs:complexType name="profile_t">
         <xs:choice>
             <xs:sequence minOccurs="1" maxOccurs="1">
@@ -672,7 +698,19 @@ Below schema is for AssignedAccess Configuration up to Windows 10 1803 release.
                 <xs:element name="StartLayout" type="xs:string" minOccurs="1" maxOccurs="1"/>
                 <xs:element name="Taskbar" type="taskbar_t" minOccurs="1" maxOccurs="1"/>
             </xs:sequence>
-            <xs:element name="KioskModeApp" type="kioskmodeapp_t" minOccurs="1" maxOccurs="1"/>
+            <xs:sequence minOccurs="1" maxOccurs="1">
+                <xs:element name="KioskModeApp" type="kioskmodeapp_t" minOccurs="1" maxOccurs="1">
+                    <xs:key name="mutualExclusionAumidOrClassicAppPath">
+                        <xs:selector xpath="."/>
+                        <xs:field xpath="@AppUserModelId|@v4:ClassicAppPath"/>
+                    </xs:key>
+                    <xs:unique name="mutualExclusionAumidOrClassicAppArgumentsOptional">
+                        <xs:selector xpath="."/>
+                        <xs:field xpath="@AppUserModelId|@v4:ClassicAppArguments"/>
+                    </xs:unique>
+                </xs:element>
+                <xs:element ref="v4:BreakoutSequence" minOccurs="0" maxOccurs="1"/>
+            </xs:sequence>
         </xs:choice>
         <xs:attribute name="Id" type="guid_t" use="required"/>
         <xs:attribute name="Name" type="xs:string" use="optional"/>
@@ -773,6 +811,7 @@ Below schema is for AssignedAccess Configuration up to Windows 10 1803 release.
     <xs:simpleType name="specialGroupType_t">
         <xs:restriction base="xs:string">
             <xs:enumeration value="Visitor"/>
+            <xs:enumeration value="DeviceOwner"/>
         </xs:restriction>
     </xs:simpleType>
 

From b2f80a65518eccc03104a32229a61a309326320b Mon Sep 17 00:00:00 2001
From: Joseph Knierman <joknierm@microsoft.com>
Date: Thu, 17 Dec 2020 07:39:31 -0800
Subject: [PATCH 07/18] draft update 2 for set up a single-app kiosk

---
 windows/configuration/guidelines-for-assigned-access-app.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/configuration/guidelines-for-assigned-access-app.md b/windows/configuration/guidelines-for-assigned-access-app.md
index 1270ea3283..5c30c9b7b2 100644
--- a/windows/configuration/guidelines-for-assigned-access-app.md
+++ b/windows/configuration/guidelines-for-assigned-access-app.md
@@ -160,7 +160,7 @@ Avoid selecting Windows apps that may expose the information you don’t want to
 
 Assigned access allows for the specification of a new breakout sequence. A breakout sequence is a keyboard shortcut that stops the kiosk experience and brings the user back to the lock screen. By default the breakout sequence is configured to be ctrl+alt+delete, a common windows keyboard shortcut. It is recommended that this is set to a non-standard windows shortcut to prevent disruptions in the kiosk experience.
 
-The Breakout Sequence can only be customized at the provision time of the kiosk. There is also no GUI for specifying this currently, so it would need to be specified in a provision method like MDM or WMI which allow the user to specify the configuration in an XML format.
+There is currently no GUI for customizing the breakout sequence, so it would need to be specified in a provision method where an XML format is used like MDM.
 
 ## App configuration
 

From 5a28a0d7d00252e98be1d88f614c13d219fd3a77 Mon Sep 17 00:00:00 2001
From: Joseph Knierman <joknierm@microsoft.com>
Date: Thu, 17 Dec 2020 08:19:27 -0800
Subject: [PATCH 08/18] fixed links and formatting issues

---
 .../mdm/assignedaccess-ddf.md                 | 173 ------------------
 1 file changed, 173 deletions(-)

diff --git a/windows/client-management/mdm/assignedaccess-ddf.md b/windows/client-management/mdm/assignedaccess-ddf.md
index f5562707ae..790a9fa3ea 100644
--- a/windows/client-management/mdm/assignedaccess-ddf.md
+++ b/windows/client-management/mdm/assignedaccess-ddf.md
@@ -22,179 +22,6 @@ You can download the DDF files from the links below:
 - [Download all the DDF files for Windows 10, version 1703](https://download.microsoft.com/download/C/7/C/C7C94663-44CF-4221-ABCA-BC895F42B6C2/Windows10_1703_DDF_download.zip)
 - [Download all the DDF files for Windows 10, version 1607](https://download.microsoft.com/download/2/3/E/23E27D6B-6E23-4833-B143-915EDA3BDD44/Windows10_1607_DDF.zip)
 
-The XML below is for Windows 10, version 1803.
-
-```xml
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE MgmtTree PUBLIC " -//OMA//DTD-DM-DDF 1.2//EN"
-  "http://www.openmobilealliance.org/tech/DTD/DM_DDF-V1_2.dtd"
-  [
-    <?oma-dm-ddf-ver supported-versions="1.2"?>
-]>
-<MgmtTree xmlns:MSFT="http://schemas.microsoft.com/MobileDevice/DM">
-    <VerDTD>1.2</VerDTD>
-    <Node>
-        <NodeName>AssignedAccess</NodeName>
-        <Path>./Vendor/MSFT</Path>
-        <DFProperties>
-            <AccessType>
-                <Get />
-            </AccessType>
-            <DFFormat>
-                <node />
-            </DFFormat>
-            <Occurrence>
-                <One />
-            </Occurrence>
-            <Scope>
-                <Permanent />
-            </Scope>
-            <DFType>
-                <MIME>com.microsoft/2.0/MDM/AssignedAccess</MIME>
-            </DFType>
-        </DFProperties>
-        <Node>
-            <NodeName>KioskModeApp</NodeName>
-            <DFProperties>
-                <AccessType>
-                    <Get />
-                    <Add />
-                    <Delete />
-                    <Replace />
-                </AccessType>
-                <Description>This node can accept and return json string which comprises of account name, and AUMID for Kiosk mode app.
-
-Example: {"User":"domain\\user", "AUMID":"Microsoft.WindowsCalculator_8wekyb3d8bbwe!App"}.
-
-When configuring kiosk mode app, account name will be used to find the target user. Account name includes domain name and user name. Domain name can be optional if user name is unique across the system. For a local account, domain name should be machine name. When "Get" is executed on this node, domain name is always returned in the output.
-
-This node supports Add, Delete, Replace and Get methods. When there's no configuration, "Get" and "Delete" methods fail. When there's already a configuration for kiosk mode app, "Add" method fails. The data pattern for "Add" and "Replace" is the same.</Description>
-                <DFFormat>
-                    <chr />
-                </DFFormat>
-                <Occurrence>
-                    <One />
-                </Occurrence>
-                <Scope>
-                    <Dynamic />
-                </Scope>
-                <CaseSense>
-                    <CIS />
-                </CaseSense>
-                <DFType>
-                    <MIME>text/plain</MIME>
-                </DFType>
-            </DFProperties>
-        </Node>
-        <Node>
-            <NodeName>Configuration</NodeName>
-            <DFProperties>
-                <AccessType>
-                    <Get />
-                    <Add />
-                    <Delete />
-                    <Replace />
-                </AccessType>
-                <Description>This node accepts an AssignedAccessConfiguration xml as input. Please check out samples and required xsd on MSDN.</Description>
-                <DFFormat>
-                    <chr />
-                </DFFormat>
-                <Occurrence>
-                    <One />
-                </Occurrence>
-                <Scope>
-                    <Dynamic />
-                </Scope>
-                <CaseSense>
-                    <CIS />
-                </CaseSense>
-                <DFType>
-                    <MIME>text/plain</MIME>
-                </DFType>
-            </DFProperties>
-        </Node>
-        <Node>
-            <NodeName>Status</NodeName>
-            <DFProperties>
-                <AccessType>
-                    <Get />
-                </AccessType>
-                <Description>This read only node contains kiosk health event xml</Description>
-                <DFFormat>
-                    <chr />
-                </DFFormat>
-                <Occurrence>
-                    <One />
-                </Occurrence>
-                <Scope>
-                    <Permanent />
-                </Scope>
-                <CaseSense>
-                    <CIS />
-                </CaseSense>
-                <DFType>
-                    <MIME>text/plain</MIME>
-                </DFType>
-            </DFProperties>
-        </Node>
-        <Node>
-            <NodeName>ShellLauncher</NodeName>
-            <DFProperties>
-                <AccessType>
-                    <Get />
-                    <Add />
-                    <Delete />
-                    <Replace />
-                </AccessType>
-                <Description>This node accepts a ShellLauncherConfiguration xml as input. Please check out samples and required xsd on MSDN.</Description>
-                <DFFormat>
-                    <chr />
-                </DFFormat>
-                <Occurrence>
-                    <One />
-                </Occurrence>
-                <Scope>
-                    <Dynamic />
-                </Scope>
-                <CaseSense>
-                    <CIS />
-                </CaseSense>
-                <DFType>
-                    <MIME>text/plain</MIME>
-                </DFType>
-            </DFProperties>
-        </Node>
-        <Node>
-            <NodeName>StatusConfiguration</NodeName>
-            <DFProperties>
-                <AccessType>
-                    <Get />
-                    <Add />
-                    <Delete />
-                    <Replace />
-                </AccessType>
-                <Description>This node accepts a StatusConfiguration xml as input. Please check out samples and required xsd on MSDN.</Description>
-                <DFFormat>
-                    <chr />
-                </DFFormat>
-                <Occurrence>
-                    <One />
-                </Occurrence>
-                <Scope>
-                    <Dynamic />
-                </Scope>
-                <CaseSense>
-                    <CIS />
-                </CaseSense>
-                <DFType>
-                    <MIME>text/plain</MIME>
-                </DFType>
-            </DFProperties>
-        </Node>
-    </Node>
-</MgmtTree>
-```
-
 The XML below is for Windows 10, version 1909.
 ```xml
 <?xml version="1.0" encoding="UTF-8"?>

From 213e2d3f65479abe2df943dce341252660e29116 Mon Sep 17 00:00:00 2001
From: Joseph Knierman <joknierm@microsoft.com>
Date: Thu, 17 Dec 2020 08:38:21 -0800
Subject: [PATCH 09/18] removed extra space

---
 .../mdm/assignedaccess-csp.md                 | 54 +++++++++++++++++--
 1 file changed, 50 insertions(+), 4 deletions(-)

diff --git a/windows/client-management/mdm/assignedaccess-csp.md b/windows/client-management/mdm/assignedaccess-csp.md
index 0cae125012..a471243300 100644
--- a/windows/client-management/mdm/assignedaccess-csp.md
+++ b/windows/client-management/mdm/assignedaccess-csp.md
@@ -75,7 +75,7 @@ The supported operations are Add, Delete, Get and Replace. When there's no confi
 <a href="" id="assignedaccess-configuration"></a>**./Device/Vendor/MSFT/AssignedAccess/Configuration**
 Added in Windows 10, version 1709. Specifies the settings that you can configure in the kiosk or device. This node accepts an AssignedAccessConfiguration xml as input to configure the device experience. For details about the configuration settings in the XML, see [Create a Windows 10 kiosk that runs multiple apps](https://docs.microsoft.com/windows/configuration/lock-down-windows-10-to-specific-apps). Here is the schema for the [AssignedAccessConfiguration](#assignedaccessconfiguration-xsd).
 
-Currently in Windows 10 Insider Preview Build is Microsoft Edge kiosk mode. This allows Microsoft Edge to be the specified kiosk application. For details about configuring Microsoft Edge kiosk mode, see [Create a Windows 10 kiosk that runs Microsoft Edge](https://docs.microsoft.com/windows/configuration/test). The Windows 10 Insider Preview Build also allows for configuration of the breakout sequence. The breakout sequence specifies the keyboard shortcut that returns a kiosk session to the lock screen. By default the breakout sequence is set to ctrl+alt+delete. For details on how to customize a breakout sequence, see [Create a custom breakout sequence for a kiosk](https://docs.microsoft.com/windows/configuration/test).
+Updated in Windows 10, version 1909. Added Microsoft Edge kiosk mode. This allows Microsoft Edge to be the specified kiosk application. For details about configuring Microsoft Edge kiosk mode, see [Configure a Windows 10 kiosk that runs Microsoft Edge](https://docs.microsoft.com/DeployEdge/microsoft-edge-configure-kiosk-mode). Windows 10, version 1909 also allows for configuration of the breakout sequence. The breakout sequence specifies the keyboard shortcut that returns a kiosk session to the lock screen.
 
 > [!Note]
 > In Windows 10, version 1803 the Configuration node introduces single app kiosk profile to replace KioskModeApp CSP node. KioskModeApp node will be deprecated soon, so you should use the single app kiosk profile in config xml for Configuration node to configure public-facing single app Kiosk.
@@ -247,7 +247,7 @@ KioskModeApp Replace
 
 ## AssignedAccessConfiguration XSD
 
-Below schema is for AssignedAccess Configuration up to Windows 10 1803 release.
+Below schema is for AssignedAccess Configuration up to Windows 10 1909 release.
 
 ```xml
 <?xml version="1.0" encoding="utf-8"?>
@@ -258,11 +258,13 @@ Below schema is for AssignedAccess Configuration up to Windows 10 1803 release.
     xmlns:default="http://schemas.microsoft.com/AssignedAccess/2017/config"
     xmlns:rs5="http://schemas.microsoft.com/AssignedAccess/201810/config"
     xmlns:v3="http://schemas.microsoft.com/AssignedAccess/2020/config"
+    xmlns:v4="http://schemas.microsoft.com/AssignedAccess/2021/config"
     targetNamespace="http://schemas.microsoft.com/AssignedAccess/2017/config"
     >
 
     <xs:import namespace="http://schemas.microsoft.com/AssignedAccess/201810/config"/>
     <xs:import namespace="http://schemas.microsoft.com/AssignedAccess/2020/config"/>
+    <xs:import namespace="http://schemas.microsoft.com/AssignedAccess/2021/config"/>
 
     <xs:complexType name="profile_list_t">
         <xs:sequence minOccurs="1" >
@@ -272,8 +274,14 @@ Below schema is for AssignedAccess Configuration up to Windows 10 1803 release.
 
     <xs:complexType name="kioskmodeapp_t">
         <xs:attribute name="AppUserModelId" type="xs:string"/>
+        <xs:attributeGroup ref="ClassicApp_attributeGroup"/>
     </xs:complexType>
 
+    <xs:attributeGroup name="ClassicApp_attributeGroup">
+        <xs:attribute ref="v4:ClassicAppPath"/>
+        <xs:attribute ref="v4:ClassicAppArguments" use="optional"/>
+    </xs:attributeGroup>
+
     <xs:complexType name="profile_t">
         <xs:choice>
             <xs:sequence minOccurs="1" maxOccurs="1">
@@ -282,7 +290,19 @@ Below schema is for AssignedAccess Configuration up to Windows 10 1803 release.
                 <xs:element name="StartLayout" type="xs:string" minOccurs="1" maxOccurs="1"/>
                 <xs:element name="Taskbar" type="taskbar_t" minOccurs="1" maxOccurs="1"/>
             </xs:sequence>
-            <xs:element name="KioskModeApp" type="kioskmodeapp_t" minOccurs="1" maxOccurs="1"/>
+            <xs:sequence minOccurs="1" maxOccurs="1">
+                <xs:element name="KioskModeApp" type="kioskmodeapp_t" minOccurs="1" maxOccurs="1">
+                    <xs:key name="mutualExclusionAumidOrClassicAppPath">
+                        <xs:selector xpath="."/>
+                        <xs:field xpath="@AppUserModelId|@v4:ClassicAppPath"/>
+                    </xs:key>
+                    <xs:unique name="mutualExclusionAumidOrClassicAppArgumentsOptional">
+                        <xs:selector xpath="."/>
+                        <xs:field xpath="@AppUserModelId|@v4:ClassicAppArguments"/>
+                    </xs:unique>
+                </xs:element>
+                <xs:element ref="v4:BreakoutSequence" minOccurs="0" maxOccurs="1"/>
+            </xs:sequence>
         </xs:choice>
         <xs:attribute name="Id" type="guid_t" use="required"/>
         <xs:attribute name="Name" type="xs:string" use="optional"/>
@@ -383,6 +403,7 @@ Below schema is for AssignedAccess Configuration up to Windows 10 1803 release.
     <xs:simpleType name="specialGroupType_t">
         <xs:restriction base="xs:string">
             <xs:enumeration value="Visitor"/>
+            <xs:enumeration value="DeviceOwner"/>
         </xs:restriction>
     </xs:simpleType>
 
@@ -421,7 +442,7 @@ Below schema is for AssignedAccess Configuration up to Windows 10 1803 release.
             </xs:all>
         </xs:complexType>
     </xs:element>
-</xs:schema>
+</xs:schema>);
 ```
 
 Here is the schema for new features introduced in Windows 10 1809 release
@@ -499,6 +520,31 @@ Schema for Windows 10 prerelease
 </xs:schema>
 ```
 
+Schema for features introduced in Windows 10, version 1909.
+```xml
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema
+    elementFormDefault="qualified"
+    xmlns:xs="http://www.w3.org/2001/XMLSchema"
+    xmlns:vc="http://www.w3.org/2007/XMLSchema-versioning"
+    vc:minVersion="1.1"
+    xmlns="http://schemas.microsoft.com/AssignedAccess/2021/config"
+    xmlns:default="http://schemas.microsoft.com/AssignedAccess/2021/config"
+    targetNamespace="http://schemas.microsoft.com/AssignedAccess/2021/config"
+    >
+
+    <xs:attribute name="ClassicAppPath" type="xs:string"/>
+    <xs:attribute name="ClassicAppArguments" type="xs:string"/>
+
+    <xs:element name="BreakoutSequence" type="BreakoutSequence_t" />
+
+    <xs:complexType name="BreakoutSequence_t">
+        <xs:attribute name="Key" type="xs:string" use="required"/>
+    </xs:complexType>
+
+</xs:schema>
+```
+
 To authorize a compatible configuration XML that includes 1809 or prerelease elements and attributes, always include the namespace of these add-on schemas, and decorate the attributes and elements accordingly with the namespace alias. e.g. to configure auto-launch feature which is added in 1809 release, use below sample, notice an alias r1809 is given to the 201810 namespace for 1809 release, and the alias is tagged on AutoLaunch and AutoLaunchArguments inline.
 ```xml
 <AssignedAccessConfiguration

From 343dd0d3aac2b3c400ef4f02bfff7e37f6eaa1c0 Mon Sep 17 00:00:00 2001
From: Joseph Knierman <joknierm@microsoft.com>
Date: Fri, 18 Dec 2020 07:22:49 -0800
Subject: [PATCH 10/18] fixes from PR

---
 windows/client-management/mdm/assignedaccess-csp.md | 12 ++++++++----
 windows/client-management/mdm/assignedaccess-ddf.md |  1 -
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/windows/client-management/mdm/assignedaccess-csp.md b/windows/client-management/mdm/assignedaccess-csp.md
index a471243300..be244e5716 100644
--- a/windows/client-management/mdm/assignedaccess-csp.md
+++ b/windows/client-management/mdm/assignedaccess-csp.md
@@ -560,7 +560,7 @@ To authorize a compatible configuration XML that includes 1809 or prerelease ele
 
 ## Example AssignedAccessConfiguration XML
 
-Example XML configuration for a multi app kiosk.
+Example XML configuration for a multi-app kiosk:
 ```xml
 <?xml version="1.0" encoding="utf-8" ?>
 <AssignedAccessConfiguration xmlns="http://schemas.microsoft.com/AssignedAccess/2017/config">
@@ -633,7 +633,9 @@ Example XML configuration for a Microsoft Edge kiosk. This Edge kiosk s configur
 </AssignedAccessConfiguration>
 ```
 
-Example XML configuration for setting a breakout sequence to be Shift+Windows on a Microsoft Edge kiosk. Note BreakoutSequence can be applied to any kiosk type not just an Edge kiosk.
+Example XML configuration for setting a breakout sequence to be Ctrl+A on a Microsoft Edge kiosk.
+[!Note]
+**BreakoutSequence** can be applied to any kiosk type, not just an Edge kiosk.
 ```xml
 <?xml version="1.0" encoding="utf-8" ?>
 <AssignedAccessConfiguration
@@ -642,8 +644,10 @@ Example XML configuration for setting a breakout sequence to be Shift+Windows on
   >
   <Profiles>
     <Profile Id="{AFF9DA33-AE89-4039-B646-3A5706E92957}">
-      <KioskModeApp v4:ClassicAppPath="%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe --no-first-run --kiosk www.bing.com"/>
-      <v4:BreakoutSequence Key="Shift+Win"/>
+      <KioskModeApp v4:ClassicAppPath="%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe"
+                                  v4:ClassicAppArguments="--no-first-run --kiosk-idle-timeout-minutes=5 --kiosk www.bing.com"/>
+
+      <v4:BreakoutSequence Key="Ctrl+A"/>
     </Profile>
   </Profiles>
   <Configs>
diff --git a/windows/client-management/mdm/assignedaccess-ddf.md b/windows/client-management/mdm/assignedaccess-ddf.md
index 790a9fa3ea..af05799855 100644
--- a/windows/client-management/mdm/assignedaccess-ddf.md
+++ b/windows/client-management/mdm/assignedaccess-ddf.md
@@ -192,7 +192,6 @@ This node supports Add, Delete, Replace and Get methods. When there's no configu
         </Node>
     </Node>
 </MgmtTree>
-
 ```
 
 ## Related topics

From 8805684c54f1c2f621ccc4c29a8391e7e62b3472 Mon Sep 17 00:00:00 2001
From: Joseph Knierman <joknierm@microsoft.com>
Date: Fri, 18 Dec 2020 07:24:10 -0800
Subject: [PATCH 11/18] removed space

---
 windows/client-management/mdm/assignedaccess-ddf.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/assignedaccess-ddf.md b/windows/client-management/mdm/assignedaccess-ddf.md
index af05799855..ad54fb7f07 100644
--- a/windows/client-management/mdm/assignedaccess-ddf.md
+++ b/windows/client-management/mdm/assignedaccess-ddf.md
@@ -1,4 +1,4 @@
- ---
+---
 title: AssignedAccess DDF
 description: Learn how the OMA DM device description framework (DDF) for the AssignedAccess configuration service provider.
 ms.assetid: 224FADDB-0EFD-4E5A-AE20-1BD4ABE24306

From db13660dbe280756c65702768f1951b12fd98f30 Mon Sep 17 00:00:00 2001
From: Joseph Knierman <joknierm@microsoft.com>
Date: Fri, 18 Dec 2020 11:30:06 -0800
Subject: [PATCH 12/18] xml format changes added

---
 windows/client-management/mdm/assignedaccess-csp.md | 3 +--
 windows/configuration/kiosk-xml.md                  | 5 +++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/client-management/mdm/assignedaccess-csp.md b/windows/client-management/mdm/assignedaccess-csp.md
index be244e5716..4712c79d55 100644
--- a/windows/client-management/mdm/assignedaccess-csp.md
+++ b/windows/client-management/mdm/assignedaccess-csp.md
@@ -634,7 +634,7 @@ Example XML configuration for a Microsoft Edge kiosk. This Edge kiosk s configur
 ```
 
 Example XML configuration for setting a breakout sequence to be Ctrl+A on a Microsoft Edge kiosk.
-[!Note]
+>[!Note]
 **BreakoutSequence** can be applied to any kiosk type, not just an Edge kiosk.
 ```xml
 <?xml version="1.0" encoding="utf-8" ?>
@@ -646,7 +646,6 @@ Example XML configuration for setting a breakout sequence to be Ctrl+A on a Micr
     <Profile Id="{AFF9DA33-AE89-4039-B646-3A5706E92957}">
       <KioskModeApp v4:ClassicAppPath="%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe"
                                   v4:ClassicAppArguments="--no-first-run --kiosk-idle-timeout-minutes=5 --kiosk www.bing.com"/>
-
       <v4:BreakoutSequence Key="Ctrl+A"/>
     </Profile>
   </Profiles>
diff --git a/windows/configuration/kiosk-xml.md b/windows/configuration/kiosk-xml.md
index 1cc2cd11d9..278c259d64 100644
--- a/windows/configuration/kiosk-xml.md
+++ b/windows/configuration/kiosk-xml.md
@@ -264,8 +264,9 @@ This sample demonstrates that both UWP and Win32 apps can be configured to autom
   <Profiles>
     <Profile Id="{AFF9DA33-AE89-4039-B646-3A5706E92957}">
       <KioskModeApp v4:ClassicAppPath="%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe"
-        v4:ClassicAppArguments="--no-first-run --kiosk-idle-timeout-minutes=5 --kiosk www.youtube.com"/>
-        <v4:BreakoutSequence Key="Shift+Win"/>
+        <KioskModeApp v4:ClassicAppPath="%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe"
+                                  v4:ClassicAppArguments="--no-first-run --kiosk-idle-timeout-minutes=5 --kiosk www.bing.com"/>
+        <v4:BreakoutSequence Key="Ctrl+A"/>
     </Profile>
   </Profiles>
   <Configs>

From 2b4ed8fc088a9e340861e9f6c8eb25051fa63e54 Mon Sep 17 00:00:00 2001
From: Joseph Knierman <joknierm@microsoft.com>
Date: Fri, 18 Dec 2020 11:37:00 -0800
Subject: [PATCH 13/18] xml format changes added

---
 windows/client-management/mdm/assignedaccess-csp.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/assignedaccess-csp.md b/windows/client-management/mdm/assignedaccess-csp.md
index 4712c79d55..a7ba5eae75 100644
--- a/windows/client-management/mdm/assignedaccess-csp.md
+++ b/windows/client-management/mdm/assignedaccess-csp.md
@@ -621,7 +621,8 @@ Example XML configuration for a Microsoft Edge kiosk. This Edge kiosk s configur
   >
   <Profiles>
     <Profile Id="{AFF9DA33-AE89-4039-B646-3A5706E92957}">
-      <KioskModeApp v4:ClassicAppPath="%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe --no-first-run --kiosk www.bing.com"/>
+      <KioskModeApp v4:ClassicAppPath="%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe"
+                                  v4:ClassicAppArguments="--no-first-run --kiosk-idle-timeout-minutes=5 --kiosk www.bing.com"/>
     </Profile>
   </Profiles>
   <Configs>

From 2539d7794a5c97449c75ef648bf443dd107db3ee Mon Sep 17 00:00:00 2001
From: Joseph Knierman <joknierm@microsoft.com>
Date: Wed, 27 Jan 2021 01:15:26 -0800
Subject: [PATCH 14/18] added changes from PR

---
 windows/client-management/mdm/assignedaccess-csp.md  | 12 ++++++------
 .../guidelines-for-assigned-access-app.md            |  6 +++---
 windows/configuration/kiosk-xml.md                   |  4 ++--
 3 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/windows/client-management/mdm/assignedaccess-csp.md b/windows/client-management/mdm/assignedaccess-csp.md
index a7ba5eae75..397cc810b3 100644
--- a/windows/client-management/mdm/assignedaccess-csp.md
+++ b/windows/client-management/mdm/assignedaccess-csp.md
@@ -75,7 +75,7 @@ The supported operations are Add, Delete, Get and Replace. When there's no confi
 <a href="" id="assignedaccess-configuration"></a>**./Device/Vendor/MSFT/AssignedAccess/Configuration**
 Added in Windows 10, version 1709. Specifies the settings that you can configure in the kiosk or device. This node accepts an AssignedAccessConfiguration xml as input to configure the device experience. For details about the configuration settings in the XML, see [Create a Windows 10 kiosk that runs multiple apps](https://docs.microsoft.com/windows/configuration/lock-down-windows-10-to-specific-apps). Here is the schema for the [AssignedAccessConfiguration](#assignedaccessconfiguration-xsd).
 
-Updated in Windows 10, version 1909. Added Microsoft Edge kiosk mode. This allows Microsoft Edge to be the specified kiosk application. For details about configuring Microsoft Edge kiosk mode, see [Configure a Windows 10 kiosk that runs Microsoft Edge](https://docs.microsoft.com/DeployEdge/microsoft-edge-configure-kiosk-mode). Windows 10, version 1909 also allows for configuration of the breakout sequence. The breakout sequence specifies the keyboard shortcut that returns a kiosk session to the lock screen.
+Updated in Windows 10, version 1909. Added Microsoft Edge kiosk mode support. This allows Microsoft Edge to be the specified kiosk application. For details about configuring Microsoft Edge kiosk mode, see [Configure a Windows 10 kiosk that runs Microsoft Edge](https://docs.microsoft.com/DeployEdge/microsoft-edge-configure-kiosk-mode). Windows 10, version 1909 also allows for configuration of the breakout sequence. The breakout sequence specifies the keyboard shortcut that returns a kiosk session to the lock screen. The breakout sequence is defined with the format modifiers + keys. An example breakout sequence would look something like "shift+alt+a", where "shift" and "alt" are the modifiers and "a" is the key.
 
 > [!Note]
 > In Windows 10, version 1803 the Configuration node introduces single app kiosk profile to replace KioskModeApp CSP node. KioskModeApp node will be deprecated soon, so you should use the single app kiosk profile in config xml for Configuration node to configure public-facing single app Kiosk.
@@ -247,7 +247,7 @@ KioskModeApp Replace
 
 ## AssignedAccessConfiguration XSD
 
-Below schema is for AssignedAccess Configuration up to Windows 10 1909 release.
+The schema below is for AssignedAccess Configuration up to Windows 10 20H2 release.
 
 ```xml
 <?xml version="1.0" encoding="utf-8"?>
@@ -520,7 +520,7 @@ Schema for Windows 10 prerelease
 </xs:schema>
 ```
 
-Schema for features introduced in Windows 10, version 1909.
+The schema below is for features introduced in Windows 10, version 1909 which has added support for Microsoft Edge kiosk mode and breakout key sequence customization.
 ```xml
 <?xml version="1.0" encoding="utf-8"?>
 <xs:schema
@@ -612,7 +612,7 @@ Example XML configuration for a multi-app kiosk:
 </AssignedAccessConfiguration>
 ```
 
-Example XML configuration for a Microsoft Edge kiosk. This Edge kiosk s configure to launch www.bing.com on startup.
+Example XML configuration for a Microsoft Edge kiosk. This Microsoft Edge kiosk is configured to launch www.bing.com on startup in a public browsing mode.
 ```xml
 <?xml version="1.0" encoding="utf-8" ?>
 <AssignedAccessConfiguration
@@ -635,8 +635,8 @@ Example XML configuration for a Microsoft Edge kiosk. This Edge kiosk s configur
 ```
 
 Example XML configuration for setting a breakout sequence to be Ctrl+A on a Microsoft Edge kiosk.
->[!Note]
-**BreakoutSequence** can be applied to any kiosk type, not just an Edge kiosk.
+> [!NOTE]
+> **BreakoutSequence** can be applied to any kiosk type, not just an Edge kiosk.
 ```xml
 <?xml version="1.0" encoding="utf-8" ?>
 <AssignedAccessConfiguration
diff --git a/windows/configuration/guidelines-for-assigned-access-app.md b/windows/configuration/guidelines-for-assigned-access-app.md
index 5c30c9b7b2..907f1635b2 100644
--- a/windows/configuration/guidelines-for-assigned-access-app.md
+++ b/windows/configuration/guidelines-for-assigned-access-app.md
@@ -45,9 +45,9 @@ Avoid selecting Windows apps that are designed to launch other apps as part of t
 
 ## Guidelines for web browsers
 
-In Windows 10, Version 1909, Assigned access adds support for the new Microsoft Edge kiosk mode support. [Learn how to deploy Microsoft Edge kiosk mode](https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-configure-kiosk-mode).
+In Windows 10, version 1909, assigned access adds support for the new Microsoft Edge kiosk mode. [Learn how to deploy Microsoft Edge kiosk mode](https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-configure-kiosk-mode).
 
-In Windows 10, version 1809, Microsoft Edge includes support for legacy kiosk mode. [Learn how to deploy Microsoft Edge kiosk mode.](https://docs.microsoft.com/microsoft-edge/deploy/microsoft-edge-kiosk-mode-deploy)
+In Windows 10, version 1809, Microsoft Edge Legacy includes support for kiosk mode. [Learn how to deploy Microsoft Edge kiosk mode.](https://docs.microsoft.com/microsoft-edge/deploy/microsoft-edge-kiosk-mode-deploy)
 
 In Windows 10, version 1803 and later, you can install the **Kiosk Browser** app from Microsoft to use as your kiosk app. For digital signage scenarios, you can configure **Kiosk Browser** to navigate to a URL and show only that content -- no navigation buttons, no address bar, etc. For kiosk scenarios, you can configure additional settings, such as allowed and blocked URLs, navigation buttons, and end session buttons. For example, you could configure your kiosk to show the online catalog for your store, where customers can navigate between departments and items, but aren’t allowed to go to a competitor's website. 
 
@@ -160,7 +160,7 @@ Avoid selecting Windows apps that may expose the information you don’t want to
 
 Assigned access allows for the specification of a new breakout sequence. A breakout sequence is a keyboard shortcut that stops the kiosk experience and brings the user back to the lock screen. By default the breakout sequence is configured to be ctrl+alt+delete, a common windows keyboard shortcut. It is recommended that this is set to a non-standard windows shortcut to prevent disruptions in the kiosk experience.
 
-There is currently no GUI for customizing the breakout sequence, so it would need to be specified in a provision method where an XML format is used like MDM.
+There is currently no UI for customizing the breakout sequence in Windows Settings, so it would need to be specified in a provision method where an XML format is used like MDM.
 
 ## App configuration
 
diff --git a/windows/configuration/kiosk-xml.md b/windows/configuration/kiosk-xml.md
index 278c259d64..65ecf4cc93 100644
--- a/windows/configuration/kiosk-xml.md
+++ b/windows/configuration/kiosk-xml.md
@@ -278,8 +278,8 @@ This sample demonstrates that both UWP and Win32 apps can be configured to autom
 </AssignedAccessConfiguration>
 ```
 
-## [Preview] Global Profile Sample XML
-Global Profile is currently supported in Windows 10 Insider Preview (20H1 builds). Global Profile is designed for scenarios where a user does not have a designated profile, yet IT Admin still wants the user to run in lockdown mode, or used as mitigation when a profile cannot be determined for a user.
+## Global Profile Sample XML
+Global profile is currently supported in Windows 10, version 2004 and later. Global Profile is designed for scenarios where a user does not have a designated profile, yet IT Admin still wants the user to run in lockdown mode, or used as mitigation when a profile cannot be determined for a user.
 
 This sample demonstrates that only a global profile is used, no active user configured. Global profile will be applied when every non-admin account logs in 
 ```xml

From 9f44ce4bca1f30ac0bf9625cf048041564b7bb8f Mon Sep 17 00:00:00 2001
From: Joseph Knierman <joknierm@microsoft.com>
Date: Fri, 5 Feb 2021 12:26:36 -0800
Subject: [PATCH 15/18] added in note on idle timeout and breakout sequence
 example

---
 windows/configuration/kiosk-single-app.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/windows/configuration/kiosk-single-app.md b/windows/configuration/kiosk-single-app.md
index 92c0f753d1..042dbe70fd 100644
--- a/windows/configuration/kiosk-single-app.md
+++ b/windows/configuration/kiosk-single-app.md
@@ -267,7 +267,10 @@ If you press **Ctrl + Alt + Del** and do not sign in to another account, after a
 
 To change the default time for assigned access to resume, add *IdleTimeOut* (DWORD) and enter the value data as milliseconds in hexadecimal.
 
- 
+> [!NOTE]
+> **IdleTimeOut** does not apply to the new Microsoft Edge kiosk mode.
+
+ The Breakout Sequence of **Ctrl + Alt + Del** is the default, but this can be configured to be a different sequence of keys. The breakout sequence uses the format **modifiers + keys**. An example breakout sequence would look something like **Shift + Alt + a**, where **Shift** and **Alt** are the modifiers and **A** is the key value. [See how this is configured using in xml](https://docs.microsoft.com/en-us/windows/configuration/kiosk-xml#microsoft-edge-kiosk-xml-sample).
 
 
 

From c23d0c30324211440291a4d035de7a045f4418bf Mon Sep 17 00:00:00 2001
From: Joseph Knierman <joknierm@microsoft.com>
Date: Fri, 5 Mar 2021 12:38:56 -0800
Subject: [PATCH 16/18] add in changes from PR comments

---
 windows/configuration/guidelines-for-assigned-access-app.md | 6 +++---
 windows/configuration/kiosk-single-app.md                   | 2 +-
 windows/configuration/kiosk-xml.md                          | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/windows/configuration/guidelines-for-assigned-access-app.md b/windows/configuration/guidelines-for-assigned-access-app.md
index 907f1635b2..cfbe09c2b5 100644
--- a/windows/configuration/guidelines-for-assigned-access-app.md
+++ b/windows/configuration/guidelines-for-assigned-access-app.md
@@ -45,7 +45,7 @@ Avoid selecting Windows apps that are designed to launch other apps as part of t
 
 ## Guidelines for web browsers
 
-In Windows 10, version 1909, assigned access adds support for the new Microsoft Edge kiosk mode. [Learn how to deploy Microsoft Edge kiosk mode](https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-configure-kiosk-mode).
+In Windows 10, version 1909, assigned access adds support for the new Microsoft Edge kiosk mode. [Learn how to deploy Microsoft Edge kiosk mode](https://docs.microsoft.com/DeployEdge/microsoft-edge-configure-kiosk-mode).
 
 In Windows 10, version 1809, Microsoft Edge Legacy includes support for kiosk mode. [Learn how to deploy Microsoft Edge kiosk mode.](https://docs.microsoft.com/microsoft-edge/deploy/microsoft-edge-kiosk-mode-deploy)
 
@@ -158,9 +158,9 @@ Avoid selecting Windows apps that may expose the information you don’t want to
 
 ## Customize your breakout sequence
 
-Assigned access allows for the specification of a new breakout sequence. A breakout sequence is a keyboard shortcut that stops the kiosk experience and brings the user back to the lock screen. By default the breakout sequence is configured to be ctrl+alt+delete, a common windows keyboard shortcut. It is recommended that this is set to a non-standard windows shortcut to prevent disruptions in the kiosk experience.
+Assigned access allows for the specification of a new breakout sequence. A breakout sequence is a keyboard shortcut that stops the kiosk experience and brings the user back to the lock screen. By default the breakout sequence is configured to be ctrl+alt+delete, a common Windows keyboard shortcut. It is recommended that this is set to a non-standard Windows shortcut to prevent disruptions in the kiosk experience.
 
-There is currently no UI for customizing the breakout sequence in Windows Settings, so it would need to be specified in a provision method where an XML format is used like MDM.
+There is currently no user interface for customizing the breakout sequence in Windows settings, so it would need to be specified in a provisioning method where an XML format such as MDM is used.
 
 ## App configuration
 
diff --git a/windows/configuration/kiosk-single-app.md b/windows/configuration/kiosk-single-app.md
index 042dbe70fd..8ea21a80c4 100644
--- a/windows/configuration/kiosk-single-app.md
+++ b/windows/configuration/kiosk-single-app.md
@@ -270,7 +270,7 @@ To change the default time for assigned access to resume, add *IdleTimeOut* (DWO
 > [!NOTE]
 > **IdleTimeOut** does not apply to the new Microsoft Edge kiosk mode.
 
- The Breakout Sequence of **Ctrl + Alt + Del** is the default, but this can be configured to be a different sequence of keys. The breakout sequence uses the format **modifiers + keys**. An example breakout sequence would look something like **Shift + Alt + a**, where **Shift** and **Alt** are the modifiers and **A** is the key value. [See how this is configured using in xml](https://docs.microsoft.com/en-us/windows/configuration/kiosk-xml#microsoft-edge-kiosk-xml-sample).
+ The Breakout Sequence of **Ctrl + Alt + Del** is the default, but this can be configured to be a different sequence of keys. The breakout sequence uses the format **modifiers + keys**. An example breakout sequence would look something like **Shift + Alt + a**, where **Shift** and **Alt** are the modifiers and **a** is the key value. [See how this is configured in XML](https://docs.microsoft.com/windows/configuration/kiosk-xml#microsoft-edge-kiosk-xml-sample).
 
 
 
diff --git a/windows/configuration/kiosk-xml.md b/windows/configuration/kiosk-xml.md
index 65ecf4cc93..e9bc0774a3 100644
--- a/windows/configuration/kiosk-xml.md
+++ b/windows/configuration/kiosk-xml.md
@@ -279,9 +279,9 @@ This sample demonstrates that both UWP and Win32 apps can be configured to autom
 ```
 
 ## Global Profile Sample XML
-Global profile is currently supported in Windows 10, version 2004 and later. Global Profile is designed for scenarios where a user does not have a designated profile, yet IT Admin still wants the user to run in lockdown mode, or used as mitigation when a profile cannot be determined for a user.
+Global Profile is currently supported in Windows 10, version 2004 and later. Global Profile is designed for scenarios where a user does not have a designated profile, yet IT Admin still wants the user to run in lockdown mode, or it is used as mitigation when a profile cannot be determined for a user.
 
-This sample demonstrates that only a global profile is used, no active user configured. Global profile will be applied when every non-admin account logs in 
+This sample demonstrates that only a global profile is used, with no active user configured. Global Profile will be applied when every non-admin account logs in.
 ```xml
 <?xml version="1.0" encoding="utf-8" ?>
 <AssignedAccessConfiguration

From a32ede102480ef72a133a6257e70b8353a2864cb Mon Sep 17 00:00:00 2001
From: Kateyanne <67609554+Kateyanne@users.noreply.github.com>
Date: Fri, 16 Apr 2021 13:06:27 -0700
Subject: [PATCH 17/18] Update
 windows/client-management/mdm/assignedaccess-ddf.md

Co-authored-by: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 windows/client-management/mdm/assignedaccess-ddf.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/windows/client-management/mdm/assignedaccess-ddf.md b/windows/client-management/mdm/assignedaccess-ddf.md
index ad54fb7f07..7555504ca8 100644
--- a/windows/client-management/mdm/assignedaccess-ddf.md
+++ b/windows/client-management/mdm/assignedaccess-ddf.md
@@ -63,7 +63,7 @@ The XML below is for Windows 10, version 1909.
                 </AccessType>
                 <Description>This node can accept and return json string which comprises of account name, and AUMID for Kiosk mode app.
 
-Example: {"User":"domain\\user", "AUMID":"Microsoft.WindowsCalculator_8wekyb3d8bbwe!App"}. 
+Example: {"User":"domain\\user", "AUMID":"Microsoft.WindowsCalculator_8wekyb3d8bbwe!App"}.
 
 When configuring kiosk mode app, account name will be used to find the target user. Account name includes domain name and user name. Domain name can be optional if user name is unique across the system. For a local account, domain name should be machine name. When "Get" is executed on this node, domain name is always returned in the output.
 
@@ -207,4 +207,3 @@ This node supports Add, Delete, Replace and Get methods. When there's no configu
 
 
 
-

From 82fd7309c3097133c02b94fd4f6cae5d14191f3e Mon Sep 17 00:00:00 2001
From: Joseph Knierman <joknierm@microsoft.com>
Date: Tue, 14 Sep 2021 15:37:16 -0700
Subject: [PATCH 18/18] added relative links

---
 windows/client-management/mdm/assignedaccess-csp.md         | 2 +-
 windows/configuration/guidelines-for-assigned-access-app.md | 4 ++--
 windows/configuration/kiosk-single-app.md                   | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/client-management/mdm/assignedaccess-csp.md b/windows/client-management/mdm/assignedaccess-csp.md
index a0f5885385..4b7f2a6f84 100644
--- a/windows/client-management/mdm/assignedaccess-csp.md
+++ b/windows/client-management/mdm/assignedaccess-csp.md
@@ -82,7 +82,7 @@ The supported operations are Add, Delete, Get and Replace. When there's no confi
 <a href="" id="assignedaccess-configuration"></a>**./Device/Vendor/MSFT/AssignedAccess/Configuration**
 Added in Windows 10, version 1709. Specifies the settings that you can configure in the kiosk or device. This node accepts an AssignedAccessConfiguration xml as input to configure the device experience. For details about the configuration settings in the XML, see [Create a Windows 10 kiosk that runs multiple apps](/windows/configuration/lock-down-windows-10-to-specific-apps). Here is the schema for the [AssignedAccessConfiguration](#assignedaccessconfiguration-xsd).
 
-Updated in Windows 10, version 1909. Added Microsoft Edge kiosk mode support. This allows Microsoft Edge to be the specified kiosk application. For details about configuring Microsoft Edge kiosk mode, see [Configure a Windows 10 kiosk that runs Microsoft Edge](https://docs.microsoft.com/DeployEdge/microsoft-edge-configure-kiosk-mode). Windows 10, version 1909 also allows for configuration of the breakout sequence. The breakout sequence specifies the keyboard shortcut that returns a kiosk session to the lock screen. The breakout sequence is defined with the format modifiers + keys. An example breakout sequence would look something like "shift+alt+a", where "shift" and "alt" are the modifiers and "a" is the key.
+Updated in Windows 10, version 1909. Added Microsoft Edge kiosk mode support. This allows Microsoft Edge to be the specified kiosk application. For details about configuring Microsoft Edge kiosk mode, see [Configure a Windows 10 kiosk that runs Microsoft Edge](/DeployEdge/microsoft-edge-configure-kiosk-mode). Windows 10, version 1909 also allows for configuration of the breakout sequence. The breakout sequence specifies the keyboard shortcut that returns a kiosk session to the lock screen. The breakout sequence is defined with the format modifiers + keys. An example breakout sequence would look something like "shift+alt+a", where "shift" and "alt" are the modifiers and "a" is the key.
 
 > [!Note]
 > In Windows 10, version 1803 the Configuration node introduces single app kiosk profile to replace KioskModeApp CSP node. KioskModeApp node will be deprecated soon, so you should use the single app kiosk profile in config xml for Configuration node to configure public-facing single app Kiosk.
diff --git a/windows/configuration/guidelines-for-assigned-access-app.md b/windows/configuration/guidelines-for-assigned-access-app.md
index 2810e1685a..e8b848c1a6 100644
--- a/windows/configuration/guidelines-for-assigned-access-app.md
+++ b/windows/configuration/guidelines-for-assigned-access-app.md
@@ -45,9 +45,9 @@ Avoid selecting Windows apps that are designed to launch other apps as part of t
 
 ## Guidelines for web browsers
 
-In Windows 10, version 1909, assigned access adds support for the new Microsoft Edge kiosk mode. [Learn how to deploy Microsoft Edge kiosk mode](https://docs.microsoft.com/DeployEdge/microsoft-edge-configure-kiosk-mode).
+In Windows 10, version 1909, assigned access adds support for the new Microsoft Edge kiosk mode. [Learn how to deploy Microsoft Edge kiosk mode](/DeployEdge/microsoft-edge-configure-kiosk-mode).
 
-In Windows 10, version 1809, Microsoft Edge Legacy includes support for kiosk mode. [Learn how to deploy Microsoft Edge kiosk mode.](https://docs.microsoft.com/microsoft-edge/deploy/microsoft-edge-kiosk-mode-deploy)
+In Windows 10, version 1809, Microsoft Edge Legacy includes support for kiosk mode. [Learn how to deploy Microsoft Edge kiosk mode.](/microsoft-edge/deploy/microsoft-edge-kiosk-mode-deploy)
 
 
 In Windows 10, version 1803 and later, you can install the **Kiosk Browser** app from Microsoft to use as your kiosk app. For digital signage scenarios, you can configure **Kiosk Browser** to navigate to a URL and show only that content -- no navigation buttons, no address bar, etc. For kiosk scenarios, you can configure additional settings, such as allowed and blocked URLs, navigation buttons, and end session buttons. For example, you could configure your kiosk to show the online catalog for your store, where customers can navigate between departments and items, but aren’t allowed to go to a competitor's website. 
diff --git a/windows/configuration/kiosk-single-app.md b/windows/configuration/kiosk-single-app.md
index 22eff9f6b2..f3438008cc 100644
--- a/windows/configuration/kiosk-single-app.md
+++ b/windows/configuration/kiosk-single-app.md
@@ -270,7 +270,7 @@ To change the default time for assigned access to resume, add *IdleTimeOut* (DWO
 > [!NOTE]
 > **IdleTimeOut** does not apply to the new Microsoft Edge kiosk mode.
 
- The Breakout Sequence of **Ctrl + Alt + Del** is the default, but this can be configured to be a different sequence of keys. The breakout sequence uses the format **modifiers + keys**. An example breakout sequence would look something like **Shift + Alt + a**, where **Shift** and **Alt** are the modifiers and **a** is the key value. [See how this is configured in XML](https://docs.microsoft.com/windows/configuration/kiosk-xml#microsoft-edge-kiosk-xml-sample).
+ The Breakout Sequence of **Ctrl + Alt + Del** is the default, but this can be configured to be a different sequence of keys. The breakout sequence uses the format **modifiers + keys**. An example breakout sequence would look something like **Shift + Alt + a**, where **Shift** and **Alt** are the modifiers and **a** is the key value. [See how this is configured in XML](/windows/configuration/kiosk-xml#microsoft-edge-kiosk-xml-sample).