Resend-BrokenLinks.ps1 — Rewritten to call the new /api/resend Function App endpoint using managed identity authentication, replacing the previous direct SharePoint approach. Eliminates credential dependency and aligns with the Function App's anti-enumeration response.
Apply-ScalingFix.ps1 — New script that applies scaling and performance configuration to the Function App. Addresses throughput bottlenecks during large batch rollouts by tuning host configuration and scaling settings.
Setup.ps1 — Single entry point replacing the old Part 1 / Part 2 flow. Auto-detects new install vs existing deployment. Self-updating with config preservation.
Get-MFAOnboarder.ps1 — One-line bootstrap: downloads the full repo and launches Setup.ps1
Update-Deployment.ps1 — Granular update tool with 8 CLI switches or interactive menu. Update function code, Logic App, branding, permissions, schema, or manage the Operations Group — all independently.
/api/track-open — Invisible 1×1 tracking pixel embedded in every email. Records EmailOpenedDate in SharePoint on first open only. Always returns 200 OK with a valid GIF.
/api/resend — Self-service resend form. GET returns a branded HTML page where users enter their email. POST resets to Pending. Anti-enumeration: identical success message regardless of user existence.
Duplicate-click protection — Repeated clicks show a branded "Already Registered" page
Branded HTML responses with auto-redirect countdown for all outcomes (Invalid Link, Link Not Recognised, Already Registered, MFA Enrolment Started, Error)
API detection — Returns JSON instead of HTML for programmatic callers (based on Accept header / User-Agent)