DuendeSoftware · maartenba · Apr 1, 2026 · Apr 1, 2026
diff --git a/astro/src/content/docs/general/data-protection.md b/astro/src/content/docs/general/data-protection.md
@@ -21,6 +21,8 @@ Some of our most common support requests are related to [Data Protection Keys](#
 
 Duende's SDKs, like IdentityServer and BFF, make extensive use of ASP.NET's [data protection](https://docs.microsoft.com/en-us/aspnet/core/security/data-protection/) feature. It is crucial that you configure data protection correctly when deploying your application in production.
 
+## Data Protection Keys
+
 In local development, ASP.NET automatically creates data protection keys, but in a deployed environment, you will need
 to ensure that your data protection keys are stored in a persistent way and shared across all load balanced instances of
 your implementation. This means you'll need to choose where to store and how to protect the data

diff --git a/astro/src/content/docs/identityserver/deployment/index.md b/astro/src/content/docs/identityserver/deployment/index.md
@@ -38,7 +38,7 @@ While this is a lot of decisions to make, this also means that your IdentityServ
 Microsoft publishes extensive [advice and documentation](https://docs.microsoft.com/en-us/aspnet/core/host-and-deploy/) about deploying ASP.NET Core applications, and it is applicable to IdentityServer implementations. We're not attempting to replace that documentation - or the documentation for other tools that you might be using in your environment. Rather, this section of our documentation focuses on IdentityServer-specific deployment and hosting considerations. 
 
 :::note
-Our experience has been that these topics are very important. Some of our most common support requests are related to [Data Protection](#data-protection-keys) and [Load Balancing](#proxy-servers-and-load-balancers), so we strongly encourage you to review those pages, along with the rest of this chapter before deploying IdentityServer to production.
+Our experience has been that these topics are very important. Some of our most common support requests are related to [Data Protection](/general/data-protection.md#data-protection-keys) and [Load Balancing](#proxy-servers-and-load-balancers), so we strongly encourage you to review those pages, along with the rest of this chapter before deploying IdentityServer to production.
 :::
 
 ## Proxy Servers and Load Balancers

diff --git a/astro/src/content/docs/identityserver/ui/server-side-sessions/index.md b/astro/src/content/docs/identityserver/ui/server-side-sessions/index.md
@@ -67,7 +67,7 @@ includes all claims and the `AuthenticationProperties.Items` collection. The `It
 data. The `AuthenticationProperties` is included in the call to `SignInAsync` that establishes the user session in the
 UI code.
 
-This data will be serialized and protected using ASP.NET Core's [data protection](/identityserver/deployment/index.md#data-protection-keys) feature to protect any user PII from being
+This data will be serialized and protected using ASP.NET Core's [data protection](/general/data-protection.md#data-protection-keys) feature to protect any user PII from being
 directly readable in the data store. To allow querying, values from the user's session are extracted and used as indices in the store.
 These values are the user's: