Removed MSA manual step and Readme Update as per MIW 2.0

Author: Shama-K

4-WebApp-your-API/4-3-AnyOrg/AppCreationScripts/Configure.ps1

@@ -379,14 +379,8 @@ Function ConfigureApplications
    Write-Host ""
    Write-Host -ForegroundColor Green "------------------------------------------------------------------------------------------------" 
    Write-Host "IMPORTANT: Please follow the instructions below to complete a few manual step(s) in the Azure portal":
-   Write-Host "- For 'service'"
-   Write-Host "  - Navigate to '$servicePortalUrl'"
-   Write-Host "  - Navigate to the Manifest page and change 'signInAudience' to 'AzureADandPersonalMicrosoftAccount'." -ForegroundColor Red 
-   Write-Host "  - Navigate to the Manifest page and change 'accessTokenAcceptedVersion' to 2." -ForegroundColor Red 
    Write-Host "- For 'client'"
    Write-Host "  - Navigate to '$clientPortalUrl'"
-   Write-Host "  - Navigate to the Manifest page and change 'signInAudience' to 'AzureADandPersonalMicrosoftAccount'." -ForegroundColor Red 
-   Write-Host "  - Navigate to the Manifest page and change 'accessTokenAcceptedVersion' to 2." -ForegroundColor Red 
    Write-Host "  - [Optional] If you are a tenant admin, you can navigate to the API Permisions page and select 'Grant admin consent for (your tenant)'" -ForegroundColor Red 
 
    Write-Host -ForegroundColor Green "------------------------------------------------------------------------------------------------" 

4-WebApp-your-API/4-3-AnyOrg/AppCreationScripts/sample.json

@@ -24,14 +24,6 @@
           "Resource": "Microsoft Graph",
           "DelegatedPermissions": [ "User.Read.All" ]
         }
-      ],
-      "ManualSteps": [
-        {
-          "Comment": "Navigate to the Manifest page and change 'signInAudience' to 'AzureADandPersonalMicrosoftAccount'."
-        },
-        {
-          "Comment": "Navigate to the Manifest page and change 'accessTokenAcceptedVersion' to 2."
-        }
       ]
     },
     {
@@ -50,12 +42,6 @@
         }
       ],
       "ManualSteps": [
-        {
-          "Comment": "Navigate to the Manifest page and change 'signInAudience' to 'AzureADandPersonalMicrosoftAccount'."
-        },
-        {
-          "Comment": "Navigate to the Manifest page and change 'accessTokenAcceptedVersion' to 2."
-        },
         {
           "Comment": "[Optional] If you are a tenant admin, you can navigate to the API Permisions page and select 'Grant admin consent for (your tenant)'"
         }

4-WebApp-your-API/4-3-AnyOrg/Readme.md

@@ -42,7 +42,7 @@ This sample demonstrates how to develop a multi-tenant ASP.NET Core MVC web appl
 
 ### Scenario
 
-In this sample, we would protect an ASP.Net Core Web API using the Microsoft Identity Platform. The Web API will be protected using Azure Active Directory OAuth Bearer Authorization. The API will support authenticated users with Work and School accounts. Further on the API will also call a downstream API (Microsoft Graph) on-behalf of the signed-in user to provide additional value to its client apps.
+In this sample, we would protect an ASP.Net Core Web API using the Microsoft Identity Platform. The Web API will be protected using Azure Active Directory OAuth 2.0 Bearer Authorization. The API will support authenticated users with Work and School accounts. Further on the API will also call a downstream API (Microsoft Graph) on-behalf of the signed-in user to provide additional value to its client apps.
 
 ### Overview
 
@@ -348,10 +348,9 @@ When provisioning, you have to take care of the dependency in the topology where
 
 In `Startup.cs`, below lines of code enables Microsoft identity platform endpoint. This endpoint is capable of signing-in users both with their Work and School and Microsoft Personal accounts.
 ```csharp
-services.AddSignIn(Configuration).
-         AddWebAppCallsProtectedWebApi(Configuration, new string[] 
-         {Configuration["TodoList:TodoListScope"] }.
-         AddInMemoryTokenCaches();
+services.AddMicrosoftWebAppAuthentication(Configuration)
+    .AddMicrosoftWebAppCallsWebApi(Configuration, new string[] { Configuration["TodoList:TodoListScope"] })
+   .AddInMemoryTokenCaches();
 ```
 
 The following code injects the ToDoList service implementation in the client
@@ -473,22 +472,23 @@ By marking your application as multi-tenant, your application will be able to si
 
 ```csharp
 services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
-                .AddProtectedWebApi(options =>
-                {
-                    Configuration.Bind("AzureAd", options);
-                    options.Events = new JwtBearerEvents();
-                    options.Events.OnTokenValidated = async context =>
-                    {
-                        string[] allowedTenants = { /* list of tenant IDs */ };
-                        string tenantId = context.Principal.Claims.FirstOrDefault(x => x.Type == "tid" 
-                        || x.Type == "http://schemas.microsoft.com/identity/claims/tenantid")?.Value;
-                        if (!allowedTenants.Contains(tenantId))
-                        {
-                            throw new Exception("This tenant is not authorized");
-                        }
-                    };
-                },
-                options => { Configuration.Bind("AzureAd", options); });
+  .AddMicrosoftWebApi(options =>
+{
+    Configuration.Bind("AzureAd", options);
+    options.Events = new JwtBearerEvents();
+    options.Events.OnTokenValidated = async context =>
+    {
+        string[] allowedTenants = {/* list of tenant IDs */ };
+        string tenantId = context.Principal.Claims.FirstOrDefault(x => x.Type == "tid" || x.Type == "http://schemas.microsoft.com/identity/claims/tenantid")?.Value;
+
+        if (!allowedTenants.Contains(tenantId))
+        {
+            throw new Exception("This tenant is not authorized");
+        }
+    };
+}, options => { Configuration.Bind("AzureAd", options); })
+  .AddMicrosoftWebApiCallsWebApi(Configuration)
+  .AddInMemoryTokenCaches();
 ```