Aremo ms/sample4 3 basher (#656)

aremo-ms · Kalyan Krishna · kalyankrishna1 · web-flow · commit ca3427be6cd2 · 2022-12-19T16:16:21.000-05:00
* slightly updated sample.json to meet new code generator format + enabled tenant validation in startup

* working on BASHER

* added allowed tenants list to appsettings.json

* added PS items to solution

* updated readme for validation of tenants

* reverted sample.json

* addressed review comments

* slight update in readme.md

* added client capabilities

* Minor edits

* More edits

* addressed comments

* Updated readme and Service/TodoListController.cs to have new scopes Read.User.Data and Write.User.Data

* updated sample.json with Audience and manual steps for Service application

* updated PowerShell scripts

* reverted to back compatible URL names in sample.json + cleanup

* latest packages (.NET 7.0), cleanup and config are from latest CodeGen. Added readme_steps for easer compare (will delete before release). Current status: todo list fails to display

* bumped versions packages

* ps files are generated by latest code gen, updated scope and permissions to latest trend. Appsettings.json was updated to keep graph info. Sample.json was updated to have latest code jen fileds (still need to be updated)

* removed graph client creation and getting token. The client is obtained from middleware now

* Setting some fundamentals stuff right ahead

* BASHER logic and permissions, some cleanup as well

* re-added reply url for service, renamed name of app registration to have "_" instead of "-"

* readme file with initial "How the code was created" and updated "About the code", other sub-readme files

* bumped all versions

* fixing mismatch between readme and manual steps

* updated readme

* renamed AppId and Scope for Web API

* formatting and textual edits

* addressed comments

* last update

* updated

Co-authored-by: Kalyan Krishna &lt;kkrishna@microsoft.com&gt;
Co-authored-by: kalyankrishna1 &lt;kalyankrishna1@gmail.com&gt;
diff --git a/4-WebApp-your-API/4-3-AnyOrg/Readme.md b/4-WebApp-your-API/4-3-AnyOrg/Readme.md
@@ -180,7 +180,7 @@ To manually register the apps, as a first step you'll need to:
     1. Select the **Add a permission** button and then:
     1. Ensure that the **Microsoft APIs** tab is selected.
     1. In the *Commonly used Microsoft APIs* section, select **Microsoft Graph**
-    1. In the **Delegated permissions** section, select **User.Read.All** in the list. Use the search box if necessary.
+    1. In the **Delegated permissions** section, select **User.Read.All** in the list. Use the search box if necessary. This permission requires **Admin Consent**, so please select **Grant admin consent**.
     1. Select the **Add permissions** button at the bottom.
 1. In the app's registration screen, select the **Expose an API** blade to the left to open the page where you can publish the permission as an API for which client applications can obtain [access tokens](https://aka.ms/access-tokens) for. The first thing that we need to do is to declare the unique [resource](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-auth-code-flow) URI that the clients will be using to obtain access tokens for this API. To declare an resource URI(Application ID URI), follow the following steps:
     1. Select **Set** next to the **Application ID URI** to generate a URI that is unique for this app.
