Merge pull request #251105 from omondiatieno/sap-erp-easy

prmerger-automator[bot] · web-flow · commit 0d5ef1b9531b · 2023-09-12T14:13:22.000Z
sap erp easy - UI updates
diff --git a/articles/active-directory/manage-apps/f5-big-ip-sap-erp-easy-button.md b/articles/active-directory/manage-apps/f5-big-ip-sap-erp-easy-button.md
@@ -21,7 +21,7 @@ In this article, learn to secure SAP ERP using Azure Active Directory (Azure AD)
 * [Zero Trust framework to enable remote work](https://www.microsoft.com/security/blog/2020/04/02/announcing-microsoft-zero-trust-assessment-tool/) 
 * [What is Conditional Access?](../conditional-access/overview.md)
 * Single sign-on (SSO) between Azure AD and BIG-IP published services
-* Manage identities and access from the [Azure portal](https://portal.azure.com)
+* Manage identities and access from the [Microsoft Entra admin center](https://entra.microsoft.com)
 
 Learn more: 
 
@@ -69,8 +69,7 @@ SHA supports SP and IdP initiated flows. The following image illustrates the SP-
     * 90-day BIG-IP full feature [trial license](https://www.f5.com/trial/big-ip-trial.php)
 * User identities synchronized from an on-premises directory to Azure AD, or created in Azure AD and flowed back to the on-premises directory
   * See, [Azure AD Connect sync: Understand and customize synchronization](../hybrid/connect/how-to-connect-sync-whatis.md)
-* An account with Azure AD Application Admin permissions
-  * See, [Azure AD built-in roles](../roles/permissions-reference.md)
+* One of the following roles: Global Administrator, Cloud Application Administrator, or Application Administrator.
 * An SSL Web certificate to publish services over HTTPS, or use default BIG-IP certs for testing
   * See, [Deploy F5 BIG-IP Virtual Edition VM in Azure](./f5-bigip-deployment-guide.md)
 * An SAP ERP environment configured for Kerberos authentication
@@ -92,14 +91,13 @@ See, [Quickstart: Register an application with the Microsoft identity platform](
 
 Register the Easy Button client in Azure AD, then it's allowed to establish a trust between SAML SP instances of a BIG-IP published application, and Azure AD as the SAML IdP.
 
-1. Sign in to the [Azure portal](https://portal.azure.com) with Application Administrator permissions.
-2. In the left navigation pane, select the **Azure Active Directory** service.
-3. Under Manage, select **App registrations > New registration**.
-4. Enter a **Name**. 
-5. In **Accounts in this organizational directory only**, specify who can use the application.
-6. Select **Register**.
-7. Navigate to **API permissions**.
-8. Authorize the following Microsoft Graph Application permissions:
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Cloud Application Administrator](../roles/permissions-reference.md#cloud-application-administrator). 
+2. Browse to **Identity** > **Applications** > **App registrations** > **New registration**.
+3. Enter a **Name** for the new application. 
+4. In **Accounts in this organizational directory only**, specify who can use the application.
+5. Select **Register**.
+6. Navigate to **API permissions**.
+7. Authorize the following Microsoft Graph Application permissions:
 
    * Application.Read.All
    * Application.ReadWrite.All
