Updating portal instructions to admin center

Author: garrodonnell

articles/active-directory/develop/certificate-credentials.md

@@ -87,7 +87,7 @@ Gh95kHCOEGq5E_ArMBbDXhwKR577scxYaoJ1P{a lot of characters here}KKJDEg"
 
 ## Register your certificate with Microsoft identity platform
 
-You can associate the certificate credential with the client application in the Microsoft identity platform through the Azure portal using any of the following methods:
+You can associate the certificate credential with the client application in the Microsoft identity platform through the Microsoft Entra admin center using any of the following methods:
 
 ### Uploading the certificate file
 

articles/active-directory/develop/howto-configure-publisher-domain.md

@@ -66,15 +66,16 @@ If your multitenant was registered *after November 30, 2020*:
 
 If your app was registered *before May 21, 2019*, your app's consent prompt shows *unverified*, even if you haven't set a publisher domain. We recommend that you set the publisher domain value so that users can see this information in your app's consent prompt.
 
-## Set a publisher domain in the Azure portal
+## Set a publisher domain in the Microsoft Entra admin center
 
 [!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)]
 
-To set a publisher domain for your app by using the Azure portal:
+To set a publisher domain for your app by using the Microsoft Entra admin center:
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com).
 1. If you have access to multiple tenants, use the **Directory + subscription** filter :::image type="icon" source="./media/common/portal-directory-subscription-filter.png" border="false"::: in the portal global menu to select the tenant where the app is registered.
-1. In Azure Active Directory, go to [App registrations](https://go.microsoft.com/fwlink/?linkid=2083908). Search for and select the app you want to configure.
+1. In Azure Microsoft Entra admin center browse to **Identity** > **Applications** > **App registrations**. 
+1. Search for and select the app you want to configure.
 1. In **Overview**, in the resource menu under **Manage**, select **Branding**.
 1. In **Publisher domain**, select one of the following options:
 

articles/active-directory/develop/migrate-objc-adal-msal.md

@@ -218,9 +218,9 @@ ADAL and MSAL coexistence between multiple applications is fully supported.
 
 You don't need to change your existing Azure AD application to switch to MSAL and enable Azure AD accounts. However, if your ADAL-based application doesn't support brokered authentication, you'll need to register a new redirect URI for the application before you can switch to MSAL.
 
-The redirect URI should be in this format: `msauth.<app.bundle.id>://auth`. Replace `<app.bundle.id>` with your application's bundle ID. Specify the redirect URI in the [Azure portal](https://aka.ms/MobileAppReg).
+The redirect URI should be in this format: `msauth.<app.bundle.id>://auth`. Replace `<app.bundle.id>` with your application's bundle ID. Specify the redirect URI in the [Microsoft Entra admin center](https://entra.microsoft.com/?feature.broker=true#view/Microsoft_AAD_RegisteredApps/ApplicationsListBlade).
 
-For iOS only, to support cert-based authentication, an additional redirect URI needs to be registered in your application and the Azure portal in the following format: `msauth://code/<broker-redirect-uri-in-url-encoded-form>`. For example, `msauth://code/msauth.com.microsoft.mybundleId%3A%2F%2Fauth`
+For iOS only, to support cert-based authentication, an additional redirect URI needs to be registered in your application and the Microsoft Entra admin center in the following format: `msauth://code/<broker-redirect-uri-in-url-encoded-form>`. For example, `msauth://code/msauth.com.microsoft.mybundleId%3A%2F%2Fauth`
 
 We recommend all apps register both redirect URIs.
 

articles/active-directory/develop/migrate-spa-implicit-to-auth-code.md

@@ -33,12 +33,12 @@ The following sections describe each step in additional detail.
 
 [!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)]
 
-If you'd like to continue using your existing app registration for your applications, use the Azure portal to update the registration's redirect URIs to the SPA platform. Doing so enables the authorization code flow with PKCE and CORS support for apps that use the registration (you still need to update your application's code to MSAL.js v2.x).
+If you'd like to continue using your existing app registration for your applications, use the Microsoft Entra admin center to update the registration's redirect URIs to the SPA platform. Doing so enables the authorization code flow with PKCE and CORS support for apps that use the registration (you still need to update your application's code to MSAL.js v2.x).
 
 Follow these steps for app registrations that are currently configured with **Web** platform redirect URIs:
 
-1. Sign in to the <a href="https://portal.azure.com/" target="_blank">Azure portal</a> and select your **Azure Active Directory** tenant.
-1. In **App registrations**, select your application, and then **Authentication**.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com).
+1. Browse to **Identity** >  **Applications** > **App registrations**, select your application, and then **Authentication**.
 1. In the **Web** platform tile under **Redirect URIs**, select the warning banner indicating that you should migrate your URIs.
 
     :::image type="content" source="media/migrate-spa-implicit-to-auth-code/portal-01-implicit-warning-banner.png" alt-text="Implicit flow warning banner on web app tile in Azure portal":::

articles/active-directory/develop/msal-js-avoid-page-reloads.md

@@ -27,7 +27,7 @@ To avoid the entire app reloading again or other errors caused due to this, plea
 
 ## Specify different HTML for the iframe
 
-Set the `redirect_uri` property on config to a simple page, that does not require authentication. You have to make sure that it matches with the `redirect_uri` registered in Azure portal. This will not affect user's login experience as MSAL saves the start page when user begins the login process and redirects back to the exact location after login is completed.
+Set the `redirect_uri` property on config to a simple page, that does not require authentication. You have to make sure that it matches with the `redirect_uri` registered in Microsoft Entra admin center. This will not affect user's login experience as MSAL saves the start page when user begins the login process and redirects back to the exact location after login is completed.
 
 ## Initialization in your main app file
 

articles/active-directory/develop/msal-js-initializing-client-applications.md

@@ -26,9 +26,9 @@ To learn more about the client application types and application configuration o
 
 ## Prerequisites
 
-Before initializing an application, you first need to [register it with the Azure portal](scenario-spa-app-registration.md), establishing a trust relationship between your application and the Microsoft identity platform.
+Before initializing an application, you first need to [register it in the Microsoft Entra admin center](scenario-spa-app-registration.md), establishing a trust relationship between your application and the Microsoft identity platform.
 
-After registering your app, you'll need some or all of the following values that can be found in the Azure portal.
+After registering your app, you'll need some or all of the following values that can be found in the Microsoft Entra admin center.
 
 | Value                   | Required | Description                                                                                                                                                                |
 | :---------------------- | :------: | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -39,7 +39,7 @@ After registering your app, you'll need some or all of the following values that
 
 ## Initialize MSAL.js 2.x apps
 
-Initialize the MSAL.js authentication context by instantiating a [PublicClientApplication][msal-js-publicclientapplication] with a [Configuration][msal-js-configuration] object. The minimum required configuration property is the `clientID` of the application, shown as **Application (client) ID** on the **Overview** page of the app registration in the Azure portal.
+Initialize the MSAL.js authentication context by instantiating a [PublicClientApplication][msal-js-publicclientapplication] with a [Configuration][msal-js-configuration] object. The minimum required configuration property is the `clientID` of the application, shown as **Application (client) ID** on the **Overview** page of the app registration in the Microsoft Entra admin center.
 
 Here's an example configuration object and instantiation of a `PublicClientApplication`:
 
@@ -116,7 +116,7 @@ Three outcomes are possible from the promise:
 
 ## Initialize MSAL.js 1.x apps
 
-Initialize the MSAL 1.x authentication context by instantiating a UserAgentApplication with a configuration object. The minimum required configuration property is the `clientID` of your application, shown as **Application (client) ID** on the **Overview** page of the app registration in the Azure portal.
+Initialize the MSAL 1.x authentication context by instantiating a UserAgentApplication with a configuration object. The minimum required configuration property is the `clientID` of your application, shown as **Application (client) ID** on the **Overview** page of the app registration in the Microsoft Entra admin center.
 
 For authentication methods with redirect flows (loginRedirect and acquireTokenRedirect) in MSAL.js 1.2.x or earlier, you must explicitly register a callback for success or error through the `handleRedirectCallback()` method. Explicitly registering the callback is required in MSAL.js 1.2.x and earlier because redirect flows don't return promises like the methods with a pop-up experience do. Registering the callback is _optional_ in MSAL.js version 1.3.x and later.
 

articles/active-directory/develop/quickstart-console-app-netcore-acquire-token.md

@@ -35,7 +35,7 @@ The application can be built using either an automatic or manual configuration.
 
 To register and automatically configure the app and then download the code sample, follow these steps:
 
-1. Go to the [Azure portal page for app registration](https://portal.azure.com/?Microsoft_AAD_RegisteredApps=true#blade/Microsoft_AAD_RegisteredApps/applicationsListBlade/quickStartType/DotNetCoreDaemonQuickstartPage/sourceType/docs).
+1. Go to the [Microsoft Entra admin center page for app registration](https://entra.microsoft.com/?Microsoft_AAD_RegisteredApps=true#blade/Microsoft_AAD_RegisteredApps/applicationsListBlade/quickStartType/DotNetCoreDaemonQuickstartPage/sourceType/docs).
 1. Enter a name for your application and select **Register**.
 1. Follow the instructions to download and automatically configure your new application in one click.
 
@@ -49,10 +49,9 @@ To manually configure your application and code sample, use the following proced
 
 To register the application and add the registration information to the solution manually, follow these steps:
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com).
 1. If access to multiple tenants is available, use the **Directories + subscriptions** filter :::image type="icon" source="media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant in which to register the application.
-1. Search for and select **Azure Active Directory**.
-1. Under **Manage**, select **App registrations** > **New registration**.
+1. Browse to **Identity** > **Applications** > **App registrations**, select **New registration**.
 1. For **Name**, enter a name for the application. For example, enter **Daemon-console**. Users of the app will see this name, and can be changed later.
 1. Select **Register** to create the application.
 1. Under **Manage**, select **Certificates & secrets**.
@@ -74,7 +73,7 @@ This project can be run in either Visual Studio or Visual Studio for Mac and can
 1. Extract the *.zip* file to a local folder that's close to the root of the disk to avoid errors caused by path length limitations on Windows. For example, extract to *C:\Azure-Samples*.
 
 1. Open the solution in Visual Studio: *1-Call-MSGraph\daemon-console.sln* (optional).
-1. In *appsettings.json*, replace the values of `Tenant`, `ClientId`, and `ClientSecret`. The value for the application (client) ID and the directory (tenant) ID, can be found in the app's **Overview** page on the Azure portal.
+1. In *appsettings.json*, replace the values of `Tenant`, `ClientId`, and `ClientSecret`. The value for the application (client) ID and the directory (tenant) ID, can be found in the app's **Overview** page on the Microsoft Entra admin center.
 
    ```json
    "TenantId": "Enter_the_Tenant_Id_Here",
@@ -94,7 +93,7 @@ Running the application now results in the output `HTTP 403 - Forbidden* error:
 
 ##### Global tenant administrator
 
-For a global tenant administrator, go to **Enterprise applications** in the Azure portal. Select the app registration, and select **Permissions** from the **Security** section of the left pane. Then select the large button labeled **Grant admin consent for {Tenant Name}** (where **{Tenant Name}** is the name of the directory).
+For a global tenant administrator, go to **Enterprise applications** in the Microsoft Entra admin center. Select the app registration, and select **Permissions** from the **Security** section of the left pane. Then select the large button labeled **Grant admin consent for {Tenant Name}** (where **{Tenant Name}** is the name of the directory).
 
 ##### Standard user
 
@@ -193,8 +192,8 @@ This code uses the configuration defined in the appsettings.json file:
 
  | Element | Description |
  |---------|---------|
- | `ClientSecret` | The client secret created for the application in the Azure portal. |
- | `ClientId` | The application (client) ID for the application registered in the Azure portal. This value can be found on the app's **Overview** page in the Azure portal. |
+ | `ClientSecret` | The client secret created for the application in the Microsoft Entra admin center. |
+ | `ClientId` | The application (client) ID for the application registered in the Microsoft Entra admin center. This value can be found on the app's **Overview** page in the Microsoft Entra admin center. |
  | `Instance`    | (Optional) The security token service (STS) could instance endpoint for the app to authenticate. It's usually `https://login.microsoftonline.com/` for the public cloud.|
  | `TenantId`    |  Name of the tenant or the tenant ID.|
 

articles/active-directory/develop/quickstart-daemon-app-python-acquire-token.md

@@ -37,10 +37,9 @@ To run this sample, you need:
 
 To register your application and add the app's registration information to your solution manually, follow these steps:
 
-1. Sign in to the [Azure portal](https://portal.azure.com).
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com).
 1. If you have access to multiple tenants, use the **Directories + subscriptions** filter :::image type="icon" source="media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant in which you want to register the application.
-1. Search for and select **Azure Active Directory**.
-1. Under **Manage**, select **App registrations** > **New registration**.
+1. Browse to **Identity** > **Applications** > **App registrations**, select **New registration**.
 1. Enter a **Name** for your application, for example `Daemon-console`. Users of your app might see this name, and you can change it later.
 1. Select **Register**.
 1. Under **Manage**, select **Certificates & secrets**.
@@ -70,7 +69,7 @@ To register your application and add the app's registration information to your
    - `Enter_the_Client_Secret_Here` - replace this value with the client secret created on step 1.
 
 > [!TIP]
-> To find the values of **Application (client) ID**, **Directory (tenant) ID**, go to the app's **Overview** page in the Azure portal. To generate a new key, go to **Certificates & secrets** page.
+> To find the values of **Application (client) ID**, **Directory (tenant) ID**, go to the app's **Overview** page in the Microsoft Entra admin center. To generate a new key, go to **Certificates & secrets** page.
 
 
 #### Step 4: Admin consent
@@ -79,7 +78,7 @@ If you try to run the application at this point, you'll receive *HTTP 403 - Forb
 
 ##### Global tenant administrator
 
-If you're a global tenant administrator, go to **API Permissions** page in **App registrations** in the Azure portal and select **Grant admin consent for {Tenant Name}** (Where {Tenant Name} is the name of your directory).
+If you're a global tenant administrator, go to **API Permissions** page in **App registrations** in the Microsoft Entra admin center and select **Grant admin consent for {Tenant Name}** (Where {Tenant Name} is the name of your directory).
 
 
 ##### Standard user
@@ -144,8 +143,8 @@ app = msal.ConfidentialClientApplication(
 
 | Where: |Description |
 |---------|---------|
-| `config["secret"]` | Is the client secret created for the application in Azure portal. |
-| `config["client_id"]` | Is the **Application (client) ID** for the application registered in the Azure portal. You can find this value in the app's **Overview** page in the Azure portal. |
+| `config["secret"]` | Is the client secret created for the application in Microsoft Entra admin center. |
+| `config["client_id"]` | Is the **Application (client) ID** for the application registered in the Microsoft Entra admin center. You can find this value in the app's **Overview** page in the Microsoft Entra admin center. |
 | `config["authority"]`    | The STS endpoint for user to authenticate. Usually `https://login.microsoftonline.com/{tenant}` for public cloud, where {tenant} is the name of your tenant or your tenant ID.|
 
 For more information, please see the [reference documentation for `ConfidentialClientApplication`](https://msal-python.readthedocs.io/en/latest/#confidentialclientapplication).
@@ -165,7 +164,7 @@ if not result:
 
 |Where:| Description |
 |---------|---------|
-| `config["scope"]` | Contains the scopes requested. For confidential clients, this should use the format similar to `{Application ID URI}/.default` to indicate that the scopes being requested are the ones statically defined in the app object set in the Azure portal (for Microsoft Graph, `{Application ID URI}` points to `https://graph.microsoft.com`). For custom web APIs, `{Application ID URI}` is defined under the **Expose an API** section in **App registrations** in the Azure portal.|
+| `config["scope"]` | Contains the scopes requested. For confidential clients, this should use the format similar to `{Application ID URI}/.default` to indicate that the scopes being requested are the ones statically defined in the app object set in the Microsoft Entra admin center (for Microsoft Graph, `{Application ID URI}` points to `https://graph.microsoft.com`). For custom web APIs, `{Application ID URI}` is defined under the **Expose an API** section in **App registrations** in the Microsoft Entra admin center.|
 
 For more information, please see the [reference documentation for `AcquireTokenForClient`](https://msal-python.readthedocs.io/en/latest/#msal.ConfidentialClientApplication.acquire_token_for_client).