Merge pull request #89024 from MicrosoftDocs/master

9/18 PM Publish

Author: huypub

articles/active-directory-b2c/active-directory-b2c-tutorials-web-api.md

@@ -1,12 +1,12 @@
 ---
-title: Tutorial - Grant access to an ASP.NET web API - Azure Active Directory B2C | Microsoft Docs
+title: Tutorial - Grant access to an ASP.NET web API - Azure Active Directory B2C
 description: Tutorial on how to use Active Directory B2C to protect an ASP.NET web API and call it from an ASP.NET web application.
 services: active-directory-b2c
 author: mmacy
 manager: celestedg
 
 ms.author: marsma
-ms.date: 02/04/2019
+ms.date: 09/19/2019
 ms.custom: mvc
 ms.topic: tutorial
 ms.service: active-directory
@@ -78,20 +78,20 @@ There are two projects in the sample solution:
 
 The following two projects are in the sample solution:
 
-- **TaskWebApp** - Create and edit a task list. The sample uses the **sign-up or sign-in** user flow to sign up or sign in users.
-- **TaskService** - Supports the create, read, update, and delete task list functionality. The API is protected by Azure AD B2C and called by TaskWebApp.
+* **TaskWebApp** - Create and edit a task list. The sample uses the **sign-up or sign-in** user flow to sign up or sign in users.
+* **TaskService** - Supports the create, read, update, and delete task list functionality. The API is protected by Azure AD B2C and called by TaskWebApp.
 
 ### Configure the web application
 
 1. Open the **B2C-WebAPI-DotNet** solution in Visual Studio.
-2. Open **Web.config** in the **TaskWebApp** project.
-3. To run the API locally, use the localhost setting for **api:TaskServiceUrl**. Change the Web.config as follows:
+1. In the **TaskWebApp** project, open **Web.config**.
+1. To run the API locally, use the localhost setting for **api:TaskServiceUrl**. Change the Web.config as follows:
 
     ```csharp
     <add key="api:TaskServiceUrl" value="https://localhost:44332/"/>
     ```
 
-3. Configure the URI of the API. This is the URI the web application uses to make the API request. Also, configure the requested permissions.
+1. Configure the URI of the API. This is the URI the web application uses to make the API request. Also, configure the requested permissions.
 
     ```csharp
     <add key="api:ApiIdentifier" value="https://<Your tenant name>.onmicrosoft.com/api/" />
@@ -101,26 +101,27 @@ The following two projects are in the sample solution:
 
 ### Configure the web API
 
-1. Open **Web.config** in the **TaskService** project.
-2. Configure the API to use your tenant.
+1. In the **TaskService** project, open **Web.config**.
+1. Configure the API to use your tenant.
 
     ```csharp
+    <add key="ida:AadInstance" value="https://<Your tenant name>.b2clogin.com/{0}/{1}/v2.0/.well-known/openid-configuration" />
     <add key="ida:Tenant" value="<Your tenant name>.onmicrosoft.com" />
     ```
 
-3. Set the client ID to the registered Application ID for your API.
+1. Set the client ID to the Application ID of your registered web API application, *webapi1*.
 
     ```csharp
     <add key="ida:ClientId" value="<application-ID>"/>
     ```
 
-4. Update the user flow setting with the name of the sign up and sign-in user flow.
+1. Update the user flow setting with the name of your sign-up and sign-in user flow, *B2C_1_signupsignin1*.
 
     ```csharp
-    <add key="ida:SignUpSignInUserFlowId" value="B2C_1_signupsignin1" />
+    <add key="ida:SignUpSignInPolicyId" value="B2C_1_signupsignin1" />
     ```
 
-5. Configure the scopes setting to match what you created in the portal.
+1. Configure the scopes setting to match those you created in the portal.
 
     ```csharp
     <add key="api:ReadScope" value="Hello.Read" />
@@ -132,17 +133,17 @@ The following two projects are in the sample solution:
 You need to run both the **TaskWebApp** and **TaskService** projects.
 
 1. In Solution Explorer, right-click on the solution and select **Set StartUp Projects...**.
-2. Select **Multiple startup projects**.
-3. Change the **Action** for both projects to **Start**.
-4. Click **OK** to save the configuration.
-5. Press **F5** to run both applications. Each application opens in its own browser tab.
-    `https://localhost:44316/` is the web application.
-    `https://localhost:44332/` is the web API.
+1. Select **Multiple startup projects**.
+1. Change the **Action** for both projects to **Start**.
+1. Click **OK** to save the configuration.
+1. Press **F5** to run both applications. Each application opens in its own browser window.
+    * `https://localhost:44316/` is the web application.
+    * `https://localhost:44332/` is the web API.
 
-6. In the web application, click **sign-up / sign-in** to sign in to the web application. Use the account that you previously created.
-7. After you sign in, click **To-do list** and create a to-do list item.
+1. In the web application, select **sign-up / sign-in** to sign in to the web application. Use the account that you previously created.
+1. After you sign in, select **To-do list** and create a to-do list item.
 
-When you create a to-do list item, the web application makes a request to the web API to generate the to-do list item. You're protected web application is calling the protected web API in your Azure AD B2C tenant.
+When you create a to-do list item, the web application makes a request to the web API to generate the to-do list item. Your protected web application is calling the web API protected by Azure AD B2C.
 
 ## Next steps
 

articles/active-directory-b2c/active-directory-b2c-tutorials-web-app.md

@@ -6,7 +6,7 @@ author: mmacy
 manager: celestedg
 
 ms.author: marsma
-ms.date: 09/12/2019
+ms.date: 09/19/2019
 ms.custom: mvc
 ms.topic: tutorial
 ms.service: active-directory
@@ -36,13 +36,13 @@ In this tutorial, you learn how to:
 In the tutorial that you completed as part of the prerequisites, you added a web application in Azure AD B2C. To enable communication with the sample in this tutorial, you need to add a redirect URI to the application in Azure AD B2C.
 
 1. Sign in to the [Azure portal](https://portal.azure.com).
-2. Make sure you're using the directory that contains your Azure AD B2C tenant by selecting the **Directory + subscription** filter in the top menu and choosing the directory that contains your tenant.
-3. Choose **All services** in the top-left corner of the Azure portal, and then search for and select **Azure AD B2C**.
-4. Select **Applications**, and then select the *webapp1* application.
-5. Under **Reply URL**, add `https://localhost:44316`.
-6. Select **Save**.
-7. On the properties page, record the application ID that you'll use when you configure the web application.
-8. Select **Keys**, select **Generate key**, and select **Save**. Record the key that you'll use when you configure the web application.
+1. Make sure you're using the directory that contains your Azure AD B2C tenant by selecting the **Directory + subscription** filter in the top menu and choosing the directory that contains your tenant.
+1. Choose **All services** in the top-left corner of the Azure portal, and then search for and select **Azure AD B2C**.
+1. Select **Applications**, and then select the *webapp1* application.
+1. Under **Reply URL**, add `https://localhost:44316`.
+1. Select **Save**.
+1. On the properties page, record the application ID that you'll use when you configure the web application.
+1. Select **Keys**, select **Generate key**, and select **Save**. Record the key that you'll use when you configure the web application.
 
 ## Configure the sample
 
@@ -54,16 +54,16 @@ git clone https://github.com/Azure-Samples/active-directory-b2c-dotnet-webapp-an
 
 The following two projects are in the sample solution:
 
-- **TaskWebApp** - Create and edit a task list. The sample uses the **sign-up or sign-in** user flow to sign up and sign in users.
-- **TaskService** - Supports the create, read, update, and delete task list functionality. The API is protected by Azure AD B2C and called by TaskWebApp.
+* **TaskWebApp** - Create and edit a task list. The sample uses the **sign-up or sign-in** user flow to sign up and sign in users.
+* **TaskService** - Supports the create, read, update, and delete task list functionality. The API is protected by Azure AD B2C and called by TaskWebApp.
 
 You change the sample to use the application that's registered in your tenant, which includes the application ID and the key that you previously recorded. You also configure the user flows that you created. The sample defines the configuration values as settings in the *Web.config* file.
 
 Update the settings in the Web.config file to work with your user flow:
 
 1. Open the **B2C-WebAPI-DotNet** solution in Visual Studio.
 1. In the **TaskWebApp** project, open the **Web.config** file.
-    1. Replace the value of `ida:Tenant` and `ida:AadInstance` with the name of the tenant that you created.
+    1. Update the value of `ida:Tenant` and `ida:AadInstance` with the name of the Azure AD B2C tenant that you created. For example, replace `fabrikamb2c` with `contoso`.
     1. Replace the value of `ida:ClientId` with the application ID that you recorded.
     1. Replace the value of `ida:ClientSecret` with the key that you recorded. You must XML-encode the client secret before adding it to your Web.config.
     1. Replace the value of `ida:SignUpSignInPolicyId` with `b2c_1_signupsignin1`.
@@ -73,19 +73,21 @@ Update the settings in the Web.config file to work with your user flow:
 ## Run the sample
 
 1. In Solution Explorer, right-click the **TaskWebApp** project, and then click **Set as StartUp Project**.
-2. Press **F5**. The default browser launches to the local web site address `https://localhost:44316/`.
+1. Press **F5**. The default browser launches to the local web site address `https://localhost:44316/`.
 
 ### Sign up using an email address
 
-1. Click **Sign up / Sign in** to sign up as a user of the application. The **b2c_1_signupsignin1** user flow is used.
-2. Azure AD B2C presents a sign-in page with a sign-up link. Since you don't have an account yet, select **Sign up now**. The sign-up workflow presents a page to collect and verify the user's identity using an email address. The sign-up workflow also collects the user's password and the requested attributes defined in the user flow.
-3. Use a valid email address and validate using the verification code. Set a password. Enter values for the requested attributes.
+1. Select **Sign up / Sign in** to sign up as a user of the application. The **b2c_1_signupsignin1** user flow is used.
+1. Azure AD B2C presents a sign-in page with a sign-up link. Since you don't have an account yet, select **Sign up now**. The sign-up workflow presents a page to collect and verify the user's identity using an email address. The sign-up workflow also collects the user's password and the requested attributes defined in the user flow.
+1. Use a valid email address and validate using the verification code. Set a password. Enter values for the requested attributes.
 
     ![Sign-up page shown as part of sign-in/sign-up workflow](media/active-directory-b2c-tutorials-web-app/sign-up-workflow.PNG)
 
-4. Click **Create** to create a local account in the Azure AD B2C tenant.
+1. Select **Create** to create a local account in the Azure AD B2C tenant.
 
-Now the user can use their email address to sign in and use the web application.
+The application user can now use their email address to sign in and use the web application.
+
+However, the **To-Do List** feature won't function until you complete the next tutorial in the series, [Tutorial: Use Azure AD B2C to protect an ASP.NET web API](active-directory-b2c-tutorials-web-api.md).
 
 ## Next steps
 
@@ -96,5 +98,7 @@ In this tutorial, you learned how to:
 > * Configure the sample to use the application
 > * Sign up using the user flow
 
+Now move on to the next tutorial to enable the **To-Do List** feature of the web application. In it, you register a web API application in your own Azure AD B2C tenant, and then modify the code sample to use your tenant for API authentication.
+
 > [!div class="nextstepaction"]
-> [Tutorial: Use Azure Active Directory B2C to protect an ASP.NET web API](active-directory-b2c-tutorials-web-api.md)
+> [Tutorial: Use Azure Active Directory B2C to protect an ASP.NET web API >](active-directory-b2c-tutorials-web-api.md)