Merge pull request #224767 from dlepow/patch-166

Update authentication-managed-identity-policy.md

Author: prmerger-automator[bot]

articles/api-management/authentication-managed-identity-policy.md

@@ -28,9 +28,9 @@ Both system-assigned identity and any of the multiple user-assigned identities c
 
 | Attribute         | Description                                            | Required | Default |
 | ----------------- | ------------------------------------------------------ | -------- | ------- |
-|resource|String. The application ID of the target web API (secured resource) in Azure Active Directory.|Yes|N/A|
-|client-id|String. The client ID of the user-assigned identity in Azure Active Directory.|No|system-assigned identity|
-|output-token-variable-name|String. Name of the context variable that will receive token value as an object of type `string`. |No|N/A|  
+|resource|String. The application ID of the target web API (secured resource) in Azure Active Directory. Policy expressions are allowed. |Yes|N/A|
+|client-id|String. The client ID of the user-assigned identity in Azure Active Directory. Policy expressions are not allowed. |No|system-assigned identity|
+|output-token-variable-name|String. Name of the context variable that will receive token value as an object of type `string`. Policy expresssions are not allowed. |No|N/A|  
 |ignore-error|Boolean. If set to `true`, the policy pipeline will continue to execute even if an access token is not obtained.|No|`false`|  
 
 
@@ -89,4 +89,4 @@ Both system-assigned identity and any of the multiple user-assigned identities c
 
 * [API Management authentication policies](api-management-authentication-policies.md)
 
-[!INCLUDE [api-management-policy-ref-next-steps](../../includes/api-management-policy-ref-next-steps.md)]
+[!INCLUDE [api-management-policy-ref-next-steps](../../includes/api-management-policy-ref-next-steps.md)]