updated to add client aad link

Gitprakhar13 · Gitprakhar13 · commit 318c75202747 · 2022-10-20T09:38:19.000-07:00
diff --git a/articles/attestation/azure-TPM-VBS-attestation-usage.md b/articles/attestation/azure-TPM-VBS-attestation-usage.md
@@ -49,14 +49,19 @@ Here's how you can set up an attestation endpoint using Portal
 Sample policies can be found in the [policy section](tpm-attestation-sample-policies.md) .</br>
 
 > [!NOTE]
-> Note: TPM endpoints are designed to be provisioned without a default attestation policy.
+> TPM endpoints are designed to be provisioned without a default attestation policy.
 </ul>
 
 
 ### Client Setup:
 A client to communicate with the attestation service endpoint needs to ensure it's following the protocol as described in the [protocol documentation](virtualization-based-security-protocol.md). Use the [Attestation Client NuGet](https://www.nuget.org/packages/Microsoft.Attestation.Client) to ease the integration.
 
 <ul>
+<li> 
+An Azure AD identity is needed to access the TPM endpoint.
+
+Learn more [Azure AD identity tokens](azure/active-directory/develop/access-tokens.md).
+</li>
 <li> Add Attestation Reader Role to the identity that will be need for authentication against the endpoint. Azure i
 
 > [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE5aoRi]
@@ -75,4 +80,4 @@ Here's a sample of the contents of the attestation report.
 
 :::image type="content" source="./media/sampledecodedtoken.jpg" alt-text="Sample decoded token for tpm attestation" lightbox="./media/sampledecodedtoken.jpg":::
 
-Using the Open ID [metadata endpoint](https://learn.microsoft.com/rest/api/attestation/metadata-configuration/get?tabs=HTTP) contains properties, which describe the attestation service.The signing keys describe the keys, which will be used to sign tokens generated by the attestation service. All tokens emitted by the attestation service will be signed by one of the certificates listed in the attestation signing keys.
+Using the Open ID [metadata endpoint](/rest/api/attestation/metadata-configuration) contains properties, which describe the attestation service.The signing keys describe the keys, which will be used to sign tokens generated by the attestation service. All tokens emitted by the attestation service will be signed by one of the certificates listed in the attestation signing keys.
