Links, plural

rolyon · rolyon · commit 32446aab7025 · 2023-04-03T14:18:01.000-07:00
diff --git a/articles/active-directory/roles/protected-actions-add.md b/articles/active-directory/roles/protected-actions-add.md
@@ -18,7 +18,7 @@ ms.date: 04/05/2022
 > Protected actions are currently in PREVIEW.
 > See the [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) for legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
 
-[Protected actions](./protected-actions-overview.md) in Azure Active Directory (Azure AD) are permissions that have been assigned Conditional Access polices that are enforced when a user attempts to perform an action. This article describes how to add, remove, and test a protected action.
+[Protected actions](./protected-actions-overview.md) in Azure Active Directory (Azure AD) are permissions that have been assigned Conditional Access polices that are enforced when a user attempts to perform an action. This article describes how to add, remove, and test protected actions.
 
 ## Prerequisites
 
@@ -28,9 +28,9 @@ To add or remove protected actions, you must have:
 - [Conditional Access Administrator](permissions-reference.md#conditional-access-administrator) or [Security Administrator](permissions-reference.md#security-administrator)
 - One or more [Conditional Access authentication context configured](../conditional-access/concept-conditional-access-cloud-apps.md#authentication-context)
 
-## Add a protected action
+## Add protected actions
 
-To add a protection action, assign a Conditional Access policy to one or more permissions, using a Conditional Access authentication context.
+To add protection actions, assign a Conditional Access policy to one or more permissions, using a Conditional Access authentication context.
 
 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com).
 
@@ -56,7 +56,7 @@ To add a protection action, assign a Conditional Access policy to one or more pe
 
     The new protected actions appear in the list of protected actions
 
-## Test a protected action
+## Test protected actions
 
 When a user performs a protected action, they'll need to satisfy Conditional Access policy requirements. This section shows the experience for a user being prompted to satisfy a policy. In this example, the user is required to authenticate with a FIDO security key before they can update Conditional Access policies.
 
@@ -84,9 +84,9 @@ When a user performs a protected action, they'll need to satisfy Conditional Acc
 
     :::image type="content" source="media/protected-actions-add/test-policy-edit.png" alt-text="Screenshot of an enabled Conditional Access policy that can be edited." lightbox="media/protected-actions-add/test-policy-edit.png":::
 
-## Remove a protected action
+## Remove protected actions
 
-To remove a protection action, unassign Conditional Access policy requirements from a permission.
+To remove protection actions, unassign Conditional Access policy requirements from a permission.
 
 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com).
 
@@ -102,7 +102,7 @@ To remove a protection action, unassign Conditional Access policy requirements f
 
 ## Microsoft Graph
 
-### Add a protected action
+### Add protected actions
 
 Protected actions are added by assigning an authentication context value to a permission. Authentication context values that are available in the tenant can be discovered by calling the [authenticationContextClassReference](/graph/api/resources/authenticationcontextclassreference?branch=main) API.
 
@@ -184,3 +184,5 @@ Make sure you're using Microsoft Graph PowerShell.
 
 ## Next steps
 
+- [What are protected actions in Azure AD?](protected-actions-overview.md)
+- [Conditional Access authentication context](../conditional-access/concept-conditional-access-cloud-apps.md#authentication-context)
diff --git a/articles/active-directory/roles/protected-actions-overview.md b/articles/active-directory/roles/protected-actions-overview.md
@@ -47,11 +47,11 @@ Here is the initial set of permissions:
 > [!div class="mx-tableFixed"]
 > | Permission | Description |
 > | --- | --- |
-> | microsoft.directory/conditionalAccessPolicies/create | Create conditional access policies |
 > | microsoft.directory/conditionalAccessPolicies/basic/update | Update basic properties for conditional access policies |
+> | microsoft.directory/conditionalAccessPolicies/create | Create conditional access policies |
 > | microsoft.directory/conditionalAccessPolicies/delete | Delete conditional access policies |
-> | microsoft.directory/namedLocations/create | Create custom rules that define network locations |
 > | microsoft.directory/namedLocations/basic/update | Update basic properties of custom rules that define network locations |
+> | microsoft.directory/namedLocations/create | Create custom rules that define network locations |
 > | microsoft.directory/namedLocations/delete | Delete custom rules that define network locations |
 > | microsoft.directory/resourceNamespaces/resourceActions/authenticationContext/update | Update Conditional Access authentication context of Microsoft 365 role-based access control (RBAC) resource actions |
 
@@ -71,11 +71,11 @@ Here is the initial set of permissions:
 
 1. **Add protected actions**
 
-    Add protected actions by assigning Conditional Access authentication context values to selected permissions. Learn more
+    Add protected actions by assigning Conditional Access authentication context values to selected permissions. [Learn more](./protected-actions-add.md#add-protected-actions)
 
-1. **Use protected action**
+1. **Test protected actions**
 
-    Sign in as a user and test the user experience by performing the protected action. You should be prompted to satisfy the Conditional Access policy requirements. For example, if the policy requires multi-factor authentication, you should be redirected to the sign-in page and prompted for strong authentication. Learn more
+    Sign in as a user and test the user experience by performing the protected action. You should be prompted to satisfy the Conditional Access policy requirements. For example, if the policy requires multi-factor authentication, you should be redirected to the sign-in page and prompted for strong authentication. [Learn more](./protected-actions-add.md#test-protected-actions)
 
 ## What happens with protected actions and applications?
 
@@ -119,4 +119,4 @@ Here are some best practices for using protected actions.
 
 ## Next steps
 
-- [Add, remove, or use protected actions in Azure AD](./protected-actions-add.md)
+- [Add, remove, or test protected actions in Azure AD](./protected-actions-add.md)
