app reg step clarify

Author: mmacy

includes/active-directory-b2c-permissions-directory.md

@@ -23,14 +23,14 @@ ms.author: marsma
 
 1. Under **Manage**, select **API permissions**.
 1. Under **Configured permissions**, select **Add a permission**.
-1. Select **Microsoft Graph**.
+1. Select the **Microsoft APIs** tab, then select **Microsoft Graph**.
 1. Select **Application permissions**.
 1. Expand the appropriate permission group and select the check box of the permission to grant to your management application. For example:
     * **AuditLog** > **AuditLog.Read.All**: For reading the directory's audit logs.
     * **Directory** > **Directory.ReadWrite.All**: For user migration or user management scenarios.
     * **Policy** > **Policy.ReadWrite.TrustFramework**: For continuous integration/continuous delivery (CI/CD) scenarios. For example, custom policy deployment with Azure Pipelines.
 1. Select **Add permissions**. As directed, wait a few minutes before proceeding to the next step.
 1. Select **Grant admin consent for (your tenant name)**.
-1. Select a tenant administrator account.
+1. Select your currently signed-in administrator account, or sign in with an account in your Azure AD B2C tenant that's been assigned at least the *Cloud application administrator* role.
 1. Select **Accept**.
 1. Select **Refresh**, and then verify that "Granted for ..." appears under **Status**. It might take a few minutes for the permissions to propagate.