Fixed blocking errors

cmmdesai · cmmdesai · commit 4175d3b6aa9d · 2023-07-21T16:44:55.000-07:00
diff --git a/articles/active-directory/app-provisioning/inbound-provisioning-api-graph-explorer.md b/articles/active-directory/app-provisioning/inbound-provisioning-api-graph-explorer.md
@@ -15,7 +15,6 @@ ms.reviewer: cmmdesai
 
 # Quickstart API-driven inbound provisioning with Graph Explorer (Public preview)
 
-## Introduction
 This tutorial describes how you can quickly test [API-driven inbound provisioning](inbound-provisioning-api-concepts.md) with Microsoft Graph Explorer.
 
 ## Pre-requisites
@@ -224,7 +223,7 @@ The bulk request shown below uses the SCIM standard Core User and Enterprise Use
     "failOnErrors": null
 }
 ```
-## Next Steps
+## Next steps
 - [Troubleshoot issues with the inbound provisioning API](inbound-provisioning-api-issues.md)
 - [API-driven inbound provisioning concepts](inbound-provisioning-api-concepts.md)
 - [Frequently asked questions about API-driven inbound provisioning](inbound-provisioning-api-faqs.md)
diff --git a/articles/active-directory/app-provisioning/inbound-provisioning-api-logic-apps.md b/articles/active-directory/app-provisioning/inbound-provisioning-api-logic-apps.md
@@ -15,15 +15,13 @@ ms.reviewer: cmmdesai
 
 # API-driven inbound provisioning with Azure Logic Apps (Public preview)
 
-## Introduction
-
 This tutorial describes how to use Azure Logic Apps workflow to implement Microsoft Entra ID [API-driven inbound provisioning](inbound-provisioning-api-concepts.md). Using the steps in this tutorial, you can convert a CSV file containing HR data into a bulk request payload and send it to the Microsoft Entra ID provisioning [/bulkUpload](/graph/api/synchronization-synchronizationjob-post-bulkupload) API endpoint. 
 
 ## Integration scenario
 
 This tutorial addresses the following integration scenario: 
 
-:::image type="content" source="media/inbound-provisioning-api-logic-apps/logic-apps-integration-overview.png" alt-text="Architecture overview of Azure Logic Apps-based integration." lightbox="media/inbound-provisioning-api-logic-apps/logic-apps-integration-overview.png":::
+:::image type="content" source="media/inbound-provisioning-api-logic-apps/logic-apps-integration-overview.png" alt-text="Graphic of Azure Logic Apps-based integration." lightbox="media/inbound-provisioning-api-logic-apps/logic-apps-integration-overview.png":::
 
 * Your system of record generates periodic CSV file exports containing worker data which is available in an Azure File Share. 
 * You want to use an Azure Logic Apps workflow to automatically provision records from the CSV file to your target directory (on-premises Active Directory or Microsoft Entra ID). 
@@ -53,7 +51,7 @@ The steps documented in this section are optional. If you already have an existi
 
 ## Step 2: Configure Azure Function CSV2JSON converter
 
-1. In the browser associated with your Azure portal login, open the Github repository URL - https://github.com/joelbyford/CSVtoJSONcore.
+1. In the browser associated with your Azure portal login, open the GitHub repository URL - https://github.com/joelbyford/CSVtoJSONcore.
 1. Click on the link "Deploy to Azure" to deploy this Azure Function to your Azure tenant.
      :::image type="content" source="media/inbound-provisioning-api-logic-apps/deploy-azure-function.png" alt-text="Screenshot of deploying Azure Function." lightbox="media/inbound-provisioning-api-logic-apps/deploy-azure-function.png":::    
 1. Specify the resource group under which to deploy this Azure function. 
@@ -65,7 +63,8 @@ The steps documented in this section are optional. If you already have an existi
      :::image type="content" source="media/inbound-provisioning-api-logic-apps/web-app-domain-name.png" alt-text="Screenshot of Azure Function Web App domain name." lightbox="media/inbound-provisioning-api-logic-apps/web-app-domain-name.png":::  
 1. Open Postman client to test if the CSVtoJSON endpoint works as expected. Paste the domain name copied from the previous step. Use Content-Type of "text/csv" and post a sample CSV file in the request body to the endpoint: `https://[your-domain-name]/csvtojson`
      :::image type="content" source="media/inbound-provisioning-api-logic-apps/postman-call-to-azure-function.png" alt-text="Screenshot of Postman client calling the Azure Function." lightbox="media/inbound-provisioning-api-logic-apps/postman-call-to-azure-function.png":::  
-1. If the Azure Function deployment is successful, then in the response you will get a JSON version of the CSV file with status 200 OK.
+1. If the Azure Function deployment is successful, then in the response you'll get a JSON version of the CSV file with status 200 OK.
+
      :::image type="content" source="media/inbound-provisioning-api-logic-apps/azure-function-response.png" alt-text="Screenshot of Azure Function response." lightbox="media/inbound-provisioning-api-logic-apps/azure-function-response.png":::  
 1. To allow Logic Apps to invoke this Azure Function, in the CORS setting for the WebApp enter asterisk (*) and "Save" the configuration.
      :::image type="content" source="media/inbound-provisioning-api-logic-apps/azure-function-cors-setting.png" alt-text="Screenshot of Azure Function CORS setting." lightbox="media/inbound-provisioning-api-logic-apps/azure-function-cors-setting.png":::  
@@ -85,7 +84,7 @@ The steps documented in this section are optional. If you already have an existi
 1. For the `Azurefile_access Key` parameter, open your Azure file storage account and copy the access key present under "Security and Networking".  
      :::image type="content" source="media/inbound-provisioning-api-logic-apps/azure-file-access-keys.png" alt-text="Screenshot of Azure File access keys." lightbox="media/inbound-provisioning-api-logic-apps/azure-file-access-keys.png":::  
 1. Click on "Review and Create" option to start the deployment.
-1. Once the deployment is complete, you will see the following message.
+1. Once the deployment is complete, you'll see the following message.
      :::image type="content" source="media/inbound-provisioning-api-logic-apps/logic-apps-deployment-complete.png" alt-text="Screenshot of Azure Logic Apps deployment complete." lightbox="media/inbound-provisioning-api-logic-apps/logic-apps-deployment-complete.png":::  
 
 ## Step 5: Configure system assigned managed identity
@@ -109,8 +108,10 @@ The steps documented in this section are optional. If you already have an existi
 1. If your CSV file content / headers is different, then update the "Parse JSON" step with the JSON output that you can retrieve from your API call to the Azure Function. Use Postman output from Step 2. 
      :::image type="content" source="media/inbound-provisioning-api-logic-apps/parse-json-step.png" alt-text="Screenshot of Parse JSON step." lightbox="media/inbound-provisioning-api-logic-apps/parse-json-step.png":::  
 1. In the step "Construct SCIMUser", ensure that the CSV fields map correctly to the SCIM attributes that will be used for processing.
+
      :::image type="content" source="media/inbound-provisioning-api-logic-apps/construct-scim-user.png" alt-text="Screenshot of Construct SCIM user step." lightbox="media/inbound-provisioning-api-logic-apps/construct-scim-user.png":::  
 1. In the step "Send SCIMBulkPayload to API endpoint" ensure you are using the right API endpoint and authentication mechanism.
+
      :::image type="content" source="media/inbound-provisioning-api-logic-apps/invoke-bulk-upload-api.png" alt-text="Screenshot of invoking bulk upload API with managed identity." lightbox="media/inbound-provisioning-api-logic-apps/invoke-bulk-upload-api.png":::  
 
 ## Step 7: Run trigger and test your Logic Apps workflow 
@@ -121,7 +122,7 @@ The steps documented in this section are optional. If you already have an existi
 1. In the final iteration, you should see the Logic Apps upload data to the inbound provisioning API endpoint. Look for `202 Accept` status code. You can copy-paste and verify the bulk upload request.
      :::image type="content" source="media/inbound-provisioning-api-logic-apps/execution-results.png" alt-text="Screenshot of the Logic Apps execution result." lightbox="media/inbound-provisioning-api-logic-apps/execution-results.png":::  
 
-## Next Steps
+## Next steps
 - [Troubleshoot issues with the inbound provisioning API](inbound-provisioning-api-issues.md)
 - [API-driven inbound provisioning concepts](inbound-provisioning-api-concepts.md)
 - [Frequently asked questions about API-driven inbound provisioning](inbound-provisioning-api-faqs.md)
diff --git a/articles/active-directory/app-provisioning/inbound-provisioning-api-postman.md b/articles/active-directory/app-provisioning/inbound-provisioning-api-postman.md
@@ -15,7 +15,6 @@ ms.reviewer: cmmdesai
 
 # Quickstart API-driven inbound provisioning with Postman (Public preview)
 
-## Introduction
 This tutorial describes how you can quickly test [API-driven inbound provisioning](inbound-provisioning-api-concepts.md) with Postman.
 
 ## Pre-requisites
@@ -35,7 +34,7 @@ In this step, you'll configure the Postman app and invoke the API using the conf
     - [Test-API2AAD.postman_environment.json](https://github.com/AzureAD/entra-id-inbound-provisioning/blob/main/Postman/Test-API2AAD.postman_environment.json) (Environment collection for API-driven provisioning to on-premises AD)- 
     - [Test-API2AD.postman_environment.json](https://github.com/AzureAD/entra-id-inbound-provisioning/blob/main/Postman/Test-API2AD.postman_environment.json) (Environment collection for API-driven provisioning to on-premises AD) 
 1. Use the **Import** option in Postman to import both of these files into your Workspace.  
-     :::image type="content" source="media/inbound-provisioning-api-postman/postman-import-elements.png" alt-text="Postman Import Elements." lightbox="media/inbound-provisioning-api-postman/postman-import-elements.png":::
+     :::image type="content" source="media/inbound-provisioning-api-postman/postman-import-elements.png" alt-text="Screenshot of Postman Import elements." lightbox="media/inbound-provisioning-api-postman/postman-import-elements.png":::
 1. Click the **Environments** menu and open the **Test-API2AAD** environment. 
 1. Retrieve the values of **client_id**, **client_secret**, and **token_endpoint** from your registered app.
      :::image type="content" source="media/inbound-provisioning-api-postman/retrieve-authentication-details.png" alt-text="Screenshot of registered app." lightbox="media/inbound-provisioning-api-postman/retrieve-authentication-details.png":::
@@ -48,9 +47,9 @@ In this step, you'll configure the Postman app and invoke the API using the conf
 1. From the **Environment** dropdown, select **Test-API2AAD**.
 1. Select the **Authorization** tab associated with the collection. 
 1. Make sure that authorization is configured to use OAuth settings. 
-     :::image type="content" source="media/inbound-provisioning-api-postman/provisioning-oauth-configuration.png" alt-text="Provisioning OAuth configuration." lightbox="media/inbound-provisioning-api-postman/provisioning-oauth-configuration.png":::
+     :::image type="content" source="media/inbound-provisioning-api-postman/provisioning-oauth-configuration.png" alt-text="Screenshot of Provisioning OAuth configuration." lightbox="media/inbound-provisioning-api-postman/provisioning-oauth-configuration.png":::
 1. The **Advanced options** section should show the following configuration:
-     :::image type="content" source="media/inbound-provisioning-api-postman/provisioning-advanced-options.png" alt-text="Provisioning Advanced options." lightbox="media/inbound-provisioning-api-postman/provisioning-advanced-options.png":::
+     :::image type="content" source="media/inbound-provisioning-api-postman/provisioning-advanced-options.png" alt-text="Screenshot of Provisioning Advanced options." lightbox="media/inbound-provisioning-api-postman/provisioning-advanced-options.png":::
 1. Click on **Get New Access Token** to initiate the process to procure an access token. 
 1. Select the option **Use Token** to use the access token with all requests in this collection. 
      >[!NOTE]
@@ -239,7 +238,7 @@ The bulk request shown below uses the SCIM standard Core User and Enterprise Use
 }
 ```
 
-## Next Steps
+## Next steps
 - [Troubleshoot issues with the inbound provisioning API](inbound-provisioning-api-issues.md)
 - [API-driven inbound provisioning concepts](inbound-provisioning-api-concepts.md)
 - [Frequently asked questions about API-driven inbound provisioning](inbound-provisioning-api-faqs.md)
diff --git a/articles/active-directory/app-provisioning/inbound-provisioning-api-powershell.md b/articles/active-directory/app-provisioning/inbound-provisioning-api-powershell.md
@@ -15,8 +15,6 @@ ms.reviewer: cmmdesai
 
 # API-driven inbound provisioning with PowerShell script (Public preview)
 
-## Introduction
-
 This tutorial describes how to use a PowerShell script to implement Microsoft Entra ID [API-driven inbound provisioning](inbound-provisioning-api-concepts.md). Using the steps in this tutorial, you can convert a CSV file containing HR data into a bulk request payload and send it to the Microsoft Entra ID provisioning [/bulkUpload](/graph/api/synchronization-synchronizationjob-post-bulkupload) API endpoint. 
 
 ## How to use this tutorial
@@ -26,7 +24,7 @@ This tutorial addresses the following integration scenario:
 * You want to use an unattended PowerShell script to automatically provision records from the CSV file to your target directory (on-premises Active Directory or Microsoft Entra ID). 
 * The PowerShell script simply reads data from the CSV file and uploads it to the provisioning API endpoint. The API-driven inbound provisioning app configured in Microsoft Entra ID performs the task of applying your IT managed provisioning rules to create/update/enable/disable accounts in the target directory.
 
-:::image type="content" source="media/inbound-provisioning-api-powershell/powershell-integration-overview.png" alt-text="Architecture overview of PowerShell-based integration." lightbox="media/inbound-provisioning-api-powershell/powershell-integration-overview.png":::
+:::image type="content" source="media/inbound-provisioning-api-powershell/powershell-integration-overview.png" alt-text="Graphic of PowerShell-based integration." lightbox="media/inbound-provisioning-api-powershell/powershell-integration-overview.png":::
 
 Here is a list of automation tasks associated with this integration scenario and how you can implement it by customizing the sample script published in the [Microsoft Entra ID inbound provisioning GitHub repository](https://github.com/AzureAD/entra-id-inbound-provisioning/tree/main/PowerShell/CSV2SCIM). 
 
@@ -58,7 +56,7 @@ Here is a list of automation tasks associated with this integration scenario and
      - csv-with-1000-records.csv (sample CSV file with 1000 records)
      - Test-ScriptCommands.ps1 (sample usage commands)
      - UseClientCertificate.ps1 (script to generate self-signed certificate and upload it as service principal credential for use in OAuth flow)
-     - Sample1 (folder with more examples of how CSV file columns can be mapped to SCIM standard attributes. If you get different CSV files for employees, contractors, interns, you can create a separate AttributeMapping.psd1 file for each entity.)
+     - `Sample1` (folder with more examples of how CSV file columns can be mapped to SCIM standard attributes. If you get different CSV files for employees, contractors, interns, you can create a separate AttributeMapping.psd1 file for each entity.)
 1. Download and install the latest version of PowerShell. 
 1. Run the command to enable execution of remote signed scripts: 
     ```powershell
@@ -155,7 +153,7 @@ This section explains how to send the generated bulk request payload to your inb
     ```
     You should see the certificate under the **Certificates & secrets** blade of your registered app. 
     :::image type="content" source="media/inbound-provisioning-api-powershell/client-certificate.png" alt-text="Screenshot of client certificate." lightbox="media/inbound-provisioning-api-powershell/client-certificate.png":::
-1. Add the following two **Application** permission scopes to the service principal app: **Application.Read.All** and **Synchronization.Read.All**. These are required for the PowerShell script to lookup the provisioning app by `ServicePrincipalId` and fetch the provisioning `JobId`.
+1. Add the following two **Application** permission scopes to the service principal app: **Application.Read.All** and **Synchronization.Read.All**. These are required for the PowerShell script to look up the provisioning app by `ServicePrincipalId` and fetch the provisioning `JobId`.
 
 ## Upload bulk request payload using client certificate authentication
 
@@ -193,12 +191,12 @@ This section describes how to generate a bulk request with custom SCIM schema na
    .\CSV2SCIM.ps1 -Path '..\Samples\csv-with-2-records.csv' -AttributeMapping $AttributeMapping -ValidateAttributeMapping
    ```
 
-1. In addition to the SCIM Core User and Enterprise User attributes, to get a flat-list of all CSV fields under a a custom SCIM schema namespace `urn:ietf:params:scim:schemas:extension:contoso:1.0:User`, run the following command. 
+1. In addition to the SCIM Core User and Enterprise User attributes, to get a flat-list of all CSV fields under a custom SCIM schema namespace `urn:ietf:params:scim:schemas:extension:contoso:1.0:User`, run the following command. 
    ```powershell
     .\CSV2SCIM.ps1 -Path '..\Samples\csv-with-2-records.csv' -AttributeMapping $AttributeMapping -ScimSchemaNamespace "urn:ietf:params:scim:schemas:extension:contoso:1.0:User"  > BulkRequestPayloadWithCustomNamespace.json
    ```
     The CSV fields will show up under the custom SCIM schema namespace. 
-    :::image type="content" source="media/inbound-provisioning-api-powershell/user-details-under-custom-schema.png" alt-text="Screenshot of user details under custom schema" lightbox="media/inbound-provisioning-api-powershell/user-details-under-custom-schema.png":::
+    :::image type="content" source="media/inbound-provisioning-api-powershell/user-details-under-custom-schema.png" alt-text="Screenshot of user details under custom schema." lightbox="media/inbound-provisioning-api-powershell/user-details-under-custom-schema.png":::
 
 ## Extending provisioning job schema
 
@@ -293,8 +291,8 @@ PS > CSV2SCIM.ps1 -Path <path-to-csv-file>
 [-RestartService]
 ```
 
-[!Important]
->The `AttributeMapping` and `ValidateAttributeMapping` command-line parameters refer to the mapping of CSV column attributes to the standard SCIM schema elements. 
+> [!NOTE]
+> The `AttributeMapping` and `ValidateAttributeMapping` command-line parameters refer to the mapping of CSV column attributes to the standard SCIM schema elements. 
 It doesn't refer to the attribute mappings that you perform in the Entra portal provisioning app between source SCIM schema elements and target Azure AD/on-premises AD attributes. 
 
 | Parameter |    Description | Processing remarks |
@@ -360,7 +358,7 @@ In the next example, we mapped the following columns in the CSV file to their co
 }
 ```
 
-## Next Steps
+## Next steps
 - [Troubleshoot issues with the inbound provisioning API](inbound-provisioning-api-issues.md)
 - [API-driven inbound provisioning concepts](inbound-provisioning-api-concepts.md)
 - [Frequently asked questions about API-driven inbound provisioning](inbound-provisioning-api-faqs.md)
