MicrosoftDocs
diff --git a/‎articles/healthcare-apis/access-healthcare-apis.md
Lines changed: 3 additions & 1 deletion b/‎articles/healthcare-apis/access-healthcare-apis.md
Lines changed: 3 additions & 1 deletion
diff --git a/‎articles/healthcare-apis/authentication-authorization.md
Lines changed: 3 additions & 1 deletion b/‎articles/healthcare-apis/authentication-authorization.md
Lines changed: 3 additions & 1 deletion
diff --git a/‎articles/healthcare-apis/azure-api-for-fhir/autoscale-azure-api-fhir.md
Lines changed: 9 additions & 3 deletions b/‎articles/healthcare-apis/azure-api-for-fhir/autoscale-azure-api-fhir.md
Lines changed: 9 additions & 3 deletions
diff --git a/‎articles/healthcare-apis/azure-api-for-fhir/azure-active-directory-identity-configuration.md
Lines changed: 12 additions & 10 deletions b/‎articles/healthcare-apis/azure-api-for-fhir/azure-active-directory-identity-configuration.md
Lines changed: 12 additions & 10 deletions
diff --git a/‎articles/healthcare-apis/azure-api-for-fhir/azure-api-fhir-access-token-validation.md
Lines changed: 9 additions & 7 deletions b/‎articles/healthcare-apis/azure-api-for-fhir/azure-api-fhir-access-token-validation.md
Lines changed: 9 additions & 7 deletions
diff --git a/‎articles/healthcare-apis/azure-api-for-fhir/azure-api-fhir-resource-manager-template.md
Lines changed: 4 additions & 2 deletions b/‎articles/healthcare-apis/azure-api-for-fhir/azure-api-fhir-resource-manager-template.md
Lines changed: 4 additions & 2 deletions
diff --git a/‎articles/healthcare-apis/azure-api-for-fhir/azure-api-for-fhir-additional-settings.md
Lines changed: 5 additions & 3 deletions b/‎articles/healthcare-apis/azure-api-for-fhir/azure-api-for-fhir-additional-settings.md
Lines changed: 5 additions & 3 deletions
diff --git a/‎articles/healthcare-apis/azure-api-for-fhir/carin-implementation-guide-blue-button-tutorial.md
Lines changed: 4 additions & 2 deletions b/‎articles/healthcare-apis/azure-api-for-fhir/carin-implementation-guide-blue-button-tutorial.md
Lines changed: 4 additions & 2 deletions
@@ -6,7 +6,7 @@ author: ginalee-dotcom
 ms.service: healthcare-apis
 ms.subservice: fhir
 ms.topic: conceptual
-ms.date: 05/03/2022
+ms.date: 06/06/2022
 ms.author: mikaelw
 ---
 
@@ -43,5 +43,7 @@ In this document, you learned about the tools and programming languages that you
 >[!div class="nextstepaction"]
 >[Deploy Azure Health Data Services workspace using the Azure portal](healthcare-apis-quickstart.md)
 
+FHIR&#174; is a registered trademark of [HL7](https://hl7.org/fhir/) and is used with the permission of HL7.
+
 
 
@@ -5,7 +5,7 @@ services: healthcare-apis
 author: ginalee-dotcom
 ms.service: healthcare-apis
 ms.topic: overview
-ms.date: 03/22/2022
+ms.date: 06/06/2022
 ms.author: ginle
 ---
 
@@ -118,3 +118,5 @@ In this document, you learned the authentication and authorization of Azure Heal
 
 >[!div class="nextstepaction"]
 >[Deploy Azure Health Data Services workspace using the Azure portal](healthcare-apis-quickstart.md)
+
+FHIR&#174; is a registered trademark of [HL7](https://hl7.org/fhir/) and is used with the permission of HL7.
@@ -5,17 +5,17 @@ author: mikaelweave
 ms.service: healthcare-apis
 ms.subservice: fhir
 ms.topic: conceptual
-ms.date: 05/03/2022
+ms.date: 06/02/2022
 ms.author: mikaelw
 ---
 
 # Autoscale for Azure API for FHIR 
 
-The Azure API for FHIR as a managed service allows customers to persist with FHIR compliant healthcare data and exchange it securely through the service API. To accommodate different transaction workloads, customers can use manual scale or autoscale.
+Azure API for FHIR, as a managed service, allows customers to persist with Fast Healthcare Interoperability Resources (FHIR&#174;) compliant healthcare data and exchange it securely through the service API. To accommodate different transaction workloads, customers can use manual scale or autoscale.
 
 ## What is autoscale?
 
-By default, the Azure API for FHIR is set to manual scale. This option works well when the transaction workloads are known and consistent. Customers can adjust the throughput `RU/s` through the portal up to 10,000 and submit a request to increase the limit. 
+By default, Azure API for FHIR is set to manual scale. This option works well when the transaction workloads are known and consistent. Customers can adjust the throughput `RU/s` through the portal up to 10,000 and submit a request to increase the limit. 
 
 The autoscale feature is designed to scale computing resources including the database throughput `RU/s` up and down automatically according to the workloads, thus eliminating the manual steps of adjusting allocated computing resources. 
 
@@ -74,5 +74,11 @@ Keep in mind that this is only an estimate based on data size and that there are
 
 The autoscale feature incurs costs because of managing the provisioned throughput units automatically. The actual costs depend on hourly usage, but keep in mind that there are minimum costs of 10% of `Tmax` for reserved throughput RU/s. However, this cost increase doesn't apply to storage and runtime costs. For information about pricing, see [Azure API for FHIR pricing](https://azure.microsoft.com/pricing/details/azure-api-for-fhir/).
 
+## Next steps
+
+In this document, you learned about the autoscale feature for Azure API for FHIR. For an overview about Azure API for FHIR, see
+
 >[!div class="nextstepaction"]
 >[About Azure API for FHIR](overview.md)
+
+FHIR&#174; is a registered trademark of [HL7](https://hl7.org/fhir/) and is used with the permission of HL7.
@@ -7,34 +7,34 @@ ms.reviewer: matjazl
 ms.service: healthcare-apis
 ms.subservice: fhir
 ms.topic: conceptual
-ms.date: 02/15/2022
+ms.date: 06/02/2022
 ms.author: mikaelw
 ---
 
 # Azure Active Directory identity configuration for Azure API for FHIR
 
-When you're working with healthcare data, it's important to ensure that the data is secure, and it can't be accessed by unauthorized users or applications. FHIR servers use [OAuth 2.0](https://oauth.net/2/) to ensure this data security. The [Azure API for FHIR](https://azure.microsoft.com/services/azure-api-for-fhir/) is secured using [Azure Active Directory](../../active-directory/index.yml), which is an example of an OAuth 2.0 identity provider. This article provides an overview of FHIR server authorization and the steps needed to obtain a token to access a FHIR server. While these steps apply to any FHIR server and any identity provider, we'll walk through Azure API for FHIR as the FHIR server and Azure Active Directory (Azure AD) as our identity provider in this article.
+When you're working with healthcare data, it's important to ensure that the data is secure, and it can't be accessed by unauthorized users or applications. FHIR servers use [OAuth 2.0](https://oauth.net/2/) to ensure this data security. [Azure API for FHIR](https://azure.microsoft.com/services/azure-api-for-fhir/) is secured using [Azure Active Directory](../../active-directory/index.yml), which is an example of an OAuth 2.0 identity provider. This article provides an overview of FHIR server authorization and the steps needed to obtain a token to access a FHIR server. While these steps apply to any FHIR server and any identity provider, we'll walk through Azure API for FHIR as the FHIR server and Azure Active Directory (Azure AD) as our identity provider in this article.
 
 ## Access control overview
 
 In order for a client application to access Azure API for FHIR, it must present an access token. The access token is a signed, [Base64](https://en.wikipedia.org/wiki/Base64) encoded collection of properties (claims) that convey information about the client's identity and roles and privileges granted to the client.
 
 There are many ways to obtain a token, but the Azure API for FHIR doesn't care how the token is obtained as long as it's an appropriately signed token with the correct claims. 
 
-Using [authorization code flow](../../active-directory/azuread-dev/v1-protocols-oauth-code.md) as an example, accessing a FHIR server goes through the four steps:
+For example like when you use [authorization code flow](../../active-directory/azuread-dev/v1-protocols-oauth-code.md), accessing a FHIR server goes through the following four steps:
 
 ![FHIR Authorization](media/azure-ad-hcapi/fhir-authorization.png)
 
 1. The client sends a request to the `/authorize` endpoint of Azure AD. Azure AD will redirect the client to a sign-in page where the user will authenticate using appropriate credentials (for example username and password or two-factor authentication). See details on [obtaining an authorization code](../../active-directory/azuread-dev/v1-protocols-oauth-code.md#request-an-authorization-code). Upon successful authentication, an *authorization code* is returned to the client. Azure AD will only allow this authorization code to be returned to a registered reply URL configured in the client application registration.
 1. The client application exchanges the authorization code for an *access token* at the `/token` endpoint of Azure AD. When you request a token, the client application may have to provide a client secret (the applications password). See details on [obtaining an access token](../../active-directory/azuread-dev/v1-protocols-oauth-code.md#use-the-authorization-code-to-request-an-access-token).
-1. The client makes a request to the Azure API for FHIR, for example `GET /Patient` to search all patients. When making the request, it includes the access token in an HTTP request header, for example `Authorization: Bearer eyJ0e...`, where `eyJ0e...` represents the Base64 encoded access token.
-1. The Azure API for FHIR validates that the token contains appropriate claims (properties in the token). If everything checks out, it will complete the request and return a FHIR bundle with results to the client.
+1. The client makes a request to Azure API for FHIR, for example `GET /Patient`, to search all patients. When the client makes the request, it includes the access token in an HTTP request header, for example `Authorization: Bearer eyJ0e...`, where `eyJ0e...` represents the Base64 encoded access token.
+1. Azure API for FHIR validates that the token contains appropriate claims (properties in the token). If everything checks out, it will complete the request and return a FHIR bundle with results to the client.
 
-It's important to note that the Azure API for FHIR isn't involved in validating user credentials and it doesn't issue the token. The authentication and token creation is done by Azure AD. The Azure API for FHIR simply validates that the token is signed correctly (it's authentic) and that it has appropriate claims.
+It's important to note that  Azure API for FHIR isn't involved in validating user credentials and it doesn't issue the token. The authentication and token creation is done by Azure AD. Azure API for FHIR simply validates that the token is signed correctly (it's authentic) and that it has appropriate claims.
 
 ## Structure of an access token
 
-Development of FHIR applications often involves debugging access issues. If a client is denied access to the Azure API for FHIR, it's useful to understand the structure of the access token and how it can be decoded to inspect the contents (the claims) of the token. 
+Development of Fast Healthcare Interoperability Resources (FHIR&#174;) applications often involves debugging access issues. If a client is denied access to Azure API for FHIR, it's useful to understand the structure of the access token and how it can be decoded to inspect the contents (the claims) of the token. 
 
 FHIR servers typically expect a [JSON Web Token](https://en.wikipedia.org/wiki/JSON_Web_Token) (JWT, sometimes pronounced "jot"). It consists of three parts:
 
@@ -101,11 +101,13 @@ The pertinent sections of the Azure AD documentation are:
     * [Authorization code flow](../../active-directory/develop/v2-oauth2-auth-code-flow.md).
     * [Client credentials flow](../../active-directory/develop/v2-oauth2-client-creds-grant-flow.md).
 
-There are other variations (for example on behalf of flow) for obtaining a token. Check the Azure AD documentation for details. When you use Azure API for FHIR, there are some shortcuts for obtaining an access token (for debugging purposes) [using the Azure CLI](get-healthcare-apis-access-token-cli.md).
+There are other variations (for example due to flow) for obtaining a token. Refer to the [Azure AD documentation](../../active-directory/index.yml) for details. When you use Azure API for FHIR, there are some shortcuts for obtaining an access token (such as for debugging purposes) [using the Azure CLI](get-healthcare-apis-access-token-cli.md).
 
 ## Next steps
 
-In this document, you learned some of the basic concepts involved in securing access to the Azure API for FHIR using Azure AD. For information about how to deploy the Azure API for FHIR service, see.
+In this document, you learned some of the basic concepts involved in securing access to the Azure API for FHIR using Azure AD. For information about how to deploy the Azure API for FHIR service, see
 
 >[!div class="nextstepaction"]
->[Deploy Azure API for FHIR](fhir-paas-portal-quickstart.md)
+>[Deploy Azure API for FHIR](fhir-paas-portal-quickstart.md)
+
+FHIR&#174; is a registered trademark of [HL7](https://hl7.org/fhir/) and is used with the permission of HL7.
@@ -7,7 +7,7 @@ ms.reviewer: matjazl
 ms.service: healthcare-apis
 ms.subservice: fhir
 ms.topic: conceptual
-ms.date: 02/15/2022
+ms.date: 06/02/2022
 ms.author: mikaelw
 ---
 # Azure API for FHIR access token validation
@@ -16,7 +16,7 @@ How Azure API for FHIR validates the access token will depend on implementation
 
 ## Validate token has no issues with identity provider
 
-The first step in the token validation is to verify that the token was issued by the correct identity provider and that it hasn't been modified. The FHIR server will be configured to use a specific identity provider known as the authority `Authority`. The FHIR server will retrieve information about the identity provider from the `/.well-known/openid-configuration` endpoint. When you use Azure AD, the full URL is:
+The first step in the token validation is to verify that the token was issued by the correct identity provider and that it hasn't been modified. The FHIR server will be configured to use a specific identity provider known as the authority `Authority`. The FHIR server will retrieve information about the identity provider from the `/.well-known/openid-configuration` endpoint. When you use Azure Active Directory (Azure AD), the full URL is:
 
 ```
 GET https://login.microsoftonline.com/<TENANT-ID>/.well-known/openid-configuration
@@ -96,12 +96,12 @@ The important properties for the FHIR server are `jwks_uri`, which tells the ser
 
 Once the server has verified the authenticity of the token, the FHIR server will then proceed to validate that the client has the required claims to access the token.
 
-When using the Azure API for FHIR, the server will validate:
+When you use Azure API for FHIR, the server will validate:
 
 1. The token has the right `Audience` (`aud` claim).
 1. The user or principal that the token was issued for is allowed to access the FHIR server data plane. The `oid` claim of the token contains an identity object ID, which uniquely identifies the user or principal.
 
-We recommend that the FHIR service be [configured to use Azure RBAC](configure-azure-rbac.md) to manage data plane role assignments. But you can also [configure local RBAC](configure-local-rbac.md) if your FHIR service uses an external or secondary Azure Active Directory tenant. 
+We recommend that the FHIR service be [configured to use Azure RBAC](configure-azure-rbac.md) to manage data plane role assignments. However, you can also [configure local RBAC](configure-local-rbac.md) if your FHIR service uses an external or secondary Azure AD tenant. 
 
 When you use the OSS Microsoft FHIR server for Azure, the server will validate:
 
@@ -110,10 +110,12 @@ When you use the OSS Microsoft FHIR server for Azure, the server will validate:
 
 Consult details on how to [define roles on the FHIR server](https://github.com/microsoft/fhir-server/blob/master/docs/Roles.md).
 
-A FHIR server may also validate that an access token has the scopes (in token claim `scp`) to access the part of the FHIR API that a client is trying to access. Currently, the Azure API for FHIR and the FHIR server for Azure don't validate token scopes.
+A FHIR server may also validate that an access token has the scopes (in token claim `scp`) to access the part of the FHIR API that a client is trying to access. Currently, Azure API for FHIR and the FHIR server for Azure don't validate token scopes.
 
 ## Next steps
-Now that you know how to walk through token validation, you can complete the tutorial to create a JavaScript application and read FHIR data.
+Now that you know how to walk through token validation, you can complete the tutorial to create a JavaScript application and read Fast Healthcare Interoperability Resources (FHIR&#174;) data.
 
 >[!div class="nextstepaction"]
->[Web application tutorial](tutorial-web-app-fhir-server.md)
+>[Web application tutorial](tutorial-web-app-fhir-server.md)
+
+FHIR&#174; is a registered trademark of [HL7](https://hl7.org/fhir/) and is used with the permission of HL7.
@@ -7,7 +7,7 @@ ms.subservice: fhir
 ms.topic: quickstart
 ms.custom: subject-armqs, devx-track-azurepowershell, mode-api
 ms.author: mikaelw
-ms.date: 05/03/2022
+ms.date: 06/03/2022
 ---
 
 # Quickstart: Use an ARM template to deploy Azure API for FHIR
@@ -245,4 +245,6 @@ In this quickstart guide, you've deployed the Azure API for FHIR into your subsc
 >[Configure CORS](configure-cross-origin-resource-sharing.md)
 
 >[!div class="nextstepaction"]
->[Configure Private Link](configure-private-link.md)
+>[Configure Private Link](configure-private-link.md)
+
+FHIR&#174; is a registered trademark of [HL7](https://hl7.org/fhir/) and is used with the permission of HL7.
@@ -7,7 +7,7 @@ ms.topic: conceptual
 ms.reviewer: matjazl
 ms.author: mikaelw
 author: mikaelweave
-ms.date: 02/15/2022
+ms.date: 06/02/2022
 ---
 
 # Additional settings for Azure API for FHIR
@@ -24,7 +24,7 @@ For more information on how to change the default settings, see [configure datab
 
 ## Access control
 
-The Azure API for FHIR will only allow authorized users to access the FHIR API. You can configure authorized users through two different mechanisms. The primary and recommended way to configure access control is using [Azure role-based access control (Azure RBAC)](../../role-based-access-control/index.yml), which is accessible through the **Access control (IAM)** blade. Azure RBAC only works if you want to secure data plane access using the Azure Active Directory tenant associated with your subscription. If you wish to use a different tenant, the Azure API for FHIR offers a local FHIR data plane access control mechanism. The configuration options aren't as rich when using the local RBAC mechanism. For details, choose one of the following options:
+Azure API for FHIR will only allow authorized users to access the FHIR API. You can configure authorized users through two different mechanisms. The primary and recommended way to configure access control is using [Azure role-based access control (Azure RBAC)](../../role-based-access-control/index.yml), which is accessible through the **Access control (IAM)** blade. Azure RBAC only works if you want to secure data plane access using the Azure Active Directory tenant associated with your subscription. If you wish to use a different tenant, the Azure API for FHIR offers a local FHIR data plane access control mechanism. The configuration options aren't as rich when using the local RBAC mechanism. For details, choose one of the following options:
 
 * [Azure RBAC for FHIR data plane](configure-azure-rbac.md). This is the preferred option when you're using the Azure Active Directory tenant associated with your subscription.
 * [Local FHIR data plane access control](configure-local-rbac.md). Use this option only when you need to use an external Azure Active Directory tenant for data plane access control. 
@@ -51,4 +51,6 @@ In this how-to guide, you set up additional settings for the Azure API for FHIR.
 Next check out the series of tutorials to create a web application that reads FHIR data.
 
 >[!div class="nextstepaction"]
->[Deploy JavaScript application](tutorial-web-app-fhir-server.md)
+>[Deploy JavaScript application](tutorial-web-app-fhir-server.md)
+
+FHIR&#174; is a registered trademark of [HL7](https://hl7.org/fhir/) and is used with the permission of HL7.
@@ -8,7 +8,7 @@ ms.topic: tutorial
 ms.reviewer: matjazl
 ms.author: mikaelw
 author: mikaelweave
-ms.date: 02/15/2022
+ms.date: 06/02/2022
 ---
 
 # CARIN Implementation Guide for Blue Button&#174; for Azure API for FHIR
@@ -75,5 +75,7 @@ The final test we'll walk through is testing [error handling](https://touchstone
 In this tutorial, we walked through how to pass the CARIN IG for Blue Button tests in Touchstone. Next, you can review how to test the Da Vinci formulary tests.
 
 >[!div class="nextstepaction"]
->[DaVinci Drug Formulary](davinci-drug-formulary-tutorial.md)       
+>[DaVinci Drug Formulary](davinci-drug-formulary-tutorial.md)
+
+FHIR&#174; is a registered trademark of [HL7](https://hl7.org/fhir/) and is used with the permission of HL7.