incorporate feedback from PR review

Author: cilwerner

articles/active-directory/develop/quickstart-daemon-app-java-acquire-token.md

@@ -19,7 +19,7 @@ ms.custom: aaddev, "scenarios:getting-started", "languages:Java", devx-track-jav
 In this quickstart, you download and run a code sample that demonstrates how a Java application can get an access token using the app's identity to call the Microsoft Graph API and display a [list of users](/graph/api/user-list) in the directory. The code sample demonstrates how an unattended job or Windows service can run with an application identity, instead of a user's identity.
 
 
-![Shows how the sample app generated by this quickstart works](media/quickstart-v2-java-daemon/java-console-daemon.svg)
+![Diagram showing how the sample app generated by this quickstart works.](media/quickstart-v2-java-daemon/java-console-daemon.svg)
 
 ## Prerequisites
 
@@ -132,7 +132,7 @@ After running, the application should display the list of users in the configure
 
 Add MSAL4J to your application by using Maven or Gradle to manage your dependencies by making the following changes to the application's pom.xml (Maven) or build.gradle (Gradle) file.
 
-In pom.xml:
+In *pom.xml*:
 
 ```xml
 <dependency>
@@ -168,11 +168,11 @@ ConfidentialClientApplication cca =
                 .build();
 ```
 
-> | Where: |Description |
-> |---------|---------|
-> | `CLIENT_SECRET` | Is the client secret created for the application in Azure portal. |
-> | `CLIENT_ID` | Is the **Application (client) ID** for the application registered in the Azure portal. You can find this value in the app's **Overview** page in the Azure portal. |
-> | `AUTHORITY`    | The STS endpoint for user to authenticate. Usually `https://login.microsoftonline.com/{tenant}` for public cloud, where {tenant} is the name of your tenant or your tenant Id.|
+| Where: |Description |
+|---------|---------|
+| `CLIENT_SECRET` | Is the client secret created for the application in Azure portal. |
+| `CLIENT_ID` | Is the **Application (client) ID** for the application registered in the Azure portal. You can find this value in the app's **Overview** page in the Azure portal. |
+| `AUTHORITY`    | The STS endpoint for user to authenticate. Usually `https://login.microsoftonline.com/{tenant}` for public cloud, where {tenant} is the name of your tenant or your tenant Id.|
 
 ### Requesting tokens
 
@@ -208,9 +208,9 @@ IAuthenticationResult result;
      return result;
 ```
 
-> |Where:| Description |
-> |---------|---------|
-> | `SCOPE` | Contains the scopes requested. For confidential clients, this should use the format similar to `{Application ID URI}/.default` to indicate that the scopes being requested are the ones statically defined in the app object set in the Azure portal (for Microsoft Graph, `{Application ID URI}` points to `https://graph.microsoft.com`). For custom web APIs, `{Application ID URI}` is defined under the **Expose an API** section in **App registrations** in the Azure portal.|
+|Where:| Description |
+|---------|---------|
+| `SCOPE` | Contains the scopes requested. For confidential clients, this should use the format similar to `{Application ID URI}/.default` to indicate that the scopes being requested are the ones statically defined in the app object set in the Azure portal (for Microsoft Graph, `{Application ID URI}` points to `https://graph.microsoft.com`). For custom web APIs, `{Application ID URI}` is defined under the **Expose an API** section in **App registrations** in the Azure portal.|
 
 [!INCLUDE [Help and support](includes/error-handling-and-tips/help-support-include.md)]
 

articles/active-directory/develop/quickstart-daemon-app-python-acquire-token.md

@@ -19,7 +19,7 @@ ms.custom: aaddev, identityplatformtop40, devx-track-python, "scenarios:getting-
 
 In this quickstart, you download and run a code sample that demonstrates how a Python application can get an access token using the app's identity to call the Microsoft Graph API and display a [list of users](/graph/api/user-list) in the directory. The code sample demonstrates how an unattended job or Windows service can run with an application identity, instead of a user's identity. 
 
-![Shows how the sample app generated by this quickstart works](media/quickstart-v2-python-daemon/python-console-daemon.svg)
+![Diagram showing how the sample app generated by this quickstart works.](media/quickstart-v2-python-daemon/python-console-daemon.svg)
 
 ## Prerequisites
 
@@ -142,11 +142,11 @@ app = msal.ConfidentialClientApplication(
     client_credential=config["secret"])
 ```
 
-> | Where: |Description |
-> |---------|---------|
-> | `config["secret"]` | Is the client secret created for the application in Azure portal. |
-> | `config["client_id"]` | Is the **Application (client) ID** for the application registered in the Azure portal. You can find this value in the app's **Overview** page in the Azure portal. |
-> | `config["authority"]`    | The STS endpoint for user to authenticate. Usually `https://login.microsoftonline.com/{tenant}` for public cloud, where {tenant} is the name of your tenant or your tenant Id.|
+| Where: |Description |
+|---------|---------|
+| `config["secret"]` | Is the client secret created for the application in Azure portal. |
+| `config["client_id"]` | Is the **Application (client) ID** for the application registered in the Azure portal. You can find this value in the app's **Overview** page in the Azure portal. |
+| `config["authority"]`    | The STS endpoint for user to authenticate. Usually `https://login.microsoftonline.com/{tenant}` for public cloud, where {tenant} is the name of your tenant or your tenant Id.|
 
 For more information, please see the [reference documentation for `ConfidentialClientApplication`](https://msal-python.readthedocs.io/en/latest/#confidentialclientapplication).
 
@@ -163,9 +163,9 @@ if not result:
     result = app.acquire_token_for_client(scopes=config["scope"])
 ```
 
-> |Where:| Description |
-> |---------|---------|
-> | `config["scope"]` | Contains the scopes requested. For confidential clients, this should use the format similar to `{Application ID URI}/.default` to indicate that the scopes being requested are the ones statically defined in the app object set in the Azure portal (for Microsoft Graph, `{Application ID URI}` points to `https://graph.microsoft.com`). For custom web APIs, `{Application ID URI}` is defined under the **Expose an API** section in **App registrations** in the Azure portal.|
+|Where:| Description |
+|---------|---------|
+| `config["scope"]` | Contains the scopes requested. For confidential clients, this should use the format similar to `{Application ID URI}/.default` to indicate that the scopes being requested are the ones statically defined in the app object set in the Azure portal (for Microsoft Graph, `{Application ID URI}` points to `https://graph.microsoft.com`). For custom web APIs, `{Application ID URI}` is defined under the **Expose an API** section in **App registrations** in the Azure portal.|
 
 For more information, please see the [reference documentation for `AcquireTokenForClient`](https://msal-python.readthedocs.io/en/latest/#msal.ConfidentialClientApplication.acquire_token_for_client).
 

articles/active-directory/develop/quickstart-desktop-app-uwp-sign-in.md

@@ -95,7 +95,7 @@ When the app's window appears, you can select the **Call Microsoft Graph API** b
 
 ## How the sample works
 
-![Shows how the sample app generated by this quickstart works](media/quickstart-v2-uwp/uwp-intro.svg)
+![Diagram showing how the sample app generated by this quickstart works.](media/quickstart-v2-uwp/uwp-intro.svg)
 
 ### MSAL.NET
 

articles/active-directory/develop/quickstart-desktop-app-wpf-sign-in.md

@@ -95,7 +95,7 @@ If you're running the application for the first time, you'll be prompted to prov
 ## More information
 
 ### How the sample works
-![Shows how the sample app generated by this quickstart works](media/quickstart-v2-windows-desktop/windesktop-intro.svg)
+![Diagram showing how the sample app generated by this quickstart works.](media/quickstart-v2-windows-desktop/windesktop-intro.svg)
 
 ### MSAL.NET
 MSAL ([Microsoft.Identity.Client](https://www.nuget.org/packages/Microsoft.Identity.Client)) is the library used to sign in users and request tokens used to access an API protected by Microsoft identity platform. You can install MSAL by running the following command in Visual Studio's **Package Manager Console**:

articles/active-directory/develop/quickstart-mobile-app-android-sign-in.md

@@ -38,7 +38,7 @@ Select your emulator, or physical device, from Android Studio's **available devi
 
 The sample app starts on the **Single Account Mode** screen. A default scope, **user.read**, is provided by default, which is used when reading your own profile data during the Microsoft Graph API call. The URL for the Microsoft Graph API call is provided by default. You can change both of these if you wish.
 
-![MSAL sample app showing single and multiple account usage](media/quickstart-v2-android/quickstart-sample-app.png)
+![Screenshot of the MSAL sample app showing single and multiple account usage.](media/quickstart-v2-android/quickstart-sample-app.png)
 
 Use the app menu to change between single and multiple account modes.
 
@@ -51,7 +51,7 @@ In multiple account mode, you can repeat the same steps. Additionally, you can r
 
 ## How the sample works
 
-![Screenshot of the sample app](media/quickstart-v2-android/android-intro.svg)
+![Diagram showing how the sample app generated by this quickstart works.](media/quickstart-v2-android/android-intro.svg)
 
 The code is organized into fragments that show how to write a single and multiple accounts MSAL app. The code files are organized as follows:
 

articles/active-directory/develop/quickstart-mobile-app-ios-sign-in.md

@@ -30,7 +30,7 @@ The quickstart applies to both iOS and macOS apps. Some steps are needed only fo
 
 ## How the sample works
 
-![Shows how the sample app generated by this quickstart works](media/quickstart-v2-ios/ios-intro.svg)
+![Diagram showing how the sample app generated by this quickstart works.](media/quickstart-v2-ios/ios-intro.svg)
 
 ## Register and download your quickstart app
 You have two options to start your quickstart application:

articles/active-directory/develop/quickstart-single-page-app-angular-sign-in.md

@@ -38,7 +38,7 @@ To start your quickstart application, use either of the following options.
 
 ### Option 1 (Express): Register and auto configure your app and then download your code sample
 
-1. Go to the <a href="https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade/quickStartType/AngularSpaQuickstartPage/sourceType/docs" target="_blank">Azure portal - App registrations</a> quickstart experience.
+1. Go to the [Azure portal - App registrations]("https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade/quickStartType/AngularSpaQuickstartPage/sourceType/docs) quickstart experience.
 1. Enter a name for your application.
 1. Under **Supported account types**, select **Accounts in any organizational directory and personal Microsoft accounts**.
 1. Select **Register**.
@@ -48,7 +48,7 @@ To start your quickstart application, use either of the following options.
 
 #### Step 1: Register your application
 
-1. Sign in to the <a href="https://portal.azure.com/" target="_blank">Azure portal</a>.
+1. Sign in to the [Azure portal](https://portal.azure.com/).
 1. If you have access to multiple tenants, use the **Directories + subscriptions** filter :::image type="icon" source="media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant in which you want to register the application.
 1. Search for and select **Azure Active Directory**.
 1. Under **Manage**, select **App registrations** > **New registration**.

articles/active-directory/develop/quickstart-single-page-app-javascript-sign-in.md

@@ -37,7 +37,7 @@ To start your quickstart application, use either of the following options.
 
 ### Option 1 (Express): Register and auto configure your app and then download your code sample
 
-1. Go to the <a href="https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade/quickStartType/JavascriptSpaQuickstartPage/sourceType/docs" target="_blank">Azure portal - App registrations</a>.
+1. Go to the [Azure portal - App registrations]("https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade/quickStartType/AngularSpaQuickstartPage/sourceType/docs) quickstart experience.
 1. Enter a name for your application.
 1. Under **Supported account types**, select **Accounts in any organizational directory and personal Microsoft accounts**.
 1. Select **Register**.
@@ -47,7 +47,7 @@ To start your quickstart application, use either of the following options.
 
 #### Step 1: Register your application
 
-1. Sign in to the <a href="https://portal.azure.com/" target="_blank">Azure portal</a>.
+1. Sign in to the [Azure portal](https://portal.azure.com/).
 1. If you have access to multiple tenants, use the **Directories + subscriptions** filter :::image type="icon" source="media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant in which you want to register the application.
 1. Search for and select **Azure Active Directory**.
 1. Under **Manage**, select **App registrations** > **New registration**.

articles/active-directory/develop/quickstart-single-page-app-react-sign-in.md

@@ -38,7 +38,7 @@ To start your quickstart application, use either of the following options.
 
 ### Option 1 (Express): Register and auto configure your app and then download your code sample
 
-1. Go to the <a href="https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade/quickStartType/ReactSpaQuickstartPage/sourceType/docs" target="_blank">Azure portal - App registrations</a> quickstart experience.
+1. Go to the [Azure portal - App registrations]("https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade/quickStartType/AngularSpaQuickstartPage/sourceType/docs) quickstart experience.
 1. Enter a name for your application.
 1. Under **Supported account types**, select **Accounts in any organizational directory and personal Microsoft accounts**.
 1. Select **Register**.
@@ -50,7 +50,7 @@ To start your quickstart application, use either of the following options.
 
 [!INCLUDE [portal updates](~/articles/active-directory/includes/portal-update.md)]
 
-1. Sign in to the <a href="https://portal.azure.com/" target="_blank">Azure portal</a>.
+1. Sign in to the [Azure portal](https://portal.azure.com/).
 1. If you have access to multiple tenants, use the **Directories + subscriptions** filter :::image type="icon" source="media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant in which you want to register the application.
 1. Search for and select **Azure Active Directory**.
 Under **Manage**, select **App registrations** > **New registration**.

articles/active-directory/develop/quickstart-web-app-aspnet-core-sign-in.md

@@ -86,7 +86,7 @@ A prompt for credentials will appear, and then a request for consent to the perm
 
 After consenting to the requested permissions, the app displays that sign-in has been successful using correct Azure Active Directory credentials. The user's account email address will be displayed in the *API result* section of the page. This was extracted using the Microsoft Graph API.
 
-:::image type="content" source="media/quickstart-v2-aspnet-core-webapp-calls-graph/webapp-02-signed-in.png" alt-text="Web browser displaying the running web app and the user signed in":::
+:::image type="content" source="media/quickstart-v2-aspnet-core-webapp-calls-graph/webapp-02-signed-in.png" alt-text="Screenshot of the web browser displaying the running web app and the user signed in.":::
 
 ## More information