Merge pull request #113703 from yoelhor/patch-41

shawnmariejones · web-flow · commit 5a4ffc63c303 · 2020-05-07T08:41:56.000-07:00
Update identity-provider-amazon.md
diff --git a/articles/active-directory-b2c/identity-provider-amazon-custom.md b/articles/active-directory-b2c/identity-provider-amazon-custom.md
@@ -9,7 +9,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 10/05/2018
+ms.date: 05/04/2020
 ms.author: mimart
 ms.subservice: B2C
 ---
@@ -25,17 +25,16 @@ This article shows you how to enable sign-in for users from an Amazon account by
 - Complete the steps in [Get started with custom policies](custom-policy-get-started.md).
 - If you don't already have an Amazon account, create one at [https://www.amazon.com/](https://www.amazon.com/).
 
-## Register the application
+## Create an app in the Amazon developer console
 
-To enable sign-in for users from an Amazon account, you need to create an Amazon application.
+To use an Amazon account as a federated identity provider in Azure Active Directory B2C (Azure AD B2C), you need to create an application in your [Amazon Developer Services and Technologies](https://developer.amazon.com). If you don't already have an Amazon account, you can sign up at [https://www.amazon.com/](https://www.amazon.com/).
 
-1. Sign in to the [Amazon Developer Center](https://login.amazon.com/) with your Amazon account credentials.
-2. If you have not already done so, click **Sign Up**, follow the developer registration steps, and accept the policy.
-3. Select **Register new application**.
-4. Enter a **Name**, **Description**, and **Privacy Notice URL**, and then click **Save**. The privacy notice is a page that you manage that provides privacy information to users.
-5. In the **Web Settings** section, copy the values of **Client ID**. Select **Show Secret** to get the client secret and then copy it. You need both of them to configure an Amazon account as an identity provider in your tenant. **Client Secret** is an important security credential.
-6. In the **Web Settings** section, select **Edit**, and then enter `https://your-tenant-name.b2clogin.com` in **Allowed JavaScript Origins** and `https://your-tenant-name.b2clogin.com/your-tenant-name.onmicrosoft.com/oauth2/authresp` in **Allowed Return URLs**. Replace `your-tenant-name` with the name of your tenant. Use all lowercase letters when entering your tenant name even if the tenant is defined with uppercase letters in Azure AD B2C.
-7. Click **Save**.
+> [!NOTE]  
+> Use the following URLs in **step 8** below, replacing `your-tenant-name` with the name of your tenant. When entering your tenant name, use all lowercase letters, even if the tenant is defined with uppercase letters in Azure AD B2C.
+> - For **Allowed Origins**, enter `https://your-tenant-name.b2clogin.com` 
+> - For **Allowed Return URLs**, enter `https://your-tenant-name.b2clogin.com/your-tenant-name.onmicrosoft.com/oauth2/authresp`
+
+[!INCLUDE [identity-provider-amazon-idp-register.md](../../includes/identity-provider-amazon-idp-register.md)]
 
 ## Create a policy key
 
diff --git a/articles/active-directory-b2c/identity-provider-amazon.md b/articles/active-directory-b2c/identity-provider-amazon.md
@@ -9,24 +9,23 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 08/08/2019
+ms.date: 04/05/2020
 ms.author: mimart
 ms.subservice: B2C
 ---
 
 # Set up sign-up and sign-in with an Amazon account using Azure Active Directory B2C
 
-## Create an Amazon application
+## Create an app in the Amazon developer console
 
-To use an Amazon account as an [identity provider](authorization-code-flow.md) in Azure Active Directory B2C (Azure AD B2C), you need to create an application in your tenant that represents it. If you don't already have an Amazon account you can sign up at [https://www.amazon.com/](https://www.amazon.com/).
+To use an Amazon account as a federated identity provider in Azure Active Directory B2C (Azure AD B2C), you need to create an application in your [Amazon Developer Services and Technologies](https://developer.amazon.com). If you don't already have an Amazon account, you can sign up at [https://www.amazon.com/](https://www.amazon.com/).
 
-1. Sign in to the [Amazon Developer Center](https://login.amazon.com/) with your Amazon account credentials.
-1. If you have not already done so, click **Sign Up**, follow the developer registration steps, and accept the policy.
-1. Select **Register new application**.
-1. Enter a **Name**, **Description**, and **Privacy Notice URL**, and then click **Save**. The privacy notice is a page that you manage that provides privacy information to users.
-1. In the **Web Settings** section, copy the values of **Client ID**. Select **Show Secret** to get the client secret and then copy it. You need both of them to configure an Amazon account as an identity provider in your tenant. **Client Secret** is an important security credential.
-1. In the **Web Settings** section, select **Edit**, and then enter `https://your-tenant-name.b2clogin.com` in **Allowed JavaScript Origins** and `https://your-tenant-name.b2clogin.com/your-tenant-name.onmicrosoft.com/oauth2/authresp` in **Allowed Return URLs**. Replace `your-tenant-name` with the name of your tenant. You need to use all lowercase letters when entering your tenant name even if the tenant is defined with uppercase letters in Azure AD B2C.
-1. Click **Save**.
+> [!NOTE]  
+> Use the following URLs in **step 8** below, replacing `your-tenant-name` with the name of your tenant. When entering your tenant name, use all lowercase letters, even if the tenant is defined with uppercase letters in Azure AD B2C.
+> - For **Allowed Origins**, enter `https://your-tenant-name.b2clogin.com` 
+> - For **Allowed Return URLs**, enter `https://your-tenant-name.b2clogin.com/your-tenant-name.onmicrosoft.com/oauth2/authresp`
+
+[!INCLUDE [identity-provider-amazon-idp-register.md](../../includes/identity-provider-amazon-idp-register.md)]
 
 ## Configure an Amazon account as an identity provider
 
diff --git a/includes/identity-provider-amazon-idp-register.md b/includes/identity-provider-amazon-idp-register.md
@@ -0,0 +1,18 @@
+---
+author: msmimart
+ms.service: active-directory-b2c
+ms.subservice: B2C
+ms.topic: include
+ms.date: 05/04/2020
+ms.author: mimart
+---
+
+1. Sign in to the [Amazon Developer Console](https://developer.amazon.com/dashboard) with your Amazon account credentials.
+1. If you have not already done so, click **Sign Up**, follow the developer registration steps, and accept the policy.
+1. From the Dashboard, select **Login with Amazon**.
+1. Select **Create a New Security Profile**.
+1. Enter a **Security Profile Name**, **Security Profile Description**, and **Consent Privacy Notice URL**, for example `https://www.contoso.com/privacy` The privacy notice URL is a page that you manage that provides privacy information to users. Then click **Save**.
+1. In the **Login with Amazon Configurations** section, select the **Security Profile Name** you created, click on the **Manage** icon and select **Web Settings**.
+1. In the **Web Settings** section, copy the values of **Client ID**. Select **Show Secret** to get the client secret and then copy it. You need both of them to configure an Amazon account as an identity provider in your tenant. **Client Secret** is an important security credential.
+1. In the **Web Settings** section, select **Edit**. In **Allowed Origins** and **Allowed Return URLs**, enter the appropriate URLs (noted above). 
+1. Click **Save**.
