Alt text edit

Author: JamesJBarnett

articles/active-directory/saas-apps/legalforce-tutorial.md

@@ -73,7 +73,7 @@ Complete the following steps to enable Azure AD single sign-on in the Azure port
 
  1. On the **Set up single sign-on with SAML** page, in the **SAML Signing Certificate** section, find **Certificate (PEM)** and select **Download** to download the certificate and save it on your computer.
 
-	![The Certificate download link](common/certificate-base64-download.png "Certificate")
+	![Screenshot of the Certificate download link](common/certificate-base64-download.png "Certificate")
 
 1. On the **Set up LegalForce** section, copy the appropriate URL(s) based on your requirement.
 
@@ -99,4 +99,4 @@ In this section, you test your Azure AD single sign-on configuration with follow
 
 ## Next steps
 
-Once you configure LegalForce you can enforce session control, which protects exfiltration and infiltration of your organization’s sensitive data in real time. Session control extends from Conditional Access. [Learn how to enforce session control with Microsoft Cloud App Security](/cloud-app-security/proxy-deployment-aad).
+Once you configure LegalForce you can enforce session control, which protects exfiltration and infiltration of your organization’s sensitive data in real time. Session control extends from Conditional Access. [Learn how to enforce session control with Microsoft Cloud App Security](/cloud-app-security/proxy-deployment-aad).