Merge pull request #109429 from yoelhor/patch-23

Update secure-rest-api.md

Author: PRMerger8

articles/active-directory-b2c/secure-rest-api.md

@@ -9,7 +9,7 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 03/27/2020
+ms.date: 03/30/2020
 ms.author: mimart
 ms.subservice: B2C
 ---
@@ -182,6 +182,8 @@ The following is an example of a RESTful technical profile configured with an HT
 
 ## OAuth2 bearer authentication 
 
+[!INCLUDE [b2c-public-preview-feature](../../includes/active-directory-b2c-public-preview.md)]
+
 Bearer token authentication is defined in [OAuth2.0 Authorization Framework: Bearer Token Usage (RFC 6750)](https://www.rfc-editor.org/rfc/rfc6750.txt). In bearer token authentication, Azure AD B2C sends an HTTP request with a token in the authorization header.
 
 ```http
@@ -193,6 +195,7 @@ A bearer token is an opaque string. It can be a JWT access token or any string t
 - **Bearer token**. To be able to send the bearer token in the Restful technical profile, your policy needs to first acquire the bearer token and then use it in the RESTful technical profile.  
 - **Static bearer token**. Use this approach when your REST API issues a long-term access token. To use a static bearer token, create a policy key and make a reference from the RESTful technical profile to your policy key. 
 
+
 ## Using OAuth2 Bearer  
 
 The following steps demonstrate how to use client credentials to obtain a bearer token and pass it into the Authorization header of the REST API calls.