edit pass: content-pattern-and-metadata-edits-for-app-service-376111

Author: ShawnJackson

articles/app-service/configure-authentication-customize-sign-in-out.md

@@ -56,7 +56,7 @@ The token format varies slightly according to the provider:
 | Provider value | Required in request body | Comments |
 |-|-|-|
 | `aad` | `{"access_token":"<access_token>"}` | The `id_token`, `refresh_token`, and `expires_in` properties are optional. |
-| `microsoftaccount` | `{"access_token":"<access_token>"}` or `{"authentication_token": "<token>"`| `authentication_token` is preferred over `access_token`. The `expires_in` property is optional. <br/> When you're requesting the token from Live services, always request the `wl.basic` scope. |
+| `microsoftaccount` | `{"access_token":"<access_token>"}` or `{"authentication_token": "<token>"`| `authentication_token` is preferred over `access_token`. The `expires_in` property is optional. <br/><br/>When you're requesting the token from Live services, always request the `wl.basic` scope. |
 | `google` | `{"id_token":"<id_token>"}` | The `authorization_code` property is optional. Providing an `authorization_code` value adds an access token and a refresh token to the token store. When you specify `authorization_code`, you can optionally accompany it with a `redirect_uri` property. |
 | `facebook`| `{"access_token":"<user_access_token>"}` | Use a valid [user access token](https://developers.facebook.com/docs/facebook-login/access-tokens) from Facebook. |
 | `twitter` | `{"access_token":"<access_token>", "access_token_secret":"<access_token_secret>"}` | |
@@ -91,7 +91,7 @@ Users can initiate a sign-out by sending a `GET` request to the app's `/.auth/lo
 - Deletes the current user's tokens from the token store.
 - For Microsoft Entra and Google, performs a server-side sign-out on the identity provider.
 
-Here's a simple sign-out link in a webpage:
+Here's a simple sign-out link on a webpage:
 
 ```html
 <a href="/.auth/logout">Sign out</a>

articles/app-service/configure-authentication-provider-openid-connect.md

@@ -19,10 +19,10 @@ You can configure your app to use one or more OIDC providers. Each must have a u
 
 ## <a name="register"> </a>Register your application with the identity provider
 
-Your provider requires you to register the details of your application with it. One of these steps involves specifying a redirect URI that has the form `<app-url>/.auth/login/<provider-name>/callback`. Each identity provider should provide more instructions on how to complete these steps. The `<provider-name>` value refers to the friendly name that you give to the OpenID provider name in Azure.
+Your provider requires you to register the details of your application with it. One of these steps involves specifying a redirect URI that has the form `<app-url>/.auth/login/<provider-name>/callback`. Each identity provider should provide more instructions on how to complete the steps. The `<provider-name>` value refers to the friendly name that you give to the OpenID provider name in Azure.
 
 > [!NOTE]
-> Some providers might require additional steps for their configuration and for how to use the values that they provide. For example, Apple provides a private key that isn't itself used as the OIDC client secret. You instead must use it to craft a JSON Web Token (JWT) that's treated as the secret that you provide in your app configuration. For more information, see [Creating a client secret](https://developer.apple.com/documentation/sign_in_with_apple/generate_and_validate_tokens) in the Apple developer documentation.
+> Some providers might require additional steps for their configuration and for using the values that they provide. For example, Apple provides a private key that isn't itself used as the OIDC client secret. You instead must use it to craft a JSON Web Token (JWT) that's treated as the secret that you provide in your app configuration. For more information, see [Creating a client secret](https://developer.apple.com/documentation/sign_in_with_apple/generate_and_validate_tokens) in the Apple developer documentation.
 
 You need to collect a *client ID* and a *client secret* for your application. The client secret is an important security credential. Don't share this secret with anyone or distribute it within a client application.
 
@@ -47,7 +47,7 @@ If you can't use a configuration metadata document, gather the following values
 
 1. If you have the URL for the metadata document from the identity provider, provide that value for **Metadata URL**. Otherwise, select the **Provide endpoints separately** option and put each URL gathered from the identity provider in the appropriate field.
 
-1. Provide the earlier collected **Client ID** and **Client Secret** values in the appropriate fields.
+1. Provide the values that you collected earlier for **Client ID** and **Client Secret**.
 
 1. Specify an application setting name for your client secret. Your client secret is stored as an app setting to ensure that secrets are stored in a secure fashion. You can update that setting later to use [Azure Key Vault references](./app-service-key-vault-references.md) if you want to manage the secret in Key Vault.
 

articles/app-service/configure-language-php.md

@@ -92,7 +92,7 @@ az webapp config set --resource-group <resource-group-name> --name <app-name> --
 
 If you want App Service to run [Composer](https://getcomposer.org/) at deployment time, the easiest way is to include Composer in your repository.
 
-From a local terminal window, change the directory to your repository root. Then, follow the instructions at [download Composer](https://getcomposer.org/download/) to download `composer.phar` to the directory root.
+From a local terminal window, change the directory to your repository root. Then, follow the instructions at [Download Composer](https://getcomposer.org/download/) to download `composer.phar` to the directory root.
 
 Run the following commands. To run them, you need [npm](https://www.npmjs.com/get-npm) installed.
 
@@ -233,7 +233,7 @@ For more information on how App Service runs and builds PHP apps in Linux, see t
 
 ## Customize startup
 
-If you want, you can run a custom command at the container startup time, by running the following command in [Cloud Shell](https://shell.azure.com):
+If you want, you can run a custom command at the container startup time. Run the following command in [Cloud Shell](https://shell.azure.com):
 
 ```azurecli-interactive
 az webapp config set --resource-group <resource-group-name> --name <app-name> --startup-file "<custom-command>"
@@ -439,18 +439,18 @@ The built-in PHP installations contain the most commonly used extensions. You ca
 > [!NOTE]
 > The best way to see the PHP version and the current `php.ini` configuration is to call [`phpinfo()`](https://php.net/manual/function.phpinfo.php) in your app.
 
-To enable additional extensions, use the following steps.
+To enable additional extensions, use the following steps:
 
-Add a `bin` directory to the root directory of your app, and put the `.dll` extension files in it (for example, `mongodb.dll`). Make sure that the extensions are compatible with the PHP version in Azure, and that they're VC9 and non-thread-safe (NTS) compatible.
+1. Add a `bin` directory to the root directory of your app, and put the `.dll` extension files in it (for example, `mongodb.dll`). Make sure that the extensions are compatible with the PHP version in Azure, and that they're VC9 and non-thread-safe (NTS) compatible.
 
-Deploy your changes.
+1. Deploy your changes.
 
-Follow the steps in [Customize PHP_INI_SYSTEM directives](#customize-php_ini_system-directives), and add the extensions into the custom .ini file with the [extension](https://www.php.net/manual/ini.core.php#ini.extension) or [zend_extension](https://www.php.net/manual/ini.core.php#ini.zend-extension) directive:
+1. Follow the steps in [Customize PHP_INI_SYSTEM directives](#customize-php_ini_system-directives), and add the extensions into the custom .ini file with the [extension](https://www.php.net/manual/ini.core.php#ini.extension) or [zend_extension](https://www.php.net/manual/ini.core.php#ini.zend-extension) directive:
 
-```
-extension=d:\home\site\wwwroot\bin\mongodb.dll
-zend_extension=d:\home\site\wwwroot\bin\xdebug.dll
-```
+   ```
+   extension=d:\home\site\wwwroot\bin\mongodb.dll
+   zend_extension=d:\home\site\wwwroot\bin\xdebug.dll
+   ```
 
 For the changes to take effect, restart the app.
 
@@ -463,18 +463,18 @@ The built-in PHP installations contain the most commonly used extensions. You ca
 > [!NOTE]
 > The best way to see the PHP version and the current `php.ini` configuration is to call [`phpinfo()`](https://php.net/manual/function.phpinfo.php) in your app.
 
-To enable additional extensions, use the following steps.
+To enable additional extensions, use the following steps:
 
-Add a `bin` directory to the root directory of your app, and put the `.so` extension files in it (for example, `mongodb.so`). Make sure that the extensions are compatible with the PHP version in Azure, and that they're VC9 and non-thread-safe (NTS) compatible.
+1. Add a `bin` directory to the root directory of your app, and put the `.so` extension files in it (for example, `mongodb.so`). Make sure that the extensions are compatible with the PHP version in Azure, and that they're VC9 and non-thread-safe (NTS) compatible.
 
-Deploy your changes.
+1. Deploy your changes.
 
-Follow the steps in [Customize PHP_INI_SYSTEM directives](#customize-php_ini_system-directives), and add the extensions into the custom .ini file with the [extension](https://www.php.net/manual/ini.core.php#ini.extension) or [zend_extension](https://www.php.net/manual/ini.core.php#ini.zend-extension) directive:
+1. Follow the steps in [Customize PHP_INI_SYSTEM directives](#customize-php_ini_system-directives), and add the extensions into the custom .ini file with the [extension](https://www.php.net/manual/ini.core.php#ini.extension) or [zend_extension](https://www.php.net/manual/ini.core.php#ini.zend-extension) directive:
 
-```ini
-extension=/home/site/wwwroot/bin/mongodb.so
-zend_extension=/home/site/wwwroot/bin/xdebug.so
-```
+   ```ini
+   extension=/home/site/wwwroot/bin/mongodb.so
+   zend_extension=/home/site/wwwroot/bin/xdebug.so
+   ```
 
 For the changes to take effect, restart the app.
 

articles/app-service/environment/ase-multi-tenant-comparison.md

@@ -22,7 +22,7 @@ This article compares the differentiating features of App Service Environment v3
 |[Pricing tiers](https://azure.microsoft.com/pricing/details/app-service/windows/) |Isolated v2.        |Free, Basic, Standard, Premium v2, Premium v3.        |
 |Dedicated host group|[Available](overview.md#dedicated-environment). |Not available. |
 |Remote file storage|Fully dedicated to the App Service Environment. |Remote file storage for the application is dedicated, but the storage is hosted on a shared file server. |
-|Private inbound configuration|Yes, using the Internal Load Balancer (ILB) App Service Environment variation. |Yes, via private endpoint. |
+|Private inbound configuration|Yes, using the internal load balancer (ILB) App Service Environment variation. |Yes, via private endpoint. |
 |Planned maintenance|[Manual upgrade preference is available](how-to-upgrade-preference.md). |[The platform handles maintenance](../../app-service/routine-maintenance.md). |
 |Aggregate storage limit for remote file shares|1 TB for all apps in App Service Environment v3.|250 GB for all apps in a single App Service plan. 500 GB for all apps across all App Service plans in a single resource group.|
 
@@ -57,7 +57,7 @@ However, App Service Environment v3 is a dedicated environment. Even though it c
 |Feature  |App Service Environment v3  |App Service public multitenant  |
 |---------|---------|---------|
 |Virtual network integration|Yes. App Service Environment v3 is deployed into a subnet in your virtual network by default. |Supported, but [must be explicitly enabled](../../app-service/networking-features.md).|
-|Private endpoint support|Yes, but [must be explicitly enabled on the App Service Environment](networking.md#private-endpoint). |Yes, but [must be explicitly enabled](../../app-service/networking-features.md#private-endpoint). |
+|Private endpoint support|Yes, but [must be explicitly enabled in the App Service Environment](networking.md#private-endpoint). |Yes, but [must be explicitly enabled](../../app-service/networking-features.md#private-endpoint). |
 |IP access restrictions for inbound traffic|Yes, but [must be explicitly enabled](../../app-service/networking-features.md#access-restrictions). |Yes, but [must be explicitly enabled](../../app-service/networking-features.md#access-restrictions). |
 |Network security group (NSG) integration|Supports inbound and outbound traffic control. |Can use NSG for inbound traffic control via the subnet that sourced the IP of a private endpoint. (Note that the feature requires private endpoints.) Supports outbound network restrictions with NSG on the virtual network integration subnet. |
 |User-defined route (UDR) integration|Supports outbound traffic routing, but [must be explicitly enabled](networking.md#network-routing). |Supports outbound traffic routing, but [must be explicitly enabled](../../app-service/networking-features.md). |

articles/app-service/overview-local-cache.md

@@ -33,12 +33,12 @@ Azure App Service content is stored on Azure Storage and is exposed as a durable
 
 Although many apps use one or more of these features, some apps need a high-performance, read-only content store that they can run from with high availability. Such apps can benefit from running against a local cache on the VM instance.
 
-The *local cache* feature in Azure App Service provides a web role view of your content. This content is a write-but-discard cache of your storage content that's created asynchronously at site startup. When the cache is ready, the site switches to run against the cached content.
+The local cache feature in Azure App Service provides a web role view of your content. This content is a write-but-discard cache of your storage content that's created asynchronously at site startup. When the cache is ready, the site switches to run against the cached content.
 
 Apps running with a local cache benefit in these ways:
 
 - They're immune to latencies associated with accessing content on Azure Storage.
-- They aren't affected by problems with connecting to the storage, because the read-only copy is cached locally.
+- Problems with connecting to the storage don't affect them, because the read-only copy is cached locally.
 - They experience fewer app restarts from changes in the storage share.
 
 > [!NOTE]
@@ -65,7 +65,7 @@ Configuring a local cache causes these changes:
 - The best-effort copy affects [log streaming](troubleshoot-diagnostic-logs.md#stream-logs). You might observe up to a one-minute delay in streamed logs.
 - In the shared content store, the folder structure for `LogFiles` and `Data` changes for apps that use a local cache. There are now subfolders with names that consist of a unique identifier and a time stamp. Each subfolder corresponds to a VM instance where the app is or was running.
 - Other folders in `D:\home` remain in the local cache and aren't copied to the shared content store.
-- App deployments via any supported method publish directly to the durable shared content store. To refresh the `D:\home\site` and `D:\home\siteextensions` folders in the local cache, you must restart the app. For a seamless life cycle, see the [section about best practices](#best-practices-for-using-a-local-cache) later in this article.
+- App deployments via any supported method publish directly to the durable shared content store. To refresh the `D:\home\site` and `D:\home\siteextensions` folders in the local cache, you must restart the app. For a seamless life cycle, see the [section about best practices](#best-practices-for-using-app-service-local-cache) later in this article.
 - The default content view of the SCM site continues to reflect the shared content store.
 
 > [!NOTE]
@@ -127,7 +127,7 @@ Sticky settings are tied to the slot. When the staging slot is swapped into prod
 
 ### What if I exceed the size limit for the local cache?
 
-If the copied files exceed the size limit of the local cache, the app reverts to reading from the remote share.
+If the copied files exceed the size limit of the local cache, the app reverts to reading from the remote share. The following table shows the details.
 
 | Local cache size | Copied files         | Result                                                                                          |
 | -------------------- | ------------------------ | --------------------------------------------------------------------------------------------------- |
@@ -150,7 +150,7 @@ When you're using a local cache with staging environments, the swap operation do
 
 ### Why doesn't my app reflect newly published changes?
 
-If your app uses a local cache, you must restart the site to load the latest changes. If you prefer not to publish changes directly to your production site, consider using deployment slots as described in the [earlier section about best practices](#best-practices-for-using-a-local-cache).
+If your app uses a local cache, you must restart the site to load the latest changes. If you prefer not to publish changes directly to your production site, consider using deployment slots as described in the [earlier section about best practices](#best-practices-for-using-app-service-local-cache).
 
 > [!NOTE]
 > The [run from package](deploy-run-package.md) deployment option isn't compatible with the local cache feature.
@@ -159,7 +159,7 @@ If your app uses a local cache, you must restart the site to load the latest cha
 
 When you're using a local cache, the structure of your log and data folders changes slightly. The subfolders are now nested under a folder that's named with the unique VM identifier and a time stamp. Each of these folders corresponds to the VM instance where the app is or was running.
 
-### Why does my app still get restarted with a local cache enabled?
+### Why does my app still restart with a local cache enabled?
 
 A local cache helps prevent storage-related app restarts. However, your app might still restart during planned infrastructure upgrades on the VM. Overall, you should observe fewer restarts with a local cache enabled.
 
@@ -173,7 +173,7 @@ To flush the local cache logs, stop and restart the app. This action clears the
 
 ### Why does App Service show previously deployed files after a restart when a local cache is enabled?
 
-If previously deployed files reappear after a restart, check for the presence of the app setting `[WEBSITE_DISABLE_SCM_SEPARATION=true](https://github.com/projectkudu/kudu/wiki/Configurable-settings#use-the-same-process-for-the-user-site-and-the-scm-site)`. Adding this setting causes deployments via Kudu to write to the local VM instead of persistent storage. To avoid this situation, follow the [best practices mentioned earlier](#best-practices-for-using-a-local-cache) and perform deployments to a staging slot that doesn't have a local cache enabled.
+If previously deployed files reappear after a restart, check for the presence of the app setting [`WEBSITE_DISABLE_SCM_SEPARATION=true`](https://github.com/projectkudu/kudu/wiki/Configurable-settings#use-the-same-process-for-the-user-site-and-the-scm-site). Adding this setting causes deployments via Kudu to write to the local VM instead of persistent storage. To avoid this situation, follow the [best practices mentioned earlier](#best-practices-for-using-app-service-local-cache) and perform deployments to a staging slot that doesn't have a local cache enabled.
 
 ## Related content
 

includes/app-service-mobile-selector-authentication.md

@@ -10,7 +10,5 @@ ms.author: crdun
 > * [Facebook](../articles/app-service/configure-authentication-provider-facebook.md)
 > * [Google](../articles/app-service/configure-authentication-provider-google.md)
 > * [X](../articles/app-service/configure-authentication-provider-twitter.md)
-> * [An OpenID Connect provider](../articles/app-service/configure-authentication-provider-openid-connect.md)
-> * [Sign in with Apple (Preview)](../articles/app-service/configure-authentication-provider-apple.md)
-> 
-> 
+> * [OpenID Connect provider](../articles/app-service/configure-authentication-provider-openid-connect.md)
+> * [Sign in with Apple (preview)](../articles/app-service/configure-authentication-provider-apple.md)