final fixes

EdB-MSFT · EdB-MSFT · commit 901030b4e9ac · 2023-01-04T14:50:32.000+02:00
diff --git a/articles/azure-monitor/essentials/media/metrics-store-custom-rest-api/add-role-assignment.png b/articles/azure-monitor/essentials/media/metrics-store-custom-rest-api/add-role-assignment.png
diff --git a/articles/azure-monitor/essentials/metrics-store-custom-rest-api.md b/articles/azure-monitor/essentials/metrics-store-custom-rest-api.md
@@ -20,11 +20,11 @@ To send metrics for resources in other environments or on-premises, use [Applica
 
 A service principal is an application whose tokens can be used to authenticate and grant access to specific Azure resources using Azure Active Directory. This includes user-apps, services or automation tools.
 
-1. Register application and create a service principal in your Azure Active Directory tenant by using the instructions found at [Register an application with Azure Active Directory](../logs/api/register-app-for-token.md).  
+1. [Register an application with Azure Active Directory](../logs/api/register-app-for-token.md) to create a service principal.
 
 1. Save the tenant ID, new client ID, and client secret value for your app to use when requesting a token.
 
-1. Give the app created as part of the previous step, **Monitoring Metrics Publisher** permissions to the resource you wish to emit metrics against. If you plan to use the app to emit custom metrics against many resources, you can grant these permissions at the resource group or subscription level.  
+1. Give the app created as part of the previous step **Monitoring Metrics Publisher** permissions to the resource you wish to emit metrics against. If you plan to use the app to emit custom metrics against many resources, you can grant these permissions at the resource group or subscription level.  
  
     On your resource's overview page, select **Access Control (IAM)**
 1. Select **Add**, then **Add role assignment** from the dropdown.
@@ -106,12 +106,12 @@ Save the access token from the response for use in the following HTTP requests.
    - **resourceId**:   Resource ID of the Azure resource you're tracking the metric against.  
    - **accessToken**:  The authorization token acquired from the previous step.
     
-```Shell
-curl -X POST 'https://<location>.monitoring.azure.com/<resourceId>/metrics' \
--H 'Content-Type: application/json' \
--H 'Authorization: Bearer <accessToken>' \
--d @custommetric.json 
-```
+    ```Shell
+    curl -X POST 'https://<location>.monitoring.azure.com/<resourceId>/metrics' \
+    -H 'Content-Type: application/json' \
+    -H 'Authorization: Bearer <accessToken>' \
+    -d @custommetric.json 
+    ```
 
 1. Change the timestamp and values in the JSON file. 
 1. Repeat the previous two steps a number of times, to create data for several minutes.
@@ -120,9 +120,9 @@ curl -X POST 'https://<location>.monitoring.azure.com/<resourceId>/metrics' \
 
 If you receive an error message with some part of the process, consider the following troubleshooting information:
 
-* You can't issue metrics against a subscription or resource group, or resource, check that your application or Service Principal has the **Monitoring Metrics Publisher** role assigned in Access control (IAM).
-* The number of dimension names must match the values. Check the values and dimentions.
-* You might be emitting metrics against a region that doesn’t support custom metrics. See [supported regions](./metrics-custom-overview.md#supported-regions).
+- If you can't issue metrics against a subscription or resource group, or resource, check that your application or Service Principal has the **Monitoring Metrics Publisher** role assigned in Access control (IAM).
+- Check that the number of dimension names matches the number values.
+- Check that you are not emitting metrics against a region that doesn’t support custom metrics. See [supported regions](./metrics-custom-overview.md#supported-regions).
 
 ## View your metrics
 
diff --git a/articles/azure-monitor/logs/api/register-app-for-token.md b/articles/azure-monitor/logs/api/register-app-for-token.md
@@ -9,7 +9,7 @@ ms.topic: article
 
 # Register an App to request authorization tokens and work with APIs
 
-To access Azure REST APIs such as the Log analytics API, or to send custom metrics, you can generate an authorization token based on a client ID and secret. The token is then passed in your REST API request. This article shows you how to register a client app and assign permissions to access so that you can generate a token.
+To access Azure REST APIs such as the Log analytics API, or to send custom metrics, you can generate an authorization token based on a client ID and secret. The token is then passed in your REST API request. This article shows you how to register a client app and create a client secret so that you can generate a token.
 
 ## Register an App
 
@@ -41,13 +41,15 @@ To access Azure REST APIs such as the Log analytics API, or to send custom metri
 ## Next steps
 
 Before you can generate a token using your app, client ID, and secret, assign the app to a role using Access control (IAM) for resource that you want to access.
-The role will depend on the resource time, and the API that you want to use.  
+The role will depend on the resource type and the API that you want to use.  
+For example,
+- To grant your app read from a Log Analytics Workspace, add your app as a member to the **Reader** role using Access control (IAM) for your Log Analytics Workspace. For more information, see [Access the API](./access-api.md)
 
-* To grant your app read from a Log Analytics Workspace, add your app as a member to the **Reader** role using Access control (IAM) for your Log Analytics Workspace. For more information, see [Access the API](./access-api.md)
+- To grant access to send custom metrics for a resource,  add your app as a member to the **Monitoring Metrics Publisher** role using Access control (IAM) for your resource. For more information, see [ Send metrics to the Azure Monitor metric database using REST API](../../essentials/metrics-store-custom-rest-api.md)
 
-* To grant access to send custom metrics for a resource,  add your app as a member to the **Monitoring Metrics Publisher** role using Access control (IAM) for your resource. For more information, see [ Send metrics to the Azure Monitor metric database using REST API](../../essentials/metrics-store-custom-rest-api.md)
+For more information see [Assign Azure roles using the Azure portal](https://learn.microsoft.com/azure/role-based-access-control/role-assignments-portal)  
 
-Once you have roles and permission setup, you can use your client ID and client secret to generate a bearer token to access the REST API.
+Once you have assigned a role you can use your app, client ID, and client secret to generate a bearer token to access the REST API.
 
 > [!NOTE]
 > When using Azure AD authentication, it may take up to 60 minutes for the Azure Application Insights REST API to recognize new role-based access control (RBAC) permissions. While permissions are propagating, REST API calls may fail with error code 403.
