PR review edit

ktoliver · web-flow · commit 9914241f1f86 · 2022-02-09T13:10:01.000-08:00
diff --git a/articles/active-directory/develop/howto-add-app-roles-in-azure-ad-apps.md b/articles/active-directory/develop/howto-add-app-roles-in-azure-ad-apps.md
@@ -173,11 +173,12 @@ Because these are _application permissions_, not delegated permissions, an admin
 
 The **Status** column should reflect that consent has been **Granted for \<tenant name\>**.
 
+<a name="#use-app-roles-in-your-web-api"></a>
 ## Usage scenario of app roles
 
-If you are implementing app role business logic in your application scenario which signs-in the users, then you would define the app roles in the App Registration and then an admin would assign them to users and groups in the Enterprise Apps blade. These assigned app roles will be included as part of any token that is issued for your application - either access tokens when your app is the API being called by an app, or ID tokens when your app is signing in a user. 
+If you're implementing app role business logic that signs in the users in your application scenario, first define the app roles in **App registration**, and then an admin assigns them to users and groups in the **Enterprise applications** pane. These assigned app roles are included with any token that's issued for your application, either access tokens when your app is the API being called by an app, or ID tokens when your app is signing in a user. 
 
-If you are implementing app role business logic in app-calling-API scenario, then you will have two app registrations. One for app and second one for API. In this case, define the app roles and assign them to user/group in the app registration of API. When the user authenticates with the app and requests for an access token to call the API, roles claim will be included in the access token. Your next step is to add code to your web API that checks for those roles when the API is called.
+If you're implementing app role business logic in an app-calling-API scenario, you have two app registrations. One app registration is for the app, and a second app registration is for the API. In this case, define the app roles and assign them to the user or group in the app registration of the API. When the user authenticates with the app and requests an access token to call the API, a roles claim is included in the access token. Your next step is to add code to your web API to check for those roles when the API is called.
 
 To learn how to add authorization to your web API, see [Protected web API: Verify scopes and app roles](scenario-protected-web-api-verification-scope-app-roles.md).
 
