Apply suggestions from review

Ratulac-Azure · KarlErickson · web-flow · commit 9df6dec349b4 · 2023-08-25T15:31:40.000-07:00
Co-authored-by: Karl Erickson &lt;karler@microsoft.com&gt;
diff --git a/articles/spring-apps/includes/tutorial-authenticate-client-with-gateway/authenticate-client-with-gateway-consumption-plan.md b/articles/spring-apps/includes/tutorial-authenticate-client-with-gateway/authenticate-client-with-gateway-consumption-plan.md
@@ -15,7 +15,7 @@ For clarity of structure, a separate markdown file is used to describe how to de
 
 ## 2. Prepare the Spring project
 
-Use the following steps to clone and run the app locally.
+Use the following steps to clone and run the app locally:
 
 1. Use the following command to clone the sample project from GitHub:
 
@@ -54,16 +54,14 @@ Use the following steps to create a service instance:
 
    :::image type="content" source="../../media/tutorial-authenticate-client-with-gateway/create-service-instance.png" alt-text="Screenshot of the Azure portal that shows the Create a resource page with Azure Spring Apps highlighted." lightbox="../../media/tutorial-authenticate-client-with-gateway/create-service-instance.png":::
 
-1. Fill out the **Basics** form with the following information:
-
-   Use the following table as a guide for completing the form. The recommended **Plan** is `Standard consumption & dedicated (preview)`.
+1. Fill out the **Basics** form. Use the following table as a guide for completing the form. The recommended value for **Plan** is **Standard consumption & dedicated (preview)**.
 
    | Setting                    | Suggested value                              | Description                                                                                                                                                                                                                                                                                        |
    |----------------------------|----------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
    | Subscription               | Your subscription name                       | The Azure subscription that you want to use for your server. If you have multiple subscriptions, choose the subscription in which you'd like to be billed for the resource.                                                                                                                        |
    | Resource group             | *myresourcegroup*                            | A new resource group name or an existing one from your subscription.                                                                                                                                                                                                                               |
    | Name                       | *myasa*                                      | A unique name that identifies your Azure Spring Apps service. The name must be between 4 and 32 characters long and can contain only lowercase letters, numbers, and hyphens. The first character of the service name must be a letter and the last character must be either a letter or a number. |
-   | Plan                       | *Standard consumption & dedicated (preview)* | The pricing plan determines the resources and cost associated with your instance.                                                                                                                                                                                                                  |
+   | Plan                       | **Standard consumption & dedicated (preview)** | The pricing plan determines the resources and cost associated with your instance.                                                                                                                                                                                                                  |
    | Region                     | The region closest to your users             | The location that is closest to your users.                                                                                                                                                                                                                                                        |
    | Container Apps Environment | *myacaenv*                                   | Select which Container Apps environment instance to share the same virtual network with other services and resources.                                                                                                                                                                              |
 
@@ -74,15 +72,15 @@ Use the following steps to create a service instance:
    | Setting          | Suggested value | Description                                                                              |
    |------------------|-----------------|------------------------------------------------------------------------------------------|
    | Environment name | *myacaenv*      | A unique name that identifies your Azure Container Apps Environment service.             |
-   | Plan             | *Consumption*   | The pricing plan determines the resources and cost associated with your instance.        |
-   | Zone Redundant   | *Disabled*      | Whether to create your Container Apps Environment service in an Azure availability zone. |
+   | Plan             | **Consumption**   | The pricing plan determines the resources and cost associated with your instance.        |
+   | Zone Redundant   | **Disabled**      | Whether to create your Container Apps Environment service in an Azure availability zone. |
 
-   :::image type="content" source="../../media/tutorial-authenticate-client-with-gateway/create-apps-container-env-basics.png" alt-text="Screenshot of the Azure portal that shows the Create Azure Container Apps page." lightbox="../../media/tutorial-authenticate-client-with-gateway/create-apps-container-env-basics.png":::
+   :::image type="content" source="../../media/tutorial-authenticate-client-with-gateway/create-apps-container-environment-basics.png" alt-text="Screenshot of the Azure portal that shows the Create Azure Container Apps page." lightbox="../../media/tutorial-authenticate-client-with-gateway/create-apps-container-environment-basics.png":::
 
    > [!IMPORTANT]
    > The Consumption workload profile has a pay-as-you-go billing model, with no starting cost. You're billed for the dedicated workload profile based on the provisioned resources. For more information, see [Workload profiles in Consumption + Dedicated plan structure environments in Azure Container Apps (preview)](../../../container-apps/workload-profiles-overview.md) and [Azure Spring Apps pricing](https://azure.microsoft.com/pricing/details/spring-apps/).
 
-4. Select **Review and Create** to review your selections. Select **Create** to provision the Azure Spring Apps instance.
+1. Select **Review and Create** to review your selections. Select **Create** to provision the Azure Spring Apps instance.
 
 1. On the toolbar, select the **Notifications** icon (a bell) to monitor the deployment process. After the deployment is done, you can select **Pin to dashboard**, which creates a tile for this service on your Azure portal dashboard as a shortcut to the service's **Overview** page. Select **Go to resource** to open the service's **Overview** page.
 
@@ -98,17 +96,17 @@ Use the following steps to create a service instance:
 
 ### 3.3. Register the Books application
 
-This section provides the steps to register an application to add app roles in Azure AD, which is used for protecting the RESTful APIs in Azure Spring Apps.
+This section provides the steps to register an application to add app roles in Microsoft Entra ID, which is used for protecting the RESTful APIs in Azure Spring Apps.
 
 1. Go to the Azure portal homepage.
 
 1. If you have access to multiple tenants, use the **Directory + subscription** filter (:::image type="icon" source="../../media/tutorial-authenticate-client-with-gateway/portal-directory-subscription-filter.png" border="false":::) to select the tenant in which you want to register an application.
 
-1. Search for and Select **Azure Active Directory**.
+1. Search for and select **Azure Active Directory**.
 
 1. Under **Manage**, select **App registrations** > **New registration**.
 
-1. Enter a name for your application in the **Name** field, for example `Books`. Users of your app might see this name, and you can change it later.
+1. Enter a name for your application in the **Name** field, for example *Books*. Users of your app might see this name, and you can change it later.
 
 1. For **Supported account types**, select **Accounts in this organizational directory only**.
 
@@ -122,18 +120,18 @@ This section provides the steps to register an application to add app roles in A
 
 1. Under **Manage**, select **App roles** > **Create app role**, and then enter the following information:
 
-   - For **Display name**, enter `Write`.
+   - For **Display name**, enter *Write*.
    - For **Allowed member types**, select **Applications**.
-   - For **Value**, enter `Books.Write`.
-   - For **Description**, enter `Adding books`.
+   - For **Value**, enter *Books.Write*.
+   - For **Description**, enter *Adding books*.
 
 1. Repeat the previous step to add another app role: `Books.Read`.
 
    :::image type="content" source="../../media/tutorial-authenticate-client-with-gateway/app-roles.png" alt-text="Screenshot of the Books app registration page that shows the App roles." lightbox="../../media/tutorial-authenticate-client-with-gateway/app-roles.png":::
 
 ### 3.4. Register the SPA application
 
-The Books RESTful API app acts as a resource server, which is protected by Azure AD. Before acquiring an access token, it's required to register another application in Azure AD and grant permissions to the client application, which is named `SPA`.
+The Books RESTful API app acts as a resource server, which is protected by Microsoft Entra ID. Before acquiring an access token, you're required to register another application in Microsoft Entra ID and grant permissions to the client application, which is named `SPA`.
 
 1. Go back to your tenant in **Azure Active Directory**.
 
@@ -147,21 +145,21 @@ The Books RESTful API app acts as a resource server, which is protected by Azure
 
 1. On the app **Overview** page, look for the **Application (client) ID** value, and then record it for later use. You need it to acquire access token.
 
-1. Select **API permissions** > **Add a permission** > **APIs my organization uses**. Select the `Books` application that you registered earlier, select the Permissions **Books.Read** and **Books.Write**, and then select **Add permissions**.
+1. Select **API permissions** > **Add a permission** > **APIs my organization uses**. Select the `Books` application that you registered earlier, select the permissions **Books.Read** and **Books.Write**, and then select **Add permissions**.
 
-1. Select **Grant admin consent for {your-tenant-name}** to grant admin consent for the permissions you added.
+1. Select **Grant admin consent for \<your-tenant-name>** to grant admin consent for the permissions you added.
 
    :::image type="content" source="../../media/tutorial-authenticate-client-with-gateway/api-permissions.png" alt-text="Screenshot of the SPA API permissions page that shows the API permissions of a web application." lightbox="../../media/tutorial-authenticate-client-with-gateway/api-permissions.png":::
 
-1. Navigate to **Certificates & secrets**, and then select **New client secret**. 
+1. Navigate to **Certificates & secrets** and then select **New client secret**. 
 
 1. On the **Add a client secret** page, enter a description for the secret, select an expiration date, and then select **Add**.
 
-1. Look for the **Value** of the secret, and then record it for later use. You need it to acquire access token.
+1. Look for the **Value** of the secret and then record it for later use. You need it to acquire an access token.
 
 ### 3.5. Update the configuration of Books Service app
 
-Update the configuration of `spring.cloud.azure.active-directory` in the `books-service` application configuration file. Be sure to replace the placeholders with your own values you created in the previous step.
+Update the configuration of `spring.cloud.azure.active-directory` in the `books-service` application configuration file to match the following example. Be sure to replace the placeholders with your own values you created in the previous step.
 
 ```yaml
 spring:
@@ -185,21 +183,21 @@ The following steps show you how to deploy the apps to Azure.
 
 ### 4.1. Deploy the microservice apps to Azure Spring Apps
 
-Use the [Maven plugin for Azure Spring Apps](https://github.com/microsoft/azure-maven-plugins/wiki/Azure-Spring-Apps) to deploy the apps to Azure Spring Apps.
+Use the following steps to deploy the apps to Azure Spring Apps using the [Maven plugin for Azure Spring Apps](https://github.com/microsoft/azure-maven-plugins/wiki/Azure-Spring-Apps):
 
-1. Navigate to the sample project directory and execute the following command to config the app in Azure Spring Apps:
+1. Navigate to the sample project directory and then use the following command to configure the app in Azure Spring Apps:
 
    ```bash
    ./mvnw com.microsoft.azure:azure-spring-apps-maven-plugin:1.18.0:config
    ```
 
    The following list describes the command interactions:
 
-   - **Select child modules to configure(input numbers separated by comma, eg: [1-2,4,6], ENTER to select ALL)**: Press <kbd>Enter</kbd> to select all.
+   - **Select child modules to configure (input numbers separated by comma, eg: [1-2,4,6], ENTER to select ALL)**: Press <kbd>Enter</kbd> to select all.
    - **OAuth2 login**: Authorize the login to Azure based on the OAuth2 protocol.
    - **Select subscription**: Select the subscription list number of the Azure Spring Apps instance you created, which defaults to the first subscription in the list. If you use the default number, press <kbd>Enter</kbd> directly.
    - **Select Azure Spring Apps for deployment**: Select the list number of the Azure Spring Apps instance you created. If you use the default number, press <kbd>Enter</kbd> directly.
-   - **Select apps to expose public access:(input numbers separated by comma, eg: [1-2,4,6], ENTER to select NONE)**: Enter *1* for `gateway-service`.
+   - **Select apps to expose public access: (input numbers separated by comma, eg: [1-2,4,6], ENTER to select NONE)**: Enter *1* for `gateway-service`.
    - **Confirm to save all the above configurations (Y/n)**: Enter <kbd>y</kbd>. If you enter <kbd>n</kbd>, the configuration isn't saved in the POM files.
 
 1. Use the following command to deploy the app:
@@ -208,11 +206,11 @@ Use the [Maven plugin for Azure Spring Apps](https://github.com/microsoft/azure-
    ./mvnw azure-spring-apps:deploy
    ```
 
-   The following list describes the command interactions:
+   The following list describes the command interaction:
 
    - **OAuth2 login**: You need to authorize the login to Azure based on the OAuth2 protocol.
 
-   After the command is executed, you can see the following log signs that the deployment was successful.
+   After the command is executed, you can see the following log messages, which indicate that the deployment was successful.
 
    ```output
    [INFO] Getting public url of app(gateway-service)...
@@ -227,9 +225,9 @@ Use the [Maven plugin for Azure Spring Apps](https://github.com/microsoft/azure-
 
    The output **Application url** is the base endpoint to access the ToDo RESTful API application.
 
-### 4.2. Deploy the SPA app locally
+### 4.2. Run the SPA app locally
 
-Update the configuration in the `SPA` application script file `spa/server.js`. Be sure to replace the placeholders with your own values you created in the previous step.
+Update the configuration in the `SPA` application script file *spa/server.js* to match the following example. Be sure to replace the placeholders with your own values you created in the previous step.
 
 ```javascript
 const SpringCloudGatewayURL = "<URL exposed by app gateway-service>"
diff --git a/articles/spring-apps/toc.yml b/articles/spring-apps/toc.yml
@@ -85,7 +85,7 @@ items:
     items:
      - name: Custom DNS name
        href: how-to-custom-domain.md
-  - name: Authenticate client with gateway on Azure Spring Apps
+  - name: Authenticate client with Spring Cloud Gateway
     href: tutorial-authenticate-client-with-gateway.md
 - name: Concepts
   items:
diff --git a/articles/spring-apps/tutorial-authenticate-client-with-gateway.md b/articles/spring-apps/tutorial-authenticate-client-with-gateway.md
@@ -21,7 +21,7 @@ ms.custom: devx-track-java, devx-track-extended-java, devx-track-azurecli, mode-
 
 This quickstart shows you how to secure communication between a client application and a microservice application that is hosted on Azure Spring Apps and shielded with a Spring Cloud Gateway app. The client application is verified as a security principal to initiate contact with the microservice deployed on Azure Spring Apps, using the app built with [Spring Cloud Gateway](https://docs.spring.io/spring-cloud-gateway/docs/current/reference/html/). This method employs Spring Cloud Gateway's Token Relay and Spring Security's Resource Server features for the processes of authentication and authorization, realized through the execution of the [OAuth 2.0 client credentials flow](../active-directory/develop/v2-oauth2-client-creds-grant-flow.md).
 
-The following list shows the composition of a sample project:
+The following list shows the composition of the sample project:
 
 - Books SPA: This Single Page Application (SPA), hosted locally, interacts with the Books microservice for adding or searching for books.
 - Books microservice:
@@ -33,7 +33,7 @@ The following list shows the composition of a sample project:
 - An Azure subscription. If you don't have a subscription, create a [free account](https://azure.microsoft.com/free/) before you begin.
 - [Git](https://git-scm.com/downloads).
 - [Java Development Kit (JDK)](/java/azure/jdk/), version 17.
-- An Azure AD tenant. For more information on how to create an Azure AD tenant, see [Quickstart: Create a new tenant in Azure AD](../active-directory/fundamentals/create-new-tenant.md).
+- A Microsoft Entra ID tenant. For more information on how to create a Microsoft Entra ID tenant, see [Quickstart: Create a new tenant in Azure AD](../active-directory/fundamentals/create-new-tenant.md).
 - [Azure CLI](/cli/azure/install-azure-cli) version 2.45.0 or higher.
 - Install [Node.js](https://nodejs.org).
 
@@ -45,7 +45,7 @@ You can access the Books SPA app that communicates with the Books RESTful APIs t
 
 1. Go to `http://localhost:3000` in your browser to access the application.
 
-1. Enter an **Author** and a **Title**, and then select **Add Book**. You'll see a response similar to the following example:
+1. Enter values for **Author** and **Title**, and then select **Add Book**. You see a response similar to the following example:
 
    ```output
    Book added successfully: {"id":1,"author":"Jeff Black","title":"Spring In Action"}
@@ -71,7 +71,7 @@ You can access the Books SPA app that communicates with the Books RESTful APIs t
 > [Use managed identities for applications in Azure Spring Apps](./how-to-use-managed-identities.md)
 
 > [!div class="nextstepaction"]
-> [Run microservice apps(Pet Clinic)](./quickstart-sample-app-introduction.md)
+> [Run microservice apps (Pet Clinic)](./quickstart-sample-app-introduction.md)
 
 > [!div class="nextstepaction"]
 > [Run polyglot apps on Enterprise plan (ACME Fitness Store)](./quickstart-sample-app-acme-fitness-store-introduction.md)
