Merge pull request #177861 from rwike77/screenshots

Certificates & secretes update

Author: Court72

articles/active-directory/develop/active-directory-certificate-credentials.md

@@ -92,7 +92,7 @@ You can associate the certificate credential with the client application in the
 ### Uploading the certificate file
 
 In the Azure app registration for the client application:
-1. Select **Certificates & secrets**.
+1. Select **Certificates & secrets** > **Certificates**.
 2. Click on **Upload certificate** and select the certificate file to upload.
 3. Click **Add**.
   Once the certificate is uploaded, the thumbprint, start date, and expiration values are displayed.

articles/active-directory/develop/howto-create-service-principal-portal.md

@@ -153,7 +153,7 @@ To upload the certificate:
 1. Select **Azure Active Directory**.
 1. From **App registrations** in Azure AD, select your application.
 1. Select **Certificates & secrets**.
-1. Select **Upload certificate** and select the certificate (an existing certificate or the self-signed certificate you exported).
+1. Select **Certificates** > **Upload certificate** and select the certificate (an existing certificate or the self-signed certificate you exported).
 
     ![Select Upload certificate and select the one you want to add](./media/howto-create-service-principal-portal/upload-cert.png)
 

articles/active-directory/develop/media/quickstart-register-app/portal-05-app-reg-04-credentials.png

@@ -9,7 +9,7 @@ ms.service: active-directory
 ms.subservice: develop
 ms.topic: quickstart
 ms.workload: identity
-ms.date: 06/14/2021
+ms.date: 10/27/2021
 ms.author: marsma
 ms.custom: aaddev, identityplatformtop40, contperf-fy21q1, contperf-fy21q2, contperf-fy21q4
 # Customer intent: As developer, I want to know how to register my application with the Microsoft identity platform so that the security token service can issue ID and/or access tokens to client applications that request them.
@@ -116,7 +116,7 @@ You can add both certificates and client secrets (a string) as credentials to yo
 Sometimes called a _public key_, a certificate is the recommended credential type because they're considered more secure than client secrets. For more information about using a certificate as an authentication method in your application, see [Microsoft identity platform application authentication certificate credentials](active-directory-certificate-credentials.md).
 
 1. In the Azure portal, in **App registrations**, select your application.
-1. Select **Certificates & secrets** > **Upload certificate**.
+1. Select **Certificates & secrets** > **Certificates** > **Upload certificate**.
 1. Select the file you want to upload. It must be one of the following file types: _.cer_, _.pem_, _.crt_.
 1. Select **Add**.
 
@@ -127,7 +127,7 @@ Sometimes called an _application password_, a client secret is a string value yo
 Client secrets are considered less secure than certificate credentials. Application developers sometimes use client secrets during local app development because of their ease of use. However, you should use certificate credentials for any application you have running in production.
 
 1. In the Azure portal, in **App registrations**, select your application.
-1. Select **Certificates & secrets** > **New client secret**.
+1. Select **Certificates & secrets** > **Client secrets** > **New client secret**.
 1. Add a description for your client secret.
 1. Select an expiration for the secret or specify a custom lifetime.
     - Client secret lifetime is limited to two years (24 months) or less. You can't specify a custom lifetime longer than 24 months.

articles/active-directory/develop/quickstart-register-app.md

@@ -42,7 +42,7 @@ See [How the sample works](#how-the-sample-works) for an illustration.
 > 1. Under **Manage**, select **Authentication**.
 > 1. Enter a **Front-channel logout URL** of `https://localhost:44321/signout-oidc`.
 > 1. Select **Save**.
-> 1. Under **Manage**, select **Certificates & secrets** > **New client secret**.
+> 1. Under **Manage**, select **Certificates & secrets** > **Client secrets** > **New client secret**.
 > 1. Enter a **Description**, for example `clientsecret1`.
 > 1. Select **In 1 year** for the secret's expiration.
 > 1. Select **Add** and immediately record the secret's **Value** for use in a later step. The secret value is *never displayed again* and is irretrievable by any other means. Record it in a secure location as you would any password.

articles/active-directory/develop/quickstart-v2-aspnet-core-webapp-calls-graph.md

@@ -43,7 +43,7 @@ This quickstart uses the Microsoft Authentication Library for Node.js (MSAL Node
 > 1. Set the **Redirect URI** value to `http://localhost:3000/redirect`.
 > 1. Select **Register**.
 > 1. On the app **Overview** page, note the **Application (client) ID** value for later use.
-> 1. Under **Manage**, select **Certificates & secrets** > **New client secret**.  Leave the description blank and default expiration, and then select **Add**.
+> 1. Under **Manage**, select **Certificates & secrets** > **Client secrets** > **New client secret**.  Leave the description blank and default expiration, and then select **Add**.
 > 1. Note the value of **Client secret** for later use.
 
 > [!div class="sxs-lookup" renderon="portal"]

articles/active-directory/develop/quickstart-v2-nodejs-webapp-msal.md

@@ -44,7 +44,7 @@ In this quickstart, you download and run a code sample that demonstrates how to
 1. Enter a **Front-channel logout URL** `https://localhost:3000`.
 1. In the **Implicit grant and hybrid flows** section, select **ID tokens** as this sample requires the [Implicit grant flow](./v2-oauth2-implicit-grant-flow.md) to be enabled to sign-in the user.
 1. Select **Configure**.
-1. Under **Manage**, select **Certificates & secrets** > **New client secret**.
+1. Under **Manage**, select **Certificates & secrets** > **Client secrets** > **New client secret**.
 1. Enter a key description (for instance app secret).
 1. Select a key duration of either **In 1 year, In 2 years,** or **Never Expires**.
 1. Select **Add**. The key value will be displayed. Copy the key value and save it in a safe location for later use.

articles/active-directory/develop/quickstart-v2-nodejs-webapp.md

@@ -57,7 +57,7 @@ See [How the sample works](#how-the-sample-works) for an illustration.
 > 1. Select **Add a platform** > **Web**.
 > 1. Add `http://localhost:5000/getAToken` as **Redirect URIs**.
 > 1. Select **Configure**.
-> 1. Under **Manage**, select the **Certificates & secrets**  and from the **Client secrets** section, select **New client secret**.
+> 1. Under **Manage**, select the **Certificates & secrets** and from the **Client secrets** section, select **New client secret**.
 > 1. Type a key description (for instance app secret), leave the default expiration, and select **Add**.
 > 1. Note the **Value** of the **Client Secret** for later use.
 > 1. Under **Manage**, select **API permissions** > **Add a permission**.
@@ -109,7 +109,7 @@ See [How the sample works](#how-the-sample-works) for an illustration.
 > Where:
 >
 > - `Enter_the_Application_Id_here` - is the Application Id for the application you registered.
-> - `Enter_the_Client_Secret_Here` - is the **Client Secret** you created in **Certificates & Secrets**  for the application you registered.
+> - `Enter_the_Client_Secret_Here` - is the **Client Secret** you created in **Certificates & Secrets** for the application you registered.
 > - `Enter_the_Tenant_Name_Here` - is the **Directory (tenant) ID** value of the application you registered.
 
 > [!div class="sxs-lookup" renderon="portal"]

articles/active-directory/develop/quickstart-v2-python-webapp.md

@@ -41,7 +41,7 @@ Under **Manage**, select **Authentication** > **Implicit grant and hybrid flows*
 
 Finally, because the app calls a protected API (in this case Microsoft Graph), it needs a client secret in order to verify its identity when it requests an access token to call that API.
 
-1. Within the same app registration, under **Manage**, select **Certificates & secrets**.
+1. Within the same app registration, under **Manage**, select **Certificates & secrets** and then **Client secrets**.
 2. Create a **New client secret** that never expires.
 3. Make note of the secret's **Value** as you will use it in the next step. You can’t access it again once you navigate away from this pane. However, you can recreate it as needed.