updated aad

Author: KingdomOfEnds

articles/digital-twins/how-to-configure-postman.md

@@ -7,7 +7,7 @@ manager: bertvanhoof
 ms.service: digital-twins
 services: digital-twins
 ms.topic: conceptual
-ms.date: 01/10/2020
+ms.date: 02/03/2020
 ---
 
 # How to configure Postman for Azure Digital Twins
@@ -28,45 +28,17 @@ Through the Postman client, solutions developers can specify the kind of HTTP re
 
 ## Configure Azure Active Directory to use the OAuth 2.0 implicit grant flow
 
-Configure your Azure Active Directory app to use the OAuth 2.0 implicit grant flow.
+1. Follow the steps in [the Quickstart](quickstart-view-occupancy-dotnet.md#set-permissions-for-your-app) to create and configure an Azure Active Directory application. Alternatively, you can reuse an existing app registration.
 
-1. Open the **API permissions** pane for your app registration. Select **Add a permission** button. In the **Request API permissions** pane, select the **APIs my organization uses** tab, and then search for:
-    
-    1. `Azure Digital Twins`. Select the **Azure Digital Twins** API.
-
-        [![Search API or Azure Digital Twins](../../includes/media/digital-twins-permissions/aad-aap-search-api-dt.png)](../../includes/media/digital-twins-permissions/aad-aap-search-api-dt.png#lightbox)
-
-    1. Alternatively, search for `Azure Smart Spaces Service`. Select the **Azure Smart Spaces Service** API.
-
-        [![Search API for Azure Smart Spaces](../../includes/media/digital-twins-permissions/aad-app-search-api.png)](../../includes/media/digital-twins-permissions/aad-app-search-api.png#lightbox)
-
-    > [!IMPORTANT]
-    > The Azure AD API name and ID that will appear depends on your tenant:
-    > * Test tenant and customer accounts should search for `Azure Digital Twins`.
-    > * Other Microsoft accounts should search for `Azure Smart Spaces Service`.
-
-1. The selected API shows up as **Azure Digital Twins** in the same **Request API permissions** pane. Select the **Read (1)** drop down, and then select **Read.Write** checkbox. Select the **Add permissions** button.
-
-    [![Add API permissions for Azure Digital Twins](../../includes/media/digital-twins-permissions/aad-app-req-permissions.png)](../../includes/media/digital-twins-permissions/aad-app-req-permissions.png#lightbox)
-
-1. Depending on your organization's settings, you might need to take additional steps to grant admin access to this API. Contact your administrator for more information. Once the admin access is approved, the **ADMIN CONSENT REQUIRED** column in the **API permissions** pane will show similar to the following for your APIs:
-
-    [![Configure admin consent approval](../../includes/media/digital-twins-permissions/aad-app-admin-consent.png)](../../includes/media/digital-twins-permissions/aad-app-admin-consent.png#lightbox)
-
-1. Configure a second **Redirect URI** to `https://www.getpostman.com/oauth2/callback`.
+1. Add a **Redirect URI** to `https://www.getpostman.com/oauth2/callback`.
 
     [![Configure a new Postman Redirect URI](media/how-to-configure-postman/authentication-redirect-uri.png)](media/how-to-configure-postman/authentication-redirect-uri.png#lightbox)
 
-1. To make sure that [the app is registered as a **public client**](https://docs.microsoft.com/azure/active-directory/develop/scenario-desktop-app-registration), open the **Authentication** pane for your app registration, and scroll down in that pane. In the **Default client type** section, choose **Yes** for **Treat application as a public client**, and hit **Save**.
-
-    Check **Access tokens** to enable the **oauth2AllowImplicitFlow** setting in your Manifest.json.
+1. Select the **Implicit grant** > **Access tokens** check box to allow the OAuth 2.0 implicit grant flow to be used. 
 
-    [![Public client configuration setting](../../includes/media/digital-twins-permissions/aad-configure-public-client.png)](../../includes/media/digital-twins-permissions/aad-configure-public-client.png#lightbox)
-
-1. Copy and keep the **Application ID** of your Azure Active Directory app. It's used in the steps that follow.
-
-   [![Azure Active Directory application ID](../../includes/media/digital-twins-permissions/aad-app-reg-app-id.png)](../../includes/media//digital-twins-permissions/aad-app-reg-app-id.png#lightbox)
+1. Select **Configure**, then **Save**.
 
+1. Copy the **Client ID** of your Azure Active Directory app.
 
 ## Obtain an OAuth 2.0 token
 
@@ -86,15 +58,13 @@ Set up and configure Postman to obtain an Azure Active Directory token. Afterwar
 
 1. Go to [www.getpostman.com](https://www.getpostman.com/) to download the app.
 
-1. Open the Postman app and click new | Create new, and select Request. Enter a Request name. Select a collection or folder to save it to, and click Save. 
-
 1. We want to make GET request. Select the **Authorization** tab, select OAuth 2.0, and then select **Get New Access Token**.
 
     | Field  | Value |
     |---------|---------|
     | Grant Type | `Implicit` |
     | Callback URL | `https://www.getpostman.com/oauth2/callback` |
-    | Auth URL | Use the **Authorization URL** from **step 2** |
+    | Auth URL | Use the **Authorization URL** from **step 1** |
     | Client ID | Use the **Application ID** for the Azure Active Directory app that was created or reused from the previous section |
     | Scope | Leave blank |
     | State | Leave blank |

articles/digital-twins/how-to-use-swagger.md

@@ -7,7 +7,7 @@ manager: bertvanhoof
 ms.service: digital-twins
 services: digital-twins
 ms.topic: conceptual
-ms.date: 01/21/2020
+ms.date: 02/03/2020
 ms.custom: seodec18
 ---
 
@@ -90,9 +90,9 @@ The examples also include error codes to help debug or improve failing tests.
 > [!NOTE]
 > * The user principal that created the Azure Digital Twins resource will have a Space Administrator role assignment and will be able to create additional role assignments for other users. Such users and their roles can be authorized to call the APIs.
 
-1. Follow the steps in [this quickstart](https://docs.microsoft.com/azure/active-directory/develop/quickstart-v1-integrate-apps-with-azure-ad) to create and configure an Azure AD application. Alternatively, you can reuse an existing app registration.
+1. Follow the steps in [the Quickstart](quickstart-view-occupancy-dotnet.md#set-permissions-for-your-app) to create and configure an Azure Active Directory application. Alternatively, you can reuse an existing app registration.
 
-1. Add the following **Redirect url** to your Azure AD app registration:
+1. Add the following **Redirect URI** to your Azure Active Directory app registration:
 
     [![Register Swagger redirect url in AAD](media/how-to-use-swagger/swagger-aad-redirect-url-registration.png)](media/how-to-use-swagger/swagger-aad-redirect-url-registration.png#lightbox)
 
@@ -103,7 +103,9 @@ The examples also include error codes to help debug or improve failing tests.
     |---------|---------|---------|
     | YOUR_SWAGGER_URL | Your Management REST API documentation URL found in the portal  | `https://yourDigitalTwinsName.yourLocation.azuresmartspaces.net/management/swagger` |
 
-1. Copy the **Client ID** of your Azure AD app.
+1. Select the **Implicit grant** > **Access tokens** check box to allow the OAuth 2.0 implicit grant flow to be used. Select **Configure**, then **Save**.
+
+1. Copy the **Client ID** of your Azure Active Directory app.
 
 After completing the Azure Active Directory registration:
 

articles/digital-twins/media/how-to-configure-postman/authentication-redirect-uri.png

@@ -7,7 +7,7 @@
  manager: bertvanhoof
  ms.service: digital-twins
  ms.topic: include
- ms.date: 01/23/2020
+ ms.date: 02/03/2020
  ms.custom: include file
 ---
 
@@ -26,20 +26,30 @@
 
     [![Create pane](./media/digital-twins-permissions/aad-app-reg-create.png)](./media/digital-twins-permissions/aad-app-reg-create.png#lightbox)
 
-1. To make sure that [the app is registered as a **public client**](https://docs.microsoft.com/azure/active-directory/develop/scenario-desktop-app-registration), open the **Authentication** pane for your app registration, and scroll down in that pane. In the **Default client type** section, choose **Yes** for **Treat application as a public client**, and hit **Save**.
+1. The **Authentication** blade specifies important authentication configuration settings. 
 
-    1. **Redirect URIs** must match the address supplied by the authentication request:
+    1. Add **Redirect URIs** and configure **Access Tokens** by selecting **+ Add a platform**.
+
+    1. Determine whether the app is a **public client** or not by selecting **Yes** or **No**.
+
+    1. Verify which accounts and tenants are supported.
 
-        * For apps hosted in a local development environment, select **Public client (mobile & desktop)**. Make sure to set the **Default client type** to yes.
-        * For Single-Page apps hosted on Azure App Service, select **Web**.
+    [![Public client configuration setting](./media/digital-twins-permissions/aad-configure-public-client.png)](./media/digital-twins-permissions/aad-configure-public-client.png#lightbox)
+
+1. After selecting the appropriate platform, configure your **Redirect URIs** and **Access Tokens** in the side panel to the right of the user interface.
+
+    1. **Redirect URIs** must match the address supplied by the authentication request:
 
-        Select **Public client (mobile & desktop)** and enter `http://localhost:8080/`.
+        * For apps hosted in a local development environment, select **Public client (mobile & desktop)**. Make sure to set **public client** to **Yes**.
+        * For Single-Page Apps hosted on Azure App Service, select **Web**.
 
-        [![Configure Redirect URIs](./media/digital-twins-permissions/aad-app-configure-redirect-uris.png)](./media/digital-twins-permissions/aad-app-configure-redirect-uris.png#lightbox)
+    1. Determine whether a **Logout URL** is appropriate.
 
-    1. Check **Access tokens** to configure the **oauth2AllowImplicitFlow** setting to `true` in your resource's **Manifest** JSON.
+    1. Enable the implicit grant flow by checking **Access tokens** or **ID tokens**.
+                
+    [![Configure Redirect URIs](./media/digital-twins-permissions/aad-app-configure-redirect-uris.png)](./media/digital-twins-permissions/aad-app-configure-redirect-uris.png#lightbox)
 
-        [![Public client configuration setting](./media/digital-twins-permissions/aad-configure-public-client.png)](./media/digital-twins-permissions/aad-configure-public-client.png#lightbox)
+    Click **Configure**, then **Save**.
 
 1.  Open the **Overview** pane of your registered app, and copy the values of the following entities to a temporary file. You'll use these values to configure your sample application in the following sections.