Merge pull request #230600 from omondiatieno/revoke-permissions-update

update description and headings to clarify on revoking permissions

Author: prmerger-automator[bot]

articles/active-directory/manage-apps/manage-application-permissions.md

@@ -1,14 +1,14 @@
 ---
 title: Review permissions granted to applications
-description: Learn how to review and manage permissions for an application in Azure Active Directory.
+description: Learn how to review and revoke permissions, and invalidate refresh tokens for an application in Azure Active Directory.
 services: active-directory
 author: Jackson-Woods
 manager: CelesteDG
 ms.service: active-directory
 ms.subservice: app-mgmt
 ms.workload: identity
 ms.topic: how-to
-ms.date: 11/22/2022
+ms.date: 03/16/2023
 ms.author: jawoods
 ms.reviewer: phsignor
 zone_pivot_groups: enterprise-apps-all
@@ -20,9 +20,9 @@ ms.collection: M365-identity-device-management
 
 # Review permissions granted to enterprise applications
 
-In this article, you'll learn how to review permissions granted to applications in your Azure Active Directory (Azure AD) tenant. You may need to review permissions when you've detected a malicious application or the application has been granted more permissions than is necessary.
+In this article, you learn how to review permissions granted to applications in your Azure Active Directory (Azure AD) tenant. You may need to review permissions when you've detected a malicious application or the application has been granted more permissions than is necessary. You learn how to revoke permissions granted to the application using Microsoft Graph API and existing versions of PowerShell.
 
-The steps in this article apply to all applications that were added to your Azure Active Directory (Azure AD) tenant via user or admin consent. For more information on consenting to applications, see [User and admin consent](user-admin-consent-overview.md).
+The steps in this article apply to all applications that were added to your Azure AD tenant via user or admin consent. For more information on consenting to applications, see [User and admin consent](user-admin-consent-overview.md).
 
 ## Prerequisites
 
@@ -53,7 +53,9 @@ Each option generates PowerShell scripts that enable you to control user access
 
 :::zone pivot="aad-powershell"
 
-Using the following Azure AD PowerShell script revokes all permissions granted to an application.
+## Review and revoke permissions
+
+Use the following Azure AD PowerShell script to revoke all permissions granted to an application.
 
 ```powershell
 Connect-AzureAD -Scopes "Application.ReadWrite.All", "Directory.ReadWrite.All", "DelegatedPermissionGrant.ReadWrite.All" "AppRoleAssignment.ReadWrite.All", 
@@ -100,7 +102,9 @@ $assignments | ForEach-Object {
 
 :::zone pivot="ms-powershell"
 
-Using the following Microsoft Graph PowerShell script revokes all permissions granted to an application.
+## Review and revoke permissions
+
+Use the following Microsoft Graph PowerShell script to revoke all permissions granted to an application.
 
 ```powershell
 Connect-MgGraph -Scopes "Application.ReadWrite.All", "Directory.ReadWrite.All", "DelegatedPermissionGrant.ReadWrite.All", "AppRoleAssignment.ReadWrite.All"
@@ -152,9 +156,11 @@ $spApplicationPermissions = Get-MgServicePrincipalAppRoleAssignedTo -ServicePrin
 
 :::zone pivot = "ms-graph"
 
+## Review and revoke permissions
+
 To review permissions, Sign in to [Graph Explorer](https://developer.microsoft.com/graph/graph-explorer) with one of the roles listed in the prerequisite section.
 
-You'll need to consent to the following permissions: 
+You need to consent to the following permissions: 
 
 `Application.ReadWrite.All`, `Directory.ReadWrite.All`, `DelegatedPermissionGrant.ReadWrite.All`, `AppRoleAssignment.ReadWrite.All`.