guids

Cephas Lin · Cephas Lin · commit da2f370978df · 2024-08-08T13:35:41.000+02:00
diff --git a/articles/app-service/configure-authentication-api-version.md b/articles/app-service/configure-authentication-api-version.md
@@ -90,7 +90,7 @@ The following steps will allow you to manually migrate the application to the V2
            "tokenStoreEnabled": true,
            "allowedExternalRedirectUrls": null,
            "defaultProvider": "AzureActiveDirectory",
-           "clientId": "3197c8ed-2470-480a-8fae-58c25558ac9b",
+           "clientId": "00001111-aaaa-2222-bbbb-3333cccc4444",
            "clientSecret": "",
            "clientSecretSettingName": "MICROSOFT_IDENTITY_AUTHENTICATION_SECRET",
            "clientSecretCertificateThumbprint": null,
diff --git a/articles/app-service/configure-authentication-provider-aad.md b/articles/app-service/configure-authentication-provider-aad.md
@@ -259,7 +259,7 @@ Within the API object, the Microsoft Entra identity provider configuration has a
 | `allowedPrincipals`                      | A grouping of checks that determine if the principal represented by the incoming request may access the app. Satisfaction of `allowedPrincipals` is based on a logical `OR` over its configured properties. |
 | `identities` (under `allowedPrincipals`) | An allowlist of string **object IDs** representing users or applications that have access. When this property is configured as a nonempty array, the `allowedPrincipals` requirement can be satisfied if the user or application represented by the request is specified in the list. There's a limit of 500 characters total across the list of identities.<br/><br/>This policy evaluates the `oid` claim of the incoming token. See the [Microsoft identity platform claims reference]. |
 
-Additionally, some checks can be configured through an [application setting], regardless of the API version being used. The `WEBSITE_AUTH_AAD_ALLOWED_TENANTS` application setting can be configured with a comma-separated list of up to 10 tenant IDs (for example, "559a2f9c-c6f2-4d31-b8d6-5ad1a13f8330,5693f64a-3ad5-4be7-b846-e9d1141bcebc") to require that the incoming token is from one of the specified tenants, as specified by the `tid` claim. The `WEBSITE_AUTH_AAD_REQUIRE_CLIENT_SERVICE_PRINCIPAL` application setting can be configured to "true" or "1" to require the incoming token to include an `oid` claim. This setting is ignored and treated as true if `allowedPrincipals.identities` has been configured (since the `oid` claim is checked against this provided list of identities).
+Additionally, some checks can be configured through an [application setting], regardless of the API version being used. The `WEBSITE_AUTH_AAD_ALLOWED_TENANTS` application setting can be configured with a comma-separated list of up to 10 tenant IDs (for example, "aaaabbbb-0000-cccc-1111-dddd2222eeee") to require that the incoming token is from one of the specified tenants, as specified by the `tid` claim. The `WEBSITE_AUTH_AAD_REQUIRE_CLIENT_SERVICE_PRINCIPAL` application setting can be configured to "true" or "1" to require the incoming token to include an `oid` claim. This setting is ignored and treated as true if `allowedPrincipals.identities` has been configured (since the `oid` claim is checked against this provided list of identities).
 
 Requests that fail these built-in checks are given an HTTP `403 Forbidden` response.
 
diff --git a/articles/app-service/includes/tutorial-microsoft-graph-as-app/introduction.md b/articles/app-service/includes/tutorial-microsoft-graph-as-app/introduction.md
@@ -56,7 +56,7 @@ When accessing the Microsoft Graph, the managed identity needs to have proper pe
     # Install-Module Microsoft.Graph -Scope CurrentUser
     
     # The tenant ID
-    $TenantId = "11111111-1111-1111-1111-111111111111"
+    $TenantId = "aaaabbbb-0000-cccc-1111-dddd2222eeee"
     
     # The name of your web app, which has a managed identity.
     $webAppName = "SecureWebApp-20201106120003" 
diff --git a/articles/app-service/overview-managed-identity.md b/articles/app-service/overview-managed-identity.md
@@ -288,7 +288,7 @@ Content-Type: application/json
     "expires_on": "1586984735",
     "resource": "https://vault.azure.net",
     "token_type": "Bearer",
-    "client_id": "5E29463D-71DA-4FE0-8E69-999B57DB23B0"
+    "client_id": "00001111-aaaa-2222-bbbb-3333cccc4444"
 }
 ```
 
diff --git a/articles/app-service/tutorial-connect-msi-sql-database.md b/articles/app-service/tutorial-connect-msi-sql-database.md
@@ -227,8 +227,8 @@ Here's an example of the output:
 <pre>
 {
   "additionalProperties": {},
-  "principalId": "21dfa71c-9e6f-4d17-9e90-1d28801c9735",
-  "tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47",
+  "principalId": "aaaaaaaa-bbbb-cccc-1111-222222222222",
+  "tenantId": "aaaabbbb-0000-cccc-1111-dddd2222eeee",
   "type": "SystemAssigned"
 }
 </pre>

Original file line number	Diff line number	Diff line change
`@@ -288,7 +288,7 @@ Content-Type: application/json`
`288`	`288`	`"expires_on": "1586984735",`
`289`	`289`	`"resource": "https://vault.azure.net",`
`290`	`290`	`"token_type": "Bearer",`
`291`		`- "client_id": "5E29463D-71DA-4FE0-8E69-999B57DB23B0"`
	`291`	`+ "client_id": "00001111-aaaa-2222-bbbb-3333cccc4444"`
`292`	`292`	`}`
`293`	`293`	```
`294`	`294`
Original file line number	Diff line number	Diff line change
`@@ -227,8 +227,8 @@ Here's an example of the output:`
`227`	`227`	`<pre>`
`228`	`228`	`{`
`229`	`229`	`"additionalProperties": {},`
`230`		`- "principalId": "21dfa71c-9e6f-4d17-9e90-1d28801c9735",`
`231`		`- "tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47",`
	`230`	`+ "principalId": "aaaaaaaa-bbbb-cccc-1111-222222222222",`
	`231`	`+ "tenantId": "aaaabbbb-0000-cccc-1111-dddd2222eeee",`
`232`	`232`	`"type": "SystemAssigned"`
`233`	`233`	`}`
`234`	`234`	`</pre>`