Merge pull request #119902 from reginayap8/reyap/wechat

Imrove WeChat Documentation with Steps

Author: ShannonLeavitt

articles/active-directory-b2c/identity-provider-wechat.md

@@ -25,18 +25,21 @@ zone_pivot_groups: b2c-policy-type
 ## Prerequisites
 
 [!INCLUDE [active-directory-b2c-customization-prerequisites](../../includes/active-directory-b2c-customization-prerequisites.md)]
+* Get an approved Weixin Open Platform account at [https://kf.qq.com](https://kf.qq.com/faq/161220Brem2Q161220uUjERB.html).
+* Get an approved application on Weixin Open Platform.
 
 ## Create a WeChat application
 
-To enable sign-in for users with a WeChat account in Azure Active Directory B2C (Azure AD B2C), you need to create an application in [WeChat management center](https://open.weixin.qq.com/). If you don't already have a WeChat account, you can get information at [https://kf.qq.com](https://kf.qq.com/faq/161220Brem2Q161220uUjERB.html).
+To enable sign-in for users with a WeChat account in Azure Active Directory B2C (Azure AD B2C), you need to create an application in [WeChat management center](https://open.weixin.qq.com/). If you don't already have a Weixin Open Platform account, you can get information at [https://kf.qq.com](https://kf.qq.com/faq/161220Brem2Q161220uUjERB.html). The Weixin Open Platform account and application must be approved to link WeChat as an identity provider to your user flow.
 
 ### Register a WeChat application
 
 1. Sign in to [https://open.weixin.qq.com/](https://open.weixin.qq.com/) with your WeChat credentials.
 1. Select **管理中心** (management center).
 1. Follow the steps to register a new application.
-1. For the **授权回调域** (callback URL), enter `https://your-tenant-name.b2clogin.com/your-tenant-name.onmicrosoft.com/oauth2/authresp`. If you use a [custom domain](custom-domain.md), enter `https://your-domain-name/your-tenant-name.onmicrosoft.com/oauth2/authresp`. Replace `your-tenant-name` with the name of your tenant, and `your-domain-name` with your custom domain.
-1. Copy the **APP ID** and **APP KEY**. You need both of them to configure the identity provider to your tenant.
+1. In the **Development information** section, set the "Authorization callback domain" to `your-tenant-name.b2clogin.com`.
+1. Ensure that the application status is "Approved".
+1. At the top of **Application details**, copy the **APP ID** and **APP KEY**. You need both of them to configure the identity provider to your tenant.
 
 ::: zone pivot="b2c-user-flow"
 
@@ -51,12 +54,17 @@ To enable sign-in for users with a WeChat account in Azure Active Directory B2C
 1. For the **Client secret**, enter the APP KEY that you recorded.
 1. Select **Save**.
 
+    :::image type="content" source="media/identity-provider-azure-ad-b2c/wechat-client-configuration.png" alt-text="Screenshot that shows the Configure social identity provider window, with completed form fields for social identity provider name, WeChat client ID, and app secret." lightbox="media/identity-provider-azure-ad-b2c/wechat-client-configuration.png":::
+
 ## Add WeChat identity provider to a user flow 
 
 1. In your Azure AD B2C tenant, select **User flows**.
 1. Click the user flow that you want to add the WeChat identity provider.
 1. Under the **Social identity providers**, select **WeChat**.
 1. Select **Save**.
+
+   :::image type="content" source="media/identity-provider-azure-ad-b2c/link-wechat-identity-provider.png" alt-text="Screenshot showing WeChat as a selected identity provider in the Identity Providers section." lightbox="media/identity-provider-azure-ad-b2c/link-wechat-identity-provider.png":::
+
 1. To test your policy, select **Run user flow**.
 1. For **Application**, select the web application named *testapp1* that you previously registered. The **Reply URL** should show `https://jwt.ms`.
 1. Select the **Run user flow** button.