Merge pull request #248405 from terencefan/tefa/reformat-webpubsub-aad-docs

Reformat AAD related docs for further rebrand PRs

Author: PMEds28

articles/azure-web-pubsub/concept-azure-ad-authorization.md

@@ -1,6 +1,6 @@
 ---
 title: Authorize access with Azure Active Directory for Azure Web PubSub
-description: This article provides information on authorizing access to Azure Web PubSub Service resources using Azure Active Directory. 
+description: This article provides information on authorizing access to Azure Web PubSub Service resources using Azure Active Directory.
 author: terencefan
 
 ms.author: tefa
@@ -18,7 +18,7 @@ By utilizing role-based access control (RBAC) within Azure AD, permissions can b
 Using Azure AD for authorization of Web PubSub requests offers improved security and ease of use compared to Access Key authorization. Microsoft recommends utilizing Azure AD authorization with Web PubSub resources when possible to ensure access with the minimum necessary privileges.
 
 <a id="security-principal"></a>
-*[1] security principal: a user/resource group, an application, or a service principal such as system-assigned identities and user-assigned identities.*
+_[1] security principal: a user/resource group, an application, or a service principal such as system-assigned identities and user-assigned identities._
 
 ## Overview of Azure AD for Web PubSub
 
@@ -49,49 +49,54 @@ Before assigning an Azure RBAC role to a security principal, it's important to i
 
 You can scope access to Azure SignalR resources at the following levels, beginning with the narrowest scope:
 
-- **An individual resource.** 
+- **An individual resource.**
 
   At this scope, a role assignment applies to only the target resource.
 
-- **A resource group.** 
+- **A resource group.**
 
   At this scope, a role assignment applies to all of the resources in the resource group.
 
 - **A subscription.**
 
   At this scope, a role assignment applies to all of the resources in all of the resource groups in the subscription.
 
-- **A management group.** 
+- **A management group.**
 
   At this scope, a role assignment applies to all of the resources in all of the resource groups in all of the subscriptions in the management group.
 
 ## Azure built-in roles for Web PubSub resources.
 
 - `Web PubSub Service Owner`
 
-	Full access to data-plane permissions, including read/write REST APIs and Auth APIs.
+  Full access to data-plane permissions, including read/write REST APIs and Auth APIs.
 
-	This role is the most common used for building an upstream server.
+  This role is the most common used for building an upstream server.
 
 - `Web PubSub Service Reader`
 
-	Use to grant read-only REST APIs permissions to Web PubSub resources.
+  Use to grant read-only REST APIs permissions to Web PubSub resources.
 
-	It's used when you'd like to write a monitoring tool that calling **ONLY** Web PubSub data-plane **READONLY** REST APIs.
+  It's used when you'd like to write a monitoring tool that calling **ONLY** Web PubSub data-plane **READONLY** REST APIs.
 
 ## Next steps
 
 To learn how to create an Azure application and use Azure AD auth, see
+
 - [Authorize request to Web PubSub resources with Azure AD from Azure applications](howto-authorize-from-application.md)
 
 To learn how to configure a managed identity and use Azure AD auth, see
+
 - [Authorize request to Web PubSub resources with Azure AD from managed identities](howto-authorize-from-managed-identity.md)
 
-To learn more about roles and role assignments, see 
+To learn more about roles and role assignments, see
+
 - [What is Azure role-based access control](../role-based-access-control/overview.md)
 
-To learn how to create custom roles, see 
+To learn how to create custom roles, see
+
 - [Steps to create a custom role](../role-based-access-control/custom-roles.md#steps-to-create-a-custom-role)
 
 To learn how to use only Azure AD authentication, see
-- [Disable local authentication](./howto-disable-local-auth.md)
+
+- [Disable local authentication](./howto-disable-local-auth.md)

articles/azure-web-pubsub/concept-service-internals.md

@@ -11,7 +11,7 @@ ms.topic: conceptual
 
 # Authorize request to Web PubSub resources with Azure AD from Azure applications
 
-Azure Web PubSub Service supports Azure Active Directory (Azure AD) authorizing requests from [Azure applications](../active-directory/develop/app-objects-and-service-principals.md). 
+Azure Web PubSub Service supports Azure Active Directory (Azure AD) authorizing requests from [Azure applications](../active-directory/develop/app-objects-and-service-principals.md).
 
 This article shows how to configure your Web PubSub resource and codes to authorize the request to a Web PubSub resource from an Azure application.
 
@@ -23,7 +23,7 @@ The first step is to register an Azure application.
 2. Under **Manage** section, select **App registrations**.
 3. Click **New registration**.
 
-    ![Screenshot of registering an application.](./media/howto-authorize-from-application/register-an-application.png)
+   ![Screenshot of registering an application.](./media/howto-authorize-from-application/register-an-application.png)
 
 4. Enter a display **Name** for your application.
 5. Click **Register** to confirm the register.
@@ -33,6 +33,7 @@ Once you have your application registered, you can find the **Application (clien
 ![Screenshot of an application.](./media/howto-authorize-from-application/application-overview.png)
 
 To learn more about registering an application, see
+
 - [Quickstart: Register an application with the Microsoft identity platform](../active-directory/develop/quickstart-register-app.md).
 
 ## Add credentials
@@ -45,11 +46,12 @@ The application requires a client secret to prove its identity when requesting a
 
 1. Under **Manage** section, select **Certificates & secrets**
 1. On the **Client secrets** tab, click **New client secret**.
-![Screenshot of creating a client secret.](./media/howto-authorize-from-application/new-client-secret.png)
+   ![Screenshot of creating a client secret.](./media/howto-authorize-from-application/new-client-secret.png)
 1. Enter a **description** for the client secret, and choose a **expire time**.
-1. Copy the value of the **client secret** and then paste it to a secure location. 
-    > [!NOTE]
-    > The secret will display only once.
+1. Copy the value of the **client secret** and then paste it to a secure location.
+   > [!NOTE]
+   > The secret will display only once.
+
 ### Certificate
 
 You can also upload a certification instead of creating a client secret.
@@ -62,10 +64,11 @@ To learn more about adding credentials, see
 
 ## Add role assignments on Azure portal
 
-This sample shows how to assign a `Web PubSub Service Owner` role to a service principal (application) over a Web PubSub resource. 
+This sample shows how to assign a `Web PubSub Service Owner` role to a service principal (application) over a Web PubSub resource.
 
 > [!Note]
 > A role can be assigned to any scope, including management group, subscription, resource group or a single resource. To learn more about scope, see [Understand scope for Azure RBAC](../role-based-access-control/scope-overview.md)
+
 1. On the [Azure portal](https://portal.azure.com/), navigate to your Web PubSub resource.
 
 1. Click **Access Control (IAM)** to display access control settings for the Azure Web PubSub.
@@ -88,26 +91,28 @@ This sample shows how to assign a `Web PubSub Service Owner` role to a service p
 
 1. Click **Select Members**
 
-3. Search for and select the application that you would like to assign the role to.
+1. Search for and select the application that you would like to assign the role to.
 
 1. Click **Select** to confirm the selection.
 
-4. Click **Next**.
+1. Click **Next**.
 
    ![Screenshot of assigning role to service principals.](./media/howto-authorize-from-application/assign-role-to-service-principals.png)
 
-5. Click **Review + assign** to confirm the change.
+1. Click **Review + assign** to confirm the change.
 
 > [!IMPORTANT]
 > Azure role assignments may take up to 30 minutes to propagate.
-To learn more about how to assign and manage Azure role assignments, see these articles:
+> To learn more about how to assign and manage Azure role assignments, see these articles:
+
 - [Assign Azure roles using the Azure portal](../role-based-access-control/role-assignments-portal.md)
 - [Assign Azure roles using the REST API](../role-based-access-control/role-assignments-rest.md)
 - [Assign Azure roles using Azure PowerShell](../role-based-access-control/role-assignments-powershell.md)
 - [Assign Azure roles using Azure CLI](../role-based-access-control/role-assignments-cli.md)
 - [Assign Azure roles using Azure Resource Manager templates](../role-based-access-control/role-assignments-template.md)
 
 ## Use Postman to get the Azure AD token
+
 1. Launch Postman
 
 2. For the method, select **GET**.
@@ -119,15 +124,15 @@ To learn more about how to assign and manage Azure role assignments, see these a
 ![Screenshot of the basic info using postman to get the token.](./media/howto-authorize-from-application/get-azure-ad-token-using-postman.png)
 
 5. Switch to the **Body** tab, and add the following keys and values.
-    1. Select **x-www-form-urlencoded**.
-    2. Add `grant_type` key, and type `client_credentials` for the value.
-    3. Add `client_id` key, and paste the value of **Application (client) ID** in the **Overview** tab of the application you created earlier.
-    4. Add `client_secret` key, and paste the value of client secret you noted down earlier.
-    5. Add `resource` key, and type `https://webpubsub.azure.com` for the value.
+   1. Select **x-www-form-urlencoded**.
+   2. Add `grant_type` key, and type `client_credentials` for the value.
+   3. Add `client_id` key, and paste the value of **Application (client) ID** in the **Overview** tab of the application you created earlier.
+   4. Add `client_secret` key, and paste the value of client secret you noted down earlier.
+   5. Add `resource` key, and type `https://webpubsub.azure.com` for the value.
 
 ![Screenshot of the body parameters when using postman to get the token.](./media/howto-authorize-from-application/get-azure-ad-token-using-postman-body.png)
 
-6. Select **Send** to send the request to get the token. You see the token in the `access_token` field. 
+6. Select **Send** to send the request to get the token. You see the token in the `access_token` field.
 
 ![Screenshot of the response token when using postman to get the token.](./media/howto-authorize-from-application/get-azure-ad-token-using-postman-response.png)
 
@@ -146,4 +151,4 @@ See the following related articles:
 
 - [Overview of Azure AD for Web PubSub](concept-azure-ad-authorization.md)
 - [Authorize request to Web PubSub resources with Azure AD from managed identities](howto-authorize-from-managed-identity.md)
-- [Disable local authentication](./howto-disable-local-auth.md)
+- [Disable local authentication](./howto-disable-local-auth.md)

articles/azure-web-pubsub/howto-authorize-from-application.md

@@ -10,7 +10,8 @@ ms.topic: conceptual
 ---
 
 # Authorize request to Web PubSub resources with Azure AD from managed identities
-Azure Web PubSub Service supports Azure Active Directory (Azure AD) authorizing requests from [Managed identities for Azure resources](../active-directory/managed-identities-azure-resources/overview.md). 
+
+Azure Web PubSub Service supports Azure Active Directory (Azure AD) authorizing requests from [Managed identities for Azure resources](../active-directory/managed-identities-azure-resources/overview.md).
 
 This article shows how to configure your Web PubSub resource and codes to authorize the request to a Web PubSub resource from a managed identity.
 
@@ -27,6 +28,7 @@ This is an example for configuring `System-assigned managed identity` on a `Virt
 1. Click the **Save** button to confirm the change.
 
 ### How to create user-assigned managed identities
+
 - [Create a user-assigned managed identity](../active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities.md#create-a-user-assigned-managed-identity)
 
 ### How to configure managed identities on other platforms
@@ -41,12 +43,13 @@ This is an example for configuring `System-assigned managed identity` on a `Virt
 
 - [How to use managed identities for App Service and Azure Functions](../app-service/overview-managed-identity.md).
 
-## Add role assignments on Azure portal  
+## Add role assignments on Azure portal
 
-This sample shows how to assign a `Web PubSub Service Owner` role to a system-assigned identity over a Web PubSub resource. 
+This sample shows how to assign a `Web PubSub Service Owner` role to a system-assigned identity over a Web PubSub resource.
 
 > [!Note]
 > A role can be assigned to any scope, including management group, subscription, resource group or a single resource. To learn more about scope, see [Understand scope for Azure RBAC](../role-based-access-control/scope-overview.md)
+
 1. Open [Azure portal](https://portal.azure.com/), navigate to your Web PubSub resource.
 
 1. Click **Access Control (IAM)** to display access control settings for the Azure Web PubSub.
@@ -77,15 +80,16 @@ This sample shows how to assign a `Web PubSub Service Owner` role to a system-as
 
 1. Click **Select** to confirm the selection.
 
-2. Click **Next**.
+1. Click **Next**.
 
    ![Screenshot of assigning role to managed identities.](./media/howto-authorize-from-managed-identity/assign-role-to-managed-identities.png)
 
-3. Click **Review + assign** to confirm the change.
+1. Click **Review + assign** to confirm the change.
 
 > [!IMPORTANT]
 > Azure role assignments may take up to 30 minutes to propagate.
-To learn more about how to assign and manage Azure role assignments, see these articles:
+> To learn more about how to assign and manage Azure role assignments, see these articles:
+
 - [Assign Azure roles using the Azure portal](../role-based-access-control/role-assignments-portal.md)
 - [Assign Azure roles using the REST API](../role-based-access-control/role-assignments-rest.md)
 - [Assign Azure roles using Azure PowerShell](../role-based-access-control/role-assignments-powershell.md)
@@ -107,4 +111,4 @@ See the following related articles:
 
 - [Overview of Azure AD for Web PubSub](concept-azure-ad-authorization.md)
 - [Authorize request to Web PubSub resources with Azure AD from Azure applications](howto-authorize-from-application.md)
-- [Disable local authentication](./howto-disable-local-auth.md)
+- [Disable local authentication](./howto-disable-local-auth.md)

articles/azure-web-pubsub/howto-authorize-from-managed-identity.md

@@ -48,58 +48,58 @@ This how-to guide shows you how to create a `WebPubSubServiceClient` with Java a
 
 1. Create a `TokenCredential` with Azure Identity SDK.
 
-    ```java
-    package com.webpubsub.tutorial;
+   ```java
+   package com.webpubsub.tutorial;
 
-    import com.azure.core.credential.TokenCredential;
-    import com.azure.identity.DefaultAzureCredentialBuilder;
+   import com.azure.core.credential.TokenCredential;
+   import com.azure.identity.DefaultAzureCredentialBuilder;
 
-    public class App {
+   public class App {
 
-        public static void main(String[] args) {
-            TokenCredential credential = new DefaultAzureCredentialBuilder().build();
-        }
-    }
-    ```
+       public static void main(String[] args) {
+           TokenCredential credential = new DefaultAzureCredentialBuilder().build();
+       }
+   }
+   ```
 
-    `credential` can be any class that inherits from `TokenCredential` class.
+   `credential` can be any class that inherits from `TokenCredential` class.
 
-    - EnvironmentCredential
-    - ClientSecretCredential
-    - ClientCertificateCredential
-    - ManagedIdentityCredential
-    - VisualStudioCredential
-    - VisualStudioCodeCredential
-    - AzureCliCredential
+   - EnvironmentCredential
+   - ClientSecretCredential
+   - ClientCertificateCredential
+   - ManagedIdentityCredential
+   - VisualStudioCredential
+   - VisualStudioCodeCredential
+   - AzureCliCredential
 
-    To learn more, see [Azure Identity client library for Java](/java/api/overview/azure/identity-readme)
+   To learn more, see [Azure Identity client library for Java](/java/api/overview/azure/identity-readme)
 
-2. Then create a `client` with `endpoint`, `hub`, and `credential`. 
+2. Then create a `client` with `endpoint`, `hub`, and `credential`.
 
-    ```Java
-    package com.webpubsub.tutorial;
+   ```Java
+   package com.webpubsub.tutorial;
 
-    import com.azure.core.credential.TokenCredential;
-    import com.azure.identity.DefaultAzureCredentialBuilder;
-    import com.azure.messaging.webpubsub.WebPubSubServiceClient;
-    import com.azure.messaging.webpubsub.WebPubSubServiceClientBuilder;
+   import com.azure.core.credential.TokenCredential;
+   import com.azure.identity.DefaultAzureCredentialBuilder;
+   import com.azure.messaging.webpubsub.WebPubSubServiceClient;
+   import com.azure.messaging.webpubsub.WebPubSubServiceClientBuilder;
 
-    public class App {
-        public static void main(String[] args) {
+   public class App {
+       public static void main(String[] args) {
 
-            TokenCredential credential = new DefaultAzureCredentialBuilder().build();
+           TokenCredential credential = new DefaultAzureCredentialBuilder().build();
 
-            // create the service client
-            WebPubSubServiceClient client = new WebPubSubServiceClientBuilder()
-                    .endpoint("<endpoint>")
-                    .credential(credential)
-                    .hub("<hub>")
-                    .buildClient();
-        }
-    }
-    ```
+           // create the service client
+           WebPubSubServiceClient client = new WebPubSubServiceClientBuilder()
+                   .endpoint("<endpoint>")
+                   .credential(credential)
+                   .hub("<hub>")
+                   .buildClient();
+       }
+   }
+   ```
 
-    Learn how to use this client, see [Azure Web PubSub service client library for Java](/java/api/overview/azure/messaging-webpubsub-readme)
+   Learn how to use this client, see [Azure Web PubSub service client library for Java](/java/api/overview/azure/messaging-webpubsub-readme)
 
 ## Complete sample