MicrosoftDocs
diff --git a/‎articles/active-directory/develop/includes/web-api/quickstart-aspnet-core.md
Lines changed: 68 additions & 24 deletions b/‎articles/active-directory/develop/includes/web-api/quickstart-aspnet-core.md
Lines changed: 68 additions & 24 deletions
diff --git a/‎articles/active-directory/develop/includes/web-api/quickstart-dotnet-native-aspnet.md
Lines changed: 7 additions & 7 deletions b/‎articles/active-directory/develop/includes/web-api/quickstart-dotnet-native-aspnet.md
Lines changed: 7 additions & 7 deletions
diff --git a/‎articles/active-directory/develop/scenario-desktop-acquire-token-wam.md
Lines changed: 5 additions & 7 deletions b/‎articles/active-directory/develop/scenario-desktop-acquire-token-wam.md
Lines changed: 5 additions & 7 deletions
@@ -8,31 +8,30 @@ ms.service: active-directory
 ms.subservice: develop
 ms.topic: include
 ms.workload: identity
-ms.date: 01/11/2022
+ms.date: 12/09/2022
 ms.author: jmprieur
-ms.custom: devx-track-csharp, "scenarios:getting-started", "languages:aspnet-core", mode-api
+ms.custom: devx-track-csharp, "scenarios:getting-started", "languages:aspnet-core", mode-api, engagement-fy23
 #Customer intent: As an application developer, I want to know how to write an ASP.NET Core web API that uses the Microsoft identity platform to authorize API requests from clients.
 ---
 
-In this quickstart, you download an ASP.NET Core web API code sample and review the way it restricts resource access to authorized accounts only. The sample supports authorization of personal Microsoft accounts and accounts in any Azure Active Directory (Azure AD) organization.
-
+The following quickstart uses a ASP.NET Core web API code sample to demonstrate how to restrict resource access to authorized accounts. The sample supports authorization of personal Microsoft accounts and accounts in any Azure Active Directory (Azure AD) organization.
 
 ## Prerequisites
 
 - Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
 - [Azure Active Directory tenant](../../quickstart-create-new-tenant.md)
-- [.NET Core SDK 3.1+](https://dotnet.microsoft.com/)
-- [Visual Studio 2019](https://visualstudio.microsoft.com/vs/) or [Visual Studio Code](https://code.visualstudio.com/)
+- [.NET Core SDK 6.0+](https://dotnet.microsoft.com/)
+- [Visual Studio 2022](https://visualstudio.microsoft.com/vs/) or [Visual Studio Code](https://code.visualstudio.com/)
 
 ## Step 1: Register the application
 
 First, register the web API in your Azure AD tenant and add a scope by following these steps:
 
 1. Sign in to the [Azure portal](https://portal.azure.com/).
-1. If you have access to multiple tenants, use the **Directories + subscriptions** filter :::image type="icon" source="./../../media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant in which you want to register the application.
+1. If access to multiple tenants is available, use the **Directories + subscriptions** filter :::image type="icon" source="../../media/common/portal-directory-subscription-filter.png" border="false"::: in the top menu to switch to the tenant in which to register the application.
 1. Search for and select **Azure Active Directory**.
 1. Under **Manage**, select **App registrations** > **New registration**.
-1. For **Name**, enter a name for your application. For example, enter **AspNetCoreWebApi-Quickstart**. Users of your app will see this name, and you can change it later.
+1. For **Name**, enter a name for the application. For example, enter **AspNetCoreWebApi-Quickstart**. Users of the app will see this name, and can be changed later.
 1. Select **Register**.
 1. Under **Manage**, select **Expose an API** > **Add a scope**. For **Application ID URI**, accept the default by selecting **Save and continue**, and then enter the following details:
    - **Scope name**: `access_as_user`
@@ -48,33 +47,78 @@ First, register the web API in your Azure AD tenant and add a scope by following
 
 [Download the ASP.NET Core solution](https://github.com/Azure-Samples/active-directory-dotnet-native-aspnetcore-v2/archive/aspnetcore3-1.zip) from GitHub.
 
-[!INCLUDE [active-directory-develop-path-length-tip](../../../../../includes/active-directory-develop-path-length-tip.md)]
-
+> [!Note]
+> The code sample currently targets ASP.NET Core 3.1. The sample can be updated to use .NET Core 6.0 and is covered in the following steps: [Update the sample code to ASP.NET Core 6.0](#step-4-update-the-sample-code-to-aspnet-core-60)
+This quickstart will be deprecated in the near future and will be updated to use .NET 6.0. 
 
 ## Step 3: Configure the ASP.NET Core project
 
-In this step, configure the sample code to work with the app registration that you created earlier.
-
-1. Extract the .zip archive into a folder near the root of your drive. For example, extract into *C:\Azure-Samples*.
+In this step, the sample code will be configured to work with the app registration that was created earlier.
 
-   We recommend extracting the archive into a directory near the root of your drive to avoid errors caused by path length limitations on Windows.
+1. Extract the *.zip* file to a local folder that's close to the root of the disk to avoid errors caused by path length limitations on Windows. For example, extract to *C:\Azure-Samples*.
 
-1. Open the solution in the *webapi* folder in your code editor.
-1. Open the *appsettings.json* file and modify the following code:
+1. Open the solution in the *webapp* folder in your code editor.
+1. In *appsettings.json*, replace the values of `ClientId`, and `TenantId`. The value for the application (client) ID and the directory (tenant) ID, can be found in the app's **Overview** page on the Azure portal.
 
    ```json
    "ClientId": "Enter_the_Application_Id_here",
    "TenantId": "Enter_the_Tenant_Info_Here"
    ```
 
-   - Replace `Enter_the_Application_Id_here` with the application (client) ID of the application that you registered in the Azure portal. You can find the application (client) ID on the app's **Overview** page.
+   - `Enter_the_Application_Id_Here` is the application (client) ID for the registered application.
    - Replace `Enter_the_Tenant_Info_Here` with one of the following:
-      - If your application supports **Accounts in this organizational directory only**, replace this value with the directory (tenant) ID (a GUID) or tenant name (for example, `contoso.onmicrosoft.com`). You can find the directory (tenant) ID on the app's **Overview** page.
-      - If your application supports **Accounts in any organizational directory**, replace this value with `organizations`.
-      - If your application supports **All Microsoft account users**, leave this value as `common`.
+      - If the application supports **Accounts in this organizational directory only**, replace this value with the directory (tenant) ID (a GUID) or tenant name (for example, `contoso.onmicrosoft.com`). The directory (tenant) ID can be found on the app's **Overview** page.
+      - If the application supports **Accounts in any organizational directory**, replace this value with `organizations`.
+      - If the application supports **All Microsoft account users**, leave this value as `common`.
 
 For this quickstart, don't change any other values in the *appsettings.json* file.
 
+### Step 4: Update the sample code to ASP.NET Core 6.0
+
+To update this code sample to target ASP.NET Core 6.0, follow these steps:
+
+1. Open webapi.csproj
+1. Remove the following line:
+
+    ```xml
+   <TargetFramework>netcoreapp3.1</TargetFramework>
+   ```
+
+1. Add the following line in its place:
+
+   ```xml
+   <TargetFramework>netcoreapp6.0</TargetFramework>
+   ```
+
+This step will ensure that the sample is targeting .NET 6.0.
+
+### Step 5: Run the sample
+
+1. Open a terminal and change directory to the project folder.
+
+    ```powershell
+    cd webapi
+    ```
+
+1. Run the following command to build the solution:
+
+   ```powershell
+   dotnet run
+   ```
+
+If the build has been successful, the following output is displayed:
+
+```powershell
+Building...
+info: Microsoft.Hosting.Lifetime[0]
+    Now listening on: https://localhost:{port}
+info: Microsoft.Hosting.Lifetime[0]
+    Now listening on: http://localhost:{port}
+info: Microsoft.Hosting.Lifetime[0]
+    Application started. Press Ctrl+C to shut down.
+...
+```
+
 ## How the sample works
 
 The web API receives a token from a client application, and the code in the web API validates the token. This scenario is explained in more detail in [Scenario: Protected web API](../../scenario-protected-web-api-overview.md).
@@ -93,13 +137,13 @@ The *Microsoft.AspNetCore.Authentication* middleware uses a `Startup` class that
 
 The `AddAuthentication()` method configures the service to add JwtBearer-based authentication.
 
-The line that contains `.AddMicrosoftIdentityWebApi` adds the Microsoft identity platform authorization to your web API. It's then configured to validate access tokens issued by the Microsoft identity platform based on the information in the `AzureAD` section of the *appsettings.json* configuration file:
+The line that contains `.AddMicrosoftIdentityWebApi` adds the Microsoft identity platform authorization to the web API. It's then configured to validate access tokens issued by the Microsoft identity platform based on the information in the `AzureAD` section of the *appsettings.json* configuration file:
 
 | *appsettings.json* key | Description                                                                                                                                                          |
 |------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------|
 | `ClientId`             | Application (client) ID of the application registered in the Azure portal.                                                                                       |
 | `Instance`             | Security token service (STS) endpoint for the user to authenticate. This value is typically `https://login.microsoftonline.com/`, indicating the Azure public cloud. |
-| `TenantId`             | Name of your tenant or its tenant ID (a GUID), or `common` to sign in users with work or school accounts or Microsoft personal accounts.                             |
+| `TenantId`             | Name of the tenant or its tenant ID (a GUID), or `common` to sign in users with work or school accounts or Microsoft personal accounts.                             |
 
 The `Configure()` method contains two important methods, `app.UseAuthentication()` and `app.UseAuthorization()`, that enable their named functionality:
 
@@ -116,7 +160,7 @@ public void Configure(IApplicationBuilder app, IHostingEnvironment env)
 
 ### Protecting a controller, a controller's method, or a Razor page
 
-You can protect a controller or controller methods by using the `[Authorize]` attribute. This attribute restricts access to the controller or methods by allowing only authenticated users. An authentication challenge can be started to access the controller if the user isn't authenticated.
+ A controller or controller methods can be protected by using the `[Authorize]` attribute. This attribute restricts access to the controller or methods by allowing only authenticated users. An authentication challenge can be started to access the controller if the user isn't authenticated.
 
 ```csharp
 namespace webapi.Controllers
@@ -157,7 +201,7 @@ namespace webapi.Controllers
 
 ## Next steps
 
-The GitHub repository that contains this ASP.NET Core web API code sample includes instructions and more code samples that show you how to:
+The following GitHub repository contains the ASP.NET Core web API code sample instructions and more samples that show how to achieve the following:
 
 - Add authentication to a new ASP.NET Core web API.
 - Call the web API from a desktop application.
 
@@ -8,24 +8,24 @@ ms.service: active-directory
 ms.subservice: develop
 ms.topic: include
 ms.workload: identity
-ms.date: 01/11/2022
+ms.date: 12/09/2022
 ms.author: jmprieur
-ms.custom: devx-track-csharp, aaddev, identityplatformtop40, "scenarios:getting-started", "languages:ASP.NET", mode-api
+ms.custom: devx-track-csharp, aaddev, identityplatformtop40, "scenarios:getting-started", "languages:ASP.NET", mode-api, engagement-fy23
 #Customer intent: As an application developer, I want to know how to set up OpenId Connect authentication in a web application that's built by using Node.js with Express.
 ---
 
-In this quickstart, you download and run a code sample that demonstrates how to protect an ASP.NET web API by restricting access to its resources to authorized accounts only. The sample supports authorization of personal Microsoft accounts and accounts in any Azure Active Directory (Azure AD) organization.
+The following quickstart uses quickstart, uses a code sample that demonstrates how to protect an ASP.NET web API by restricting access to its resources to authorized accounts only. The sample supports authorization of personal Microsoft accounts and accounts in any Azure Active Directory (Azure AD) organization.
 
-The article also uses a Windows Presentation Foundation (WPF) app to demonstrate how you can request an access token to access a web API.
+The article also uses a Windows Presentation Foundation (WPF) app to demonstrate how to request an access token to access a web API.
 
 ## Prerequisites
 
 * An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
-* Visual Studio 2017 or 2019. Download [Visual Studio for free](https://www.visualstudio.com/downloads/).
+* Visual Studio 2022. Download [Visual Studio for free](https://www.visualstudio.com/downloads/).
 
 ## Clone or download the sample
 
-You can obtain the sample in either of two ways:
+The code sample can be obtained in two ways:
 
 * Clone it from your shell or command line:
 
@@ -127,7 +127,7 @@ Configure your TodoListClient project by adding the Application ID to the *app.c
 
 ## Run your projects
 
-Start both projects. If you are using Visual Studio:
+Start both projects. For Visual Studio users;
 
 1. Right click on the Visual Studio solution and select **Properties**
 
 
@@ -9,7 +9,7 @@ ms.service: active-directory
 ms.subservice: develop
 ms.topic: conceptual
 ms.workload: identity
-ms.date: 06/07/2022
+ms.date: 12/14/2022
 ms.author: dmwendia
 ms.custom: aaddev, devx-track-python
 #Customer intent: As an application developer, I want to know how to write a desktop app that calls web APIs by using the Microsoft identity platform.
@@ -21,11 +21,9 @@ MSAL is able to call Web Account Manager, a Windows 10 component that ships with
 
 ## Availability
 
-MSAL 4.25+ supports WAM on UWP, .NET Classic, .NET Core 3.1, and .NET 5.
+MSAL 4.25+ supports WAM on UWP, and .NET 5.
 
-For .NET Classic and .NET Core 3.1, WAM functionality is fully supported but you have to add a reference to [Microsoft.Identity.Client.Desktop](https://www.nuget.org/packages/Microsoft.Identity.Client.Desktop/) package, alongside MSAL, and instead of `WithBroker()`, call `.WithWindowsBroker()`.
-
-For .NET 5, target `net5.0-windows10.0.17763.0` (or higher) and not just `net5.0`. Your app will still run on older versions of Windows if you add `<SupportedOSPlatformVersion>7</SupportedOSPlatformVersion>` in the csproj. MSAL will use a browser when WAM isn't available.
+For .NET 5, target `net5.0-windows10.0.17763.0` (or higher) and not just `net5.0`. Your app will still run on older versions of Windows if you add `<SupportedOSPlatformVersion>7</SupportedOSPlatformVersion>` in the *.csproj* file. MSAL will use a browser when WAM isn't available.
 
 ## WAM value proposition
 
@@ -78,7 +76,7 @@ catch (MsalUiRequiredException) // no change in the pattern
 }
 ```
 
-Call `.WithBroker(true)`. If a broker isn't present (for example, Win8.1, Mac, or Linux), then MSAL will fall back to a browser. Redirect URI rules apply to the browser.
+Call `.WithBroker(true)`. If a broker isn't present (for example, Win8.1, Mac, or Linux), then MSAL will fall back to a browser, where redirect URI rules apply.
 
 ## Redirect URI
 
@@ -131,7 +129,7 @@ Applications cannot remove accounts from Windows!
 - Removes app-only (not OS-wide) accounts.
 
 >[!NOTE]
-> Apps cannot remove OS accounts. Only users can do that. If an OS account is passed into `RemoveAsync`, and then `GetAccounts` is called with `ListWindowsWorkAndSchoolAccounts` enabled - the same OS account will still be returned.
+> Ony users can remove OS accounts, whereas apps themselves cannot. If an OS account is passed into `RemoveAsync`, and then `GetAccounts` is called with `ListWindowsWorkAndSchoolAccounts` enabled, the same OS accounts will still be returned.
 
 ## Other considerations