Freshness pass

cdpark · cdpark · commit fb7e6e5078f3 · 2023-11-22T14:16:59.000-08:00
diff --git a/articles/deployment-environments/how-to-authenticate.md b/articles/deployment-environments/how-to-authenticate.md
@@ -1,48 +1,46 @@
 ---
 title: Authenticate to Azure Deployment Environments REST APIs
-description: Learn how to authenticate to Azure Deployment Environments REST APIs.
+description: Learn how to authenticate to Azure Deployment Environments REST APIs by using Microsoft Entra ID.
 ms.service: deployment-environments
 ms.custom: ignite-2022, build-2023
 ms.topic: conceptual
 ms.author: chrismiller
 author: chrismiller
-ms.date: 09/07/2023
+ms.date: 11/22/2023
 ---
-# Authenticating to Azure Deployment Environments REST APIs
 
-> [!TIP]
-> Before authenticating, ensure that the user or identity has the appropriate permissions to perform the desired action. For more information, see [configuring project admins](./how-to-configure-project-admin.md) and [configuring environment users](./how-to-configure-deployment-environments-user.md).
+# Authenticate to Azure Deployment Environments REST APIs
 
+> [!TIP]
+> Before authenticating, ensure that the user or identity has the appropriate permissions to perform the desired action. For more information, see [Provide access for dev team leads](./how-to-configure-project-admin.md) and [Provide access for developers](./how-to-configure-deployment-environments-user.md).
 
 <a name='using-azure-ad-authentication-for-rest-apis'></a>
 
-## Using Microsoft Entra authentication for REST APIs
+## Use Microsoft Entra ID authentication for REST APIs
 
-Use the following procedures to authenticate with Microsoft Entra ID. You can follow along in [Azure Cloud Shell](../../articles/cloud-shell/quickstart.md), on an Azure virtual machine, or on your local machine.
+Use the following procedures to access Azure Deployment Environments REST APIs by using Microsoft Entra ID. You can follow along in [Azure Cloud Shell](../../articles/cloud-shell/quickstart.md), on an Azure virtual machine, or on your local machine.
 
-### Sign in to the user's Azure subscription
+### Sign in to your Azure subscription
 
 Start by authenticating with Microsoft Entra ID by using the Azure CLI. This step isn't required in Azure Cloud Shell.
 
 ```azurecli
 az login
 ```
 
-The command opens a browser window to the Microsoft Entra authentication page. It requires you to give your Microsoft Entra user ID and password.
+The command opens a browser window to the Microsoft Azure authentication page, where you can choose an account. The page requires you to give your Microsoft Entra ID username and password.
 
-Next, set the correct subscription context. If you authenticate from an incorrect subscription or tenant you may receive unexpected 403 Forbidden errors.
+Next, set the correct subscription context. If you authenticate from an incorrect subscription or tenant, you might receive unexpected **403 Forbidden** errors.
 
 ```azurecli
 az account set --subscription <subscription_id>
 ```
 
-
 <a name='retrieve-the-azure-ad-access-token'></a>
 
-### Retrieve the Microsoft Entra access token
+### Retrieve the Microsoft Entra ID access token
 
-Use the Azure CLI to acquire an access token for the Microsoft Entra authenticated user.
-Note that the resource ID is different depending on if you are accessing administrator (control plane) APIs or developer (data plane) APIs.
+Use the Azure CLI to acquire an access token for the Microsoft Entra ID authenticated user. The resource ID is different depending on if you access administrator (control plane) APIs or developer (data plane) APIs.
 
 For administrator APIs, use the following command:
 ```azurecli-interactive
@@ -54,7 +52,7 @@ For developer APIs, use the following command:
 az account get-access-token --resource https://devcenter.azure.com
 ```
 
-After authentication is successful, Microsoft Entra ID returns an access token for current Azure subscription:
+After authentication is successful, Microsoft Entra ID returns an access token for the current Azure subscription:
 
 ```json
 {
@@ -66,14 +64,16 @@ After authentication is successful, Microsoft Entra ID returns an access token f
 }
 ```
 
-The token is a Base64 string. The token is valid for at least 5 minutes with the maximum of 90 minutes. The expiresOn defines the actual token expiration time.
+The token is a Base64 string. The token is valid for at least five minutes. The maximum duration is 90 minutes. The `expiresOn` defines the actual token expiration time.
 
 > [!TIP]
-> Developer API tokens for the service are encrypted and cannot be decoded using JWT decoding tools. They can only be processed by the service.
+> Developer API tokens for the service are encrypted and can't be decoded using JWT decoding tools. They can only be processed by the service.
 
 
-### Using a bearer token to access REST APIs
-To access REST APIs, you must set the Authorization header on your request. The header value should be the string `Bearer` followed by a space and the token you received in the previous step.
+### Use a bearer token to access REST APIs
+
+To access REST APIs, you must set the authorization header on your request. The header value should be the string `Bearer` followed by a space and the token you received in the previous step.
 
 ## Next steps
-- Review [Microsoft Entra fundamentals](../../articles/active-directory/fundamentals/whatis.md).
+
+- [Review Microsoft Entra ID fundamentals](../../articles/active-directory/fundamentals/whatis.md)
