addressed acrolinx

diannegali · diannegali · commit 259f87b29d64 · 2025-04-18T16:00:18.000+01:00
diff --git a/defender-xdr/api-create-app-web.md b/defender-xdr/api-create-app-web.md
@@ -28,15 +28,15 @@ appliesto:
 [!INCLUDE [Microsoft Defender XDR rebranding](../includes/microsoft-defender.md)]
 
 > [!IMPORTANT]
-> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+> Some information relates to prereleased product which may be substantially modified before its general availability. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 This page describes how to create an application to get programmatic access to Microsoft Defender XDR without a defined user—for example, if you're creating a daemon or background service.
 
 If you need programmatic access to Microsoft Defender XDR on behalf of one or more users, see [Create an app to access Microsoft Defender XDR APIs on behalf of a user](api-create-app-user-context.md) and [Create an app with partner access to Microsoft Defender XDR APIs](api-partner-access.md). If you're not sure which kind of access you need, see [Get started](api-access.md).
 
 Microsoft Defender XDR exposes much of its data and actions through a set of programmatic APIs. Those APIs help you automate workflows and make use of Microsoft Defender XDR's capabilities. This API access requires OAuth2.0 authentication. For more information, see [OAuth 2.0 Authorization Code Flow](/azure/active-directory/develop/active-directory-v2-protocols-oauth-code).
 
-In general, you'll need to take the following steps to use these APIs:
+In general, you need to take the following steps to use these APIs:
 
 - Create a Microsoft Entra application.
 - Get an access token using this application.
@@ -61,7 +61,7 @@ This article explains how to:
 4. On your application page, select **API Permissions** > **Add permission** > **APIs my organization uses** >, type **Microsoft Threat Protection**, and select **Microsoft Threat Protection**. Your app can now access Microsoft Defender XDR.
 
    > [!TIP]
-   > *Microsoft Threat Protection* is a former name for Microsoft Defender XDR, and will not appear in the original list. You need to start writing its name in the text box to see it appear.
+   > *Microsoft Threat Protection* is a former name for Microsoft Defender XDR, and doesn't appear in the original list. You need to start writing its name in the text box to see it appear.
 
    :::image type="content" source="/defender/media/apis-in-my-org-tab.PNG" alt-text="The organization's APIs usage tab in the Microsoft Defender portal" lightbox="/defender/media/apis-in-my-org-tab.PNG":::
 
@@ -70,7 +70,7 @@ This article explains how to:
    :::image type="content" source="/defender/media/request-api-permissions.PNG" alt-text="The application permission pane in the Microsoft Defender portal" lightbox="/defender/media/request-api-permissions.PNG":::
 
     > [!NOTE]
-    > You need to select the relevant permissions for your scenario. *Read all incidents* is just an example. To determine which permission you need, please look at the **Permissions** section in the API you want to call.
+    > You need to select the relevant permissions for your scenario. *Read all incidents* is just an example. To determine which permission you need, check the **Permissions** section in the API you want to call.
     >
     > For instance, to [run advanced queries](api-advanced-hunting.md), select the 'Run advanced queries' permission; to [isolate a device](/windows/security/threat-protection/microsoft-defender-atp/isolate-machine), select the 'Isolate machine' permission.
 
@@ -89,11 +89,11 @@ This article explains how to:
 
    :::image type="content" source="/defender/media/app-and-tenant-ids.png" alt-text="The Overview pane in the Microsoft Defender portal" lightbox="/defender/media/app-and-tenant-ids.png":::
 
-9. **For Microsoft Defender XDR Partners only**: [Follow these instructions](./api-partner-access.md) for partner access through the Microsoft Defender XDR APIs, set your app to be multi-tenant, so it can be available in all tenants once you receive admin consent. Partner access is **required** for third-party apps—for example, if you create an app that is intended to run in multiple customers' tenants. It is **not required** if you create a service that you want to run in your tenant only, such as an application for your own usage that will only interact with your own data. To set your app to be multi-tenant:
+9. **For Microsoft Defender XDR Partners only**: [Follow these instructions](./api-partner-access.md) for partner access through the Microsoft Defender XDR APIs, set your app to be multitenant, so it can be available in all tenants once you receive admin consent. Partner access is **required** for third-party apps—for example, if you create an app that is intended to run in multiple customers' tenants. It is **not required** if you create a service that you want to run in your tenant only, like an application for your own use that only interacts with your own data. To set your app to be multitenant:
 
     - Go to **Authentication**, and add https://portal.azure.com as the **Redirect URI**.
 
-    - On the bottom of the page, under **Supported account types**, select the **Accounts in any organizational directory** application consent for your multi-tenant app.
+    - On the bottom of the page, under **Supported account types**, select the **Accounts in any organizational directory** application consent for your multitenant app.
 
     Since your application interacts with Microsoft Defender XDR on behalf of your users, it needs be approved for every tenant on which you intend to use it.
 
@@ -107,7 +107,7 @@ This article explains how to:
 
     The digits `00000000-0000-0000-0000-000000000000` should be replaced with your Application ID.  
 
-**Done!** You've successfully registered an application! See examples below for token acquisition and validation.
+**Done!** You've successfully registered an application! See the following examples for token acquisition and validation.
 
 ## Get an access token
 
@@ -149,7 +149,7 @@ return $token
 > The following code was tested with Nuget Microsoft.Identity.Client 3.19.8.
 
 > [!IMPORTANT]
-> The [Microsoft.IdentityModel.Clients.ActiveDirectory](https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory) NuGet package and Azure AD Authentication Library (ADAL) have been deprecated. No new features have been added since June 30, 2020.   We strongly encourage you to upgrade, see the [migration guide](/azure/active-directory/develop/msal-migration) for more details.
+> The [Microsoft.IdentityModel.Clients.ActiveDirectory](https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory) NuGet package and Azure AD Authentication Library (ADAL) were deprecated. No new features were added since June 30, 2020. We strongly encourage you to upgrade, see the [migration guide](/azure/active-directory/develop/msal-migration) for more details.
 
 1. Create a new console application.
 
@@ -227,7 +227,7 @@ aadToken = jsonResponse["access_token"]
    curl -i -X POST -H "Content-Type:application/x-www-form-urlencoded" -d "grant_type=client_credentials" -d "client_id=%CLIENT_ID%" -d "scope=https://api.security.microsoft.com/.default" -d "client_secret=%CLIENT_SECRET%" "https://login.microsoftonline.com/%TENANT_ID%/oauth2/v2.0/token" -k
    ```
 
-   A successful response will look like this:
+   A successful response looks like this:
 
    ```bash
    {"token_type":"Bearer","expires_in":3599,"ext_expires_in":0,"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIn <truncated> aWReH7P0s0tjTBX8wGWqJUdDA"}
@@ -249,9 +249,9 @@ aadToken = jsonResponse["access_token"]
 
 1. Choose the API you want to use (incidents, or advanced hunting). For more information, see [Supported Microsoft Defender XDR APIs](api-supported.md).
 
-2. In the http request you are about to send, set the authorization header to `"Bearer" <token>`, *Bearer* being the authorization scheme, and *token* being your validated token.
+2. In the HTTP-based request you're about to send, set the authorization header to `"Bearer" <token>`, *Bearer* being the authorization scheme, and *token* being your validated token.
 
-3. The token will expire within one hour. You can send more than one request during this time with the same token.
+3. The token expires within one hour. You can send more than one request during this time with the same token.
 
 The following example shows how to send a request to get a list of incidents **using C#**.
 
@@ -270,7 +270,7 @@ The following example shows how to send a request to get a list of incidents **u
 - [Access the Microsoft Defender XDR APIs](api-access.md)
 - [Create a 'Hello world' application](api-hello-world.md)
 - [Create an app to access Microsoft Defender XDR APIs on behalf of a user](api-create-app-user-context.md)
-- [Create an app with multi-tenant partner access to Microsoft Defender XDR APIs](api-partner-access.md)
+- [Create an app with multitenant partner access to Microsoft Defender XDR APIs](api-partner-access.md)
 - [Learn about API limits and licensing](/legal/microsoft-365/api-terms)
 - [Understand error codes](api-error-codes.md)
 - [Manage secrets in your server apps with Azure Key Vault](/training/modules/manage-secrets-with-azure-key-vault/)
diff --git a/defender-xdr/api-hello-world.md b/defender-xdr/api-hello-world.md
@@ -28,7 +28,7 @@ appliesto:
 [!INCLUDE [Microsoft Defender XDR rebranding](../includes/microsoft-defender.md)]
 
 > [!IMPORTANT]
-> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+> Some information relates to prereleased product which may be substantially modified before its general availability. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 ## Get incidents using a simple PowerShell script
 
@@ -44,12 +44,12 @@ It should take 5 to 10 minutes to complete this project. This time estimate incl
 
    :::image type="content" source="/defender/media/atp-azure-new-app2.png" alt-text="The New registration section in the Microsoft Defender portal" lightbox="/defender/media/atp-azure-new-app2.png":::
 
-3. In the registration form, choose a name for your application, then select **Register**. Selecting a redirect URI is optional. You won't need one to complete this example.
+3. In the registration form, choose a name for your application, then select **Register**. Selecting a redirect URI is optional. You don't need one to complete this example.
 
 4. On your application page, select **API Permissions** > **Add permission** > **APIs my organization uses** >, type **Microsoft Threat Protection**, and select **Microsoft Threat Protection**. Your app can now access Microsoft Defender XDR.
 
    > [!TIP]
-   > *Microsoft Threat Protection* is a former name for Microsoft Defender XDR, and will not appear in the original list. You need to start writing its name in the text box to see it appear.
+   > *Microsoft Threat Protection* is a former name for Microsoft Defender XDR, and doesn't appear in the original list. You need to start writing its name in the text box to see it appear.
    :::image type="content" source="/defender/media/apis-in-my-org-tab.PNG" alt-text="The section of APIs usage in the Microsoft Defender portal" lightbox="/defender/media/apis-in-my-org-tab.PNG":::
 
    - Choose **Application permissions** > **Incident.Read.All** and select **Add permissions**.
@@ -77,11 +77,11 @@ It should take 5 to 10 minutes to complete this project. This time estimate incl
 For more information on Microsoft Entra tokens, see the [Microsoft Entra tutorial](/azure/active-directory/develop/active-directory-v2-protocols-oauth-client-creds).
 
 > [!IMPORTANT]
-> Although the example in this demo app encourage you to paste in your secret value for testing purposes, you should **never hardcode secrets** into an application running in production. A third party could use your secret to access resources. You can help keep your app's secrets secure by using [Azure Key Vault](/azure/key-vault/general/about-keys-secrets-certificates). For a practical example of how you can protect your app, see [Manage secrets in your server apps with Azure Key Vault](/training/modules/manage-secrets-with-azure-key-vault/).
+> Although the example in this demo app encourages you to paste in your secret value for testing purposes, you should **never hardcode secrets** into an application running in production. A third party could use your secret to access resources. You can help keep your app's secrets secure by using [Azure Key Vault](/azure/key-vault/general/about-keys-secrets-certificates). For a practical example of how you can protect your app, see [Manage secrets in your server apps with Azure Key Vault](/training/modules/manage-secrets-with-azure-key-vault/).
 
-1. Copy the script below and paste it into your favorite text editor. Save as **Get-Token.ps1**. You can also run the code as-is in PowerShell ISE, but you should save it, because we'll need to run it again when we use the incident-fetching script in the next section.
+1. Copy the following script and paste it into your favorite text editor. Save as **Get-Token.ps1**. You can also run the code as-is in PowerShell ISE, but you need save it because we need to run it again when we use the incident-fetching script in the next section.
 
-    This script will generate a token and save it in the working folder under the name, *Latest-token.txt*.
+    This script generates a token and save it in the working folder under the name, *Latest-token.txt*.
 
     ```PowerShell
     # This script gets the app context token and saves it to a file named "Latest-token.txt" under the current directory.
@@ -108,15 +108,15 @@ For more information on Microsoft Entra tokens, see the [Microsoft Entra tutoria
 #### Validate the token
 
 1. Copy and paste the token you received into [JWT](https://jwt.ms) to decode it.
-1. *JWT* stands for *JSON Web Token*. The decoded token will contain a number of JSON-formatted items or claims. Make sure that the *roles* claim within the decoded token contains the desired permissions.
+1. *JWT* stands for *JSON Web Token*. The decoded token contains several of JSON-formatted items or claims. Make sure that the *roles* claim within the decoded token contains the desired permissions.
 
     In the following image, you can see a decoded token acquired from an app, with ```Incidents.Read.All```, ```Incidents.ReadWrite.All```, and ```AdvancedHunting.Read.All``` permissions:
 
     :::image type="content" source="/defender/media/api-jwt-ms.png" alt-text="The Decoded Token section in the Microsoft Defender portal" lightbox="/defender/media/api-jwt-ms.png":::
 
 ### Get a list of recent incidents
 
-The script below will use **Get-Token.ps1** to access the API. It then retrieves a list of incidents that were last updated within the past 48 hours, and saves the list as a JSON file.
+The following script uses **Get-Token.ps1** to access the API. It then retrieves a list of incidents that were last updated within the past 48 hours, and saves the list as a JSON file.
 
 > [!IMPORTANT]
 > Save this script in the same folder you saved **Get-Token.ps1**.
@@ -171,7 +171,7 @@ You're all done! You've successfully:
 - [Access the Microsoft Defender XDR APIs](api-access.md)
 - [Create an app to access Microsoft Defender XDR without a user](api-create-app-web.md)
 - [Create an app to access Microsoft Defender XDR APIs on behalf of a user](api-create-app-user-context.md)
-- [Create an app with multi-tenant partner access to Microsoft Defender XDR APIs](api-partner-access.md)
+- [Create an app with multitenant partner access to Microsoft Defender XDR APIs](api-partner-access.md)
 - [Manage secrets in your server apps with Azure Key Vault](/training/modules/manage-secrets-with-azure-key-vault/)
 - [OAuth 2.0 Authorization for user sign in and API access](/azure/active-directory/develop/active-directory-v2-protocols-oauth-code)
 [!INCLUDE [Microsoft Defender XDR rebranding](../includes/defender-m3d-techcommunity.md)]
