minor changes to README

Author: Ramya

README.md

@@ -70,44 +70,44 @@ As a first step you'll need to:
 1. Sign in to the [Azure portal](https://portal.azure.com) using either a work or school account or a personal Microsoft account.
 1. If your account is present in more than one Azure AD tenant, select your profile at the top right corner in the menu on top of the page, and then **switch directory**.
    Change your portal session to the desired Azure AD tenant.
-1. In the portal menu click on **All services** and choose **Azure Active Directory**.
+1. In the portal menu, click on **All services** and choose **Azure Active Directory**.
 
 > In the next steps, you might need the tenant name (or directory name) or the tenant ID (or directory ID). These are presented in the **Properties** of the Azure Active Directory window respectively as *Name* and *Directory ID*
 
-#### Register the Web Api app (java-webapi)
+#### Register the Web Api app (Java-webapi)
 
 1. Navigate to the Microsoft identity platform for developers [App registrations](https://go.microsoft.com/fwlink/?linkid=2083908) page.
-1. Click **New registration** on top.
+1. Click **New registration**.
 1. In the **Register an application page** that appears, enter your application's registration information:
-   - In the **Name** section, enter a meaningful application name that will be displayed to users of the app, for example `java-webapi`.
+   - In the **Name** section, enter a meaningful application name that will be displayed to users of the app, for example `Java-webapi`.
    - Change **Supported account types** to **Accounts in any organizational directory and personal Microsoft accounts (e.g. Skype, Xbox, Outlook.com)**.
-1. Click on the **Register** button in bottom to create the application.
-1. In the app's registration screen, find the **Application (client) ID** and **Directory (tenant) ID** value and record it for use later. You'll need it to configure the configuration file(s) later in your code.
-1. Click the **Save** button on top to save the changes.
-1. In the app's registration screen, click on the **Certificates & secrets** blade to open the page where we can generate secrets and upload certificates.
+1. Click on the **Register** button to create the application.
+1. In the app's registration **Overview** page, find the **Application (client) ID** and **Directory (tenant) ID** value and record it for use later. You'll need it to configure the configuration file(s) later in your code.
+1. Click the **Save** button to save the changes.
+1. In the Application menu blade, click on the **Certificates & secrets** to open the page where we can generate secrets and upload certificates.
 1. In the **Client secrets** section, click on **New client secret**:
    - Type a key description (for instance `app secret`),
    - Select one of the available key durations (**In 1 year**, **In 2 years**, or **Never Expires**) as per your security concerns.
    - The generated key value will be displayed when you click the **Add** button. Copy the generated value for use in the steps later.
    - You'll need this key later in your code's configuration files. This key value will not be displayed again, and is not retrievable by any other means, so make sure to note it from the Azure portal before navigating to any other screen or blade.
-1. In the app's registration screen, click on the **API permissions** blade to open the page where we add access to the Apis that your application needs.
+1. In the Application menu blade, click on the **API permissions** to open the page where we add access to the Apis that your application needs.
    - Click the **Add a permission** button and then,
    - Ensure that the **Microsoft APIs** tab is selected.
    - In the *Commonly used Microsoft APIs* section, click on **Microsoft Graph**
    - In the **Delegated permissions** section, select the **User.Read** in the list. Use the search box if necessary.
    - Click on the **Add permissions** button in the bottom.
-1. In the app's registration screen, click on the **Expose an API** blade to open the page where declare the parameters to expose this app as an Api for which client applications can obtain [access tokens](https://docs.microsoft.com/azure/active-directory/develop/access-tokens) for.
+1. In the Application menu blade, click on the **Expose an API** to open the page where declare the parameters to expose this app as an Api for which client applications can obtain [access tokens](https://docs.microsoft.com/azure/active-directory/develop/access-tokens) for.
 The first thing that we need to do is to declare the unique [resource](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-auth-code-flow) URI that the clients will be using to obtain access tokens for this Api. To declare an resource URI, follow the following steps:
-   - Click `Set` next to the **Application ID URI** to generate a URI thats unique for this app.
+   - Click `Set` next to the **Application ID URI** to generate a URI that is unique for this app.
    - For this sample, accept the proposed Application ID URI (api://{clientId}) by selecting **Save**.
 1. All Apis have to publish a minimum of one [scope](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-auth-code-flow#request-an-authorization-code) for the client's to obtain an access token successfully. To publish a scope, follow the following steps:
    - Select **Add a scope** button open the **Add a scope** screen and Enter the values as indicated below:
           - For **Scope name**, use `access_as_user`.
           - Select **Admins and users** options for **Who can consent?**
-          - For **Admin consent display name** type `Access java-webapi`
-          - For **Admin consent description** type `Allows the app to access java-webapi as the signed-in user.`
-          - For **User consent display name** type `Access java-webapi`
-          - For **User consent description** type `Allow the application to access java-webapi on your behalf.`
+          - For **Admin consent display name** type `Access Java-webapi`
+          - For **Admin consent description** type `Allows the app to access Java-webapi as the signed-in user.`
+          - For **User consent display name** type `Access Java-webapi`
+          - For **User consent description** type `Allow the application to access Java-webapi on your behalf.`
           - Keep **State** as **Enabled**
           - Click on the **Add scope** button on the bottom to save this scope.
 
@@ -119,33 +119,32 @@ Open `application.properties` in the src/main/resources folder. Fill in with you
 - *Enter_the_Application_Id_here* with the **Application (client) ID**.
 - *Enter_the_Client_Secret_Here* with the **key value** noted earlier.
 
-#### Register the client web app (java_webapp)
+#### Register the client web app (Java_webapp)
 
 1. Navigate to the Microsoft identity platform for developers [App registrations](https://go.microsoft.com/fwlink/?linkid=2083908) page.
-1. Click **New registration** on top.
+1. Click **New registration**.
 1. In the **Register an application page** that appears, enter your application's registration information:
    - In the **Name** section, enter a meaningful application name that will be displayed to users of the app, for example `java_webapp`.
    - Change **Supported account types** to **Accounts in any organizational directory and personal Microsoft accounts (e.g. Skype, Xbox, Outlook.com)**.
      > Note that there are more than one redirect URIs used in this sample. You'll need to add them from the **Authentication** tab later after the app has been created successfully.
-1. Click on the **Register** button in bottom to create the application.
-1. In the app's registration screen, find the **Application (client) ID** value and record it for later. You'll need it to configure the configuration file(s) later in your code.
-1. In the app's registration screen, click on the **Authentication** blade.
+1. Click on the **Register** button to create the application.
+1. In the app's registration **Overview** page, find the **Application (client) ID** value and record it for later. You'll need it to configure the configuration file(s) later in your code.
+1. In the Application menu blade, click on the **Authentication**.
    - In the Redirect URIs section, select **Web** in the drop down and enter the following redirect URIs.
        - `http://localhost:8080/msal4jsample/secure/aad`
        - `http://localhost:8080/msal4jsample/graph/me`
-   - In the **Advanced settings** section, set **Logout URL** to `https://localhost:8080/msal4jsample/sign-out`.
 
-1. Click the **Save** button on top to save the changes.
-1. In the app's registration screen, click on the **Certificates & secrets** blade to open the page where we can generate secrets and upload certificates.
+1. Click the **Save** button to save the changes.
+1. In the Application menu blade, click on the **Certificates & secrets** to open the page where we can generate secrets and upload certificates.
 1. In the **Client secrets** section, click on **New client secret**:
    - Type a key description (for instance `app secret`),
    - Select one of the available key durations (**In 1 year**, **In 2 years**, or **Never Expires**) as per your security concerns.
    - The generated key value will be displayed when you click the **Add** button. Copy the generated value for use in the steps later.
    - You'll need this key later in your code's configuration files. This key value will not be displayed again, and is not retrievable by any other means, so make sure to note it from the Azure portal before navigating to any other screen or blade.
-1. In the app's registration screen, click on the **API permissions** blade to open the page where we add access to the Apis that your application needs.
+1. In the Application menu blade, click on the **API permissions** to open the page where we add access to the Apis that your application needs.
    - Click the **Add a permission** button and then,
    - Ensure that the **My APIs** tab is selected.
-   - In the list of APIs, select the API `java-webapi`.
+   - In the list of APIs, select the API `Java-webapi`.
    - In the **Delegated permissions** section, select the **access_as_user** in the list. Use the search box if necessary.
    - Click on the **Add permissions** button in the bottom.
 
@@ -157,18 +156,18 @@ Open `application.properties` in the src/main/resources folder. Fill in with you
 - Replace *Enter_the_Client_Secret_Here* with the **key value** noted earlier.
 - Replace *OboApi* with the API exposed in the `Web Api app` **(api://{clientId})**.
 
-#### Configure known client applications for service (java-webapi)
+#### Configure known client applications for service (Java-webapi)
 
-For a middle tier web API (`java-webapi`) to be able to call a downstream web API, the middle tier app needs to be granted the required permissions as well.
+For a middle tier web API (`Java-webapi`) to be able to call a downstream web API, the middle tier app needs to be granted the required permissions as well.
 However, since the middle tier cannot interact with the signed-in user, it needs to be explicitly bound to the client app in its Azure AD registration.
 This binding merges the permissions required by both the client and the middle tier WebApi and and presents it to the end user in a single consent dialog. The user than then consent to this combined set of permissions.
 
-To achieve this, you need to add the "Client ID" of the client app, in the manifest of the web API in the `knownClientApplications` property. Here's how:
+To achieve this, you need to add the "Client ID" of the client app, in the manifest of the web API in the **knownClientApplications** property. Here's how:
 
-In the [Azure portal](https://portal.azure.com), navigate to your `java-webapi` app registration:
+In the [Azure portal](https://portal.azure.com), navigate to your `Java-webapi` app registration:
 
 - In the Application menu blade, select **Manifest**.
-- Find the attribute **knownClientApplications** and add your client application's(`java-webapp`) **Application (client) Id** as its element.
+- Find the attribute **knownClientApplications** and add your client application's(`Java-webapp`) **Application (client) Id** as its element.
 - Click **Save**.
 
 ### Step 4: Run the applications
@@ -241,7 +240,7 @@ If you would like to deploy the sample to Tomcat, you will need to make a couple
 - This will generate a `msal-web-sample-0.1.0.war` file in your /targets directory.
 - Rename this file to `ROOT.war`
 - Deploy this war file using Tomcat or any other J2EE container solution.
-- To deploy on Tomcat container, copy the .war file to the webapps folder under your Tomcat installation and then start the Tomcat server.
+- To deploy on Tomcat container, copy the .war file to the webapp's folder under your Tomcat installation and then start the Tomcat server.
 - Repeat these steps for the `msal-obo-sample` also.
 
 This WAR will automatically be hosted at `http:<yourserverhost>:<yourserverport>/`
@@ -273,7 +272,7 @@ There are many key points in this sample to make the On-Behalf-Of-(OBO) flow wor
 
     A code snippet showing how to obtain auth result by silent flow.
 
-    ```java
+    ```Java
 
         private ConfidentialClientApplication createClientApplication() throws MalformedURLException {
             return ConfidentialClientApplication.builder(clientId, ClientCredentialFactory.create(clientSecret))
@@ -307,7 +306,7 @@ There are many key points in this sample to make the On-Behalf-Of-(OBO) flow wor
 
     Contains the api(graphMeApi) to trigger the obo flow. The graphMeApi method gets the obo access token using **MsalAuthHelper**. The `callMicrosoftGraphEndPoint` method calls the Microsoft graph API using obo token.
 
-    ```java
+    ```Java
     String oboAccessToken = msalAuthHelper.getOboToken("https://graph.microsoft.com/.default");
 
         return callMicrosoftGraphMeEndpoint(oboAccessToken);
@@ -325,7 +324,7 @@ There are many key points in this sample to make the On-Behalf-Of-(OBO) flow wor
 
     Token Validation of the caller happens in this class, where the access token presented by the client app is validated and another access token is obtained using the on-behalf-of flow
 
-    ```java
+    ```Java
             http
             .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
             .and()
@@ -340,7 +339,7 @@ There are many key points in this sample to make the On-Behalf-Of-(OBO) flow wor
 
     A code snippet showing how to obtain obo token
 
-    ```java
+    ```Java
                 OnBehalfOfParameters parameters =
                     OnBehalfOfParameters.builder(Collections.singleton(scope),
                             new UserAssertion(authToken))