switch to domain name for tenant ID + README update

mmacy · mmacy · commit 8e178ea58a79 · 2020-03-21T10:39:19.000-07:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,8 +1,13 @@
 # CHANGELOG
 
-## 3/04/2020
+## 2020-03-21
+
+* Switch to using the tenant domain name for the tenant ID in [config.js](config.js).
+* Update README to reflect current state of sample and the articles referenced on [docs.microsoft.com](https://docs.microsoft.com/azure/active-directory-b2c).
+
+## 2020-03-04
 
 * Dependencies updated.
 * Configuration parameters separated.
-* Readme improved.
+* README improved.
 * ES6 conventions introduced.
diff --git a/LICENSE copy b/LICENSE copy
diff --git a/README.md b/README.md
@@ -12,106 +12,105 @@ urlFragment: "active-directory-b2c-javascript-nodejs-webapi"
 
 # Node.js Web API with Azure AD B2C
 
-This sample demonstrates how to protect a Node.js web API with Azure AD B2C using the Passport.js library. The code here is pre-configured with a registered client ID. If you register your own app, you will need to replace the client ID.
+This sample demonstrates how to protect a Node.js web API with Azure AD B2C using the Passport.js library. The code here is pre-configured with a registered client ID. If you register your own app, replace the client ID.
 
 To see how to call this web API from a client application, refer to this [B2C Single Page Application sample](https://github.com/Azure-Samples/active-directory-b2c-javascript-msal-singlepageapp).
 
 ## Contents
 
-| File/folder       | Description                                |
-|-------------------|--------------------------------------------|
-| `process.json`   | Contains configuration parameters for logging via Morgan.  |
-| `index.js`   | Main application logic resides here.                     |
-| `config.js`   | Contains configuration parameters for the sample. |
-| `.gitignore`      | Defines what to ignore at commit time.      |
-| `CHANGELOG.md`    | List of changes to the sample.             |
-| `CODE_OF_CONDUCT.md` | Code of Conduct information.            |
-| `CONTRIBUTING.md` | Guidelines for contributing to the sample. |
-| `LICENSE`         | The license for the sample.                |
-| `package.json`    | Package manifest for npm.                   |
-| `README.md`       | This README file.                          |
-| `SECURITY.md`     | Security disclosures.                      |
-
-## Steps to Run
-
-1. Clone the code.
+| File/folder          | Description                                               |
+|:---------------------|:----------------------------------------------------------|
+| `.gitignore`         | Defines what to ignore at commit time.                    |
+| `CHANGELOG.md`       | List of changes to the sample.                            |
+| `CODE_OF_CONDUCT.md` | Code of Conduct information.                              |
+| `config.js`          | Contains configuration parameters for the sample.         |
+| `CONTRIBUTING.md`    | Guidelines for contributing to the sample.                |
+| `index.js`           | Main application logic resides here.                      |
+| `LICENSE`            | The license for the sample.                               |
+| `package.json`       | Package manifest for npm.                                 |
+| `process.json`       | Contains configuration parameters for logging via Morgan. |
+| `README.md`          | This README file.                                         |
+| `SECURITY.md`        | Security disclosures.                                     |
+``
+
+## Steps to run
+
+1. Clone this repository.
 
 ```console
 git clone https://github.com/Azure-Samples/active-directory-b2c-javascript-nodejs-webapi.git
-```
+```config
 
-2. Make sure you've installed [Node.js](https://nodejs.org/en/download/).
+2. Install [Node.js](https://nodejs.org/en/download/) if you don't already have it.
 
-3. Install the node dependencies:
+3. Install the Node dependencies:
 
 ```console
 npm install && npm update
 ```
 
-4. Run the Web API! By default it will run on `http://localhost:5000`
+4. Run the Web API. By default, it runs on `http://localhost:5000`
 
 ```console
 npm start
 ```
 
-## Next Steps
+## Using your own Azure AD B2C tenant
 
-### Using your own Azure AD B2C Tenant
+To have a proper understanding of Azure AD B2C as a developer, follow the tutorials in the official [Azure AD B2C documentation](https://docs.microsoft.com/azure/active-directory-b2c/). In the rest of this guide, we summarize the steps you need to go through.
 
-To have a proper understanding of Azure AD B2C as a developer, follow the tutorials on Azure [AD B2C documentation](https://docs.microsoft.com/en-us/azure/active-directory-b2c/). In the rest of this guide, we summarize the steps you need to go through.
+### Step 1: Get your own Azure AD B2C tenant
 
-#### Step 1: Get your own Azure AD B2C Tenant
+You first need an Azure AD B2C tenant. If you don't already have one you can use for testing purposes, create your own by following the steps in [Tutorial: Create an Azure Active Directory B2C tenant](https://docs.microsoft.com/azure/active-directory-b2c/tutorial-create-tenant).
 
-First, you'll need an Azure AD B2C tenant. If you don't have an existing Azure AD B2C tenant that you can use for testing purposes, you can create your own by following [these instructions](https://azure.microsoft.com/documentation/articles/active-directory-b2c-get-started).
+### Step 2: Create your own policies
 
-#### Step 2: Create your own policies
+This sample uses a unified sign-up/sign-in policy. You can create [your own unified sign-up/sign-in policy](https://docs.microsoft.com/azure/active-directory-b2c/tutorial-create-user-flows). You may choose to include as many or as few identity providers as you wish.
 
-This sample uses a unified sign-up/sign-in policy. You can create [your own unified sign-up/sign-in policy](https://azure.microsoft.com/documentation/articles/active-directory-b2c-reference-policies). You may choose to include as many or as few identity providers as you wish.
-
-If you already have existing policies in your Azure AD B2C tenant, feel free to re-use those policies in this sample.  
+If you already have existing policies in your Azure AD B2C tenant, feel free to reuse those policies in this sample.
 
 #### Step 3: Register your own web API with Azure AD B2C
 
-Follow the instructions at [register a Web API with Azure AD B2C](https://docs.microsoft.com/en-us/azure/active-directory-b2c/add-web-application?tabs=applications) to register the Node.js Web API sample with your tenant. Registering your Web API allows you to define the scopes that your single page application will request access tokens for.
+Follow the steps in [Protect and grant access to a Node.js web API](https://docs.microsoft.com/azure/active-directory-b2c/tutorial-single-page-app-webapi) to register the web API application in your tenant, define scopes, and grant a web application access to the API. By following the steps in the tutorial, you define the scopes that your single-page application will request access tokens for.
 
 #### Step 4: Configure your application source code
 
-You can now fill in the variables in the `config.js` file of the Node.js Web API sample with the parameters you've obtained from the Azure Portal during the steps above.
+You can now fill in the variables in the *config.js* file of the Node.js web API sample with the parameters you've obtained from the Azure portal by following the steps above.
 
 Configure the following variables:
 
 ```javascript
-const clientID = "<Application ID for your Node.js Web API - found on Properties page in Azure portal e.g. 93733604-cc77-4a3c-a604-87084dd55348>";
-const b2cDomainHost = "<Domain of your B2C host eg. fabrikamb2c.b2clogin.com>";
-const tenantIdGuid = "<Application ID for your Node.js Web API - found on Properties page in Azure portal e.g. 775527ff-9a37-4307-8b3d-cc311f58d925>";
-const policyName = "<Name of your sign in / sign up policy, e.g. B2C_1_SUSI>";
+const clientID = "<Application (client) ID of your Node.js web API, e.g. 93733604-0000-0000-0000-87084dd55348>"
+const b2cDomainHost = "<Domain name of your B2C authority, e.g. fabrikamb2c.b2clogin.com>";
+const tenantId = "<Domain name of your B2C tenant, e.g. fabrikamb2c.onmicrosoft.com>";
+const policyName = "<Name of your sign in / sign up policy. Example: B2C_1_SUSI>";
 ```
 
 > **NOTE**
 >
->Developers using the [Azure China Environment](https://docs.microsoft.com/en-us/azure/active-directory/develop/authentication-national-cloud), MUST use <your-tenant-name>.b2clogin.cn authority, instead of `login.chinacloudapi.cn`.
+> Developers using the [Azure China](https://docs.microsoft.com/azure/active-directory/develop/authentication-national-cloud) environment MUST use `<your-tenant-name>.b2clogin.cn` authority instead of `login.chinacloudapi.cn`.
 >
-> In order to use <your-tenant-name>.b2clogin.*, you will need to configure you application and set `validateAuthority: false`. Learn more about using [b2clogin](https://docs.microsoft.com/en-us/azure/active-directory-b2c/b2clogin#set-the-validateauthority-property).
+> To use `<your-tenant-name>.b2clogin.*`, you need set `validateIssuer: false`. Learn more about using [b2clogin.com](https://docs.microsoft.com/azure/active-directory-b2c/b2clogin).
+
+### Step 5: Run the application
 
-Lastly, to run your Node.js Web API, run the following command from your shell or command line
+Lastly, to run your Node.js Web API, execute the following commands in your shell or terminal:
 
 ```bash
 npm install && npm update
 npm start
 ```
 
-Your Node.js Web API sample is now running on Port 5000.
+Your Node.js web API is now running on port 5000.
 
-## Questions & Issues
+## Questions & issues
 
-Please file any questions or problems with the sample as a GitHub issue.  You can also post on Stack Overflow with the tag `azure-ad-b2c`. For OAuth2.0 library issues, please see note below.
+Please file any questions or problems with the sample as a GitHub issue. You can also post on Stack Overflow with the tag `azure-ad-b2c`.
 
 ## Contributing
 
-If you'd like to contribute to this sample, see [CONTRIBUTING.MD](./CONTRIBUTING.md).
+If you'd like to contribute to this sample, see [CONTRIBUTING.md](./CONTRIBUTING.md).
 
-## Code of Conduct
+## Code of conduct
 
-This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
-For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or
-contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
+For details, see [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md).
diff --git a/config.js b/config.js
@@ -1,11 +1,11 @@
-// Update these four variables with your values from the B2C portal
-const clientID = "93733604-cc77-4a3c-a604-87084dd55348"; 
+// Update these four variables with values from your B2C tenant in the Azure portal
+const clientID = "93733604-cc77-4a3c-a604-87084dd55348"; // Application (client) ID of your API's application registration
 const b2cDomainHost = "fabrikamb2c.b2clogin.com";
-const tenantIdGuid = "775527ff-9a37-4307-8b3d-cc311f58d925"; // alternatively, you can use your tenant name as well
+const tenantId = "fabrikamb2c.onmicrosoft.com"; // Alternatively, you can use your Directory (tenant) ID (a GUID)
 const policyName = "B2C_1_SUSI";
 
 const config = {
-    identityMetadata: "https://" + b2cDomainHost + "/" + tenantIdGuid + "/" + policyName + "/v2.0/.well-known/openid-configuration/",
+    identityMetadata: "https://" + b2cDomainHost + "/" + tenantId + "/" + policyName + "/v2.0/.well-known/openid-configuration/",
     clientID: clientID,
     policyName: policyName,
     isB2C: true,
