acrolinx fixes

Author: aloverro

articles/planetary-computer/configure-cross-tenant-application.md

@@ -12,7 +12,7 @@ ms.date: 01/13/2026
 
 # Quickstart: Configure a cross-tenant application for Microsoft Planetary Computer Pro
 
-In this quickstart, you create and configure a multi-tenant Azure application that can access customer Microsoft Planetary Computer Pro GeoCatalogs. As a geospatial data provider or service provider, this enables your application to deliver data to or process data from your customers' GeoCatalogs without requiring separate application registrations in each customer tenant.
+In this quickstart, you create and configure a multitenant Azure application that can access customer Microsoft Planetary Computer Pro GeoCatalogs. As a geospatial data or service provider, this process enables your application to read or write data from or to your customers' GeoCatalogs.
 
 ## Prerequisites
 
@@ -37,20 +37,20 @@ The repository contains three directories:
 
 | Directory | Purpose |
 | ----------- | --------- |
-| `provider-app/` | Scripts for creating your multi-tenant application registration |
+| `provider-app/` | Scripts for creating your multitenant application registration |
 | `customer-app/` | Scripts your customers use to authorize your application |
 | `client-app/` | Test scripts for validating GeoCatalog access |
 
-## Create a multi-tenant application registration
+## Create a multitenant application registration
 
-The first step is to create an application registration in your Azure tenant configured for multi-tenant access. This application will be the identity that customers authorize to access their GeoCatalogs.
+The first step is to create an application registration in your Azure tenant configured for multitenant access. This application is the entity that customers authorize to access their GeoCatalogs.
 
 ### Understand the application configuration
 
-A multi-tenant application registration requires specific configuration:
+A multitenant application registration requires specific configuration:
 
 - **Sign-in audience**: Set to `AzureADMultipleOrgs` to allow sign-in from any Microsoft Entra tenant
-- **Redirect URIs**: URIs where tokens are sent after authentication
+- **Redirect URI**: URI where tokens are sent after authentication
 - **Token configuration**: Enable ID and access token issuance
 - **Client credentials**: A client secret for app-only authentication
 
@@ -62,7 +62,7 @@ A multi-tenant application registration requires specific configuration:
     az login
     ```
 
-1. Create the multi-tenant application registration:
+1. Create the multitenant application registration:
 
     ```azurecli
     az ad app create \
@@ -74,7 +74,7 @@ A multi-tenant application registration requires specific configuration:
     ```
 
     > [!NOTE]
-    > The `appId` value in the output—this is your Application (client) ID.
+    > The `appId` value in the output is your Application (client) ID.
 
 1. Create a service principal for the application in your tenant:
 
@@ -92,7 +92,7 @@ A multi-tenant application registration requires specific configuration:
     ```
 
     > [!WARNING]
-    > Save the `password` value immediately—it won't be shown again. Store it securely using Azure Key Vault or another secrets management solution.
+    > Save the `password` value immediately—this is the only time it is provided. Store it securely using Azure Key Vault or another secrets management solution.
 
 1. Get your tenant ID:
 
@@ -102,7 +102,7 @@ A multi-tenant application registration requires specific configuration:
 
 ### Use the sample script
 
-Alternatively, use the provided setup script which automates these steps:
+Alternatively, use the provided setup script to automate these steps:
 
 1. Navigate to the provider-app directory:
 
@@ -138,7 +138,7 @@ Provide customers with:
 | Information | Description | Example |
 | ------------- | ------------- | --------- |
 | Application (client) ID | Unique identifier for your application | `abcd1234-ef56-7890-abcd-1234567890ab` |
-| Admin consent URL | URL for granting admin consent | See below |
+| Admin consent URL | URL for granting admin consent | See next section |
 
 ### Generate the admin consent URL
 
@@ -148,7 +148,7 @@ Construct the admin consent URL using this template:
 https://login.microsoftonline.com/{customer-tenant-id}/adminconsent?client_id={your-app-id}&redirect_uri={your-redirect-uri}
 ```
 
-Provide customers with this template along with instructions to replace `{customer-tenant-id}` with their own tenant ID.
+Provide customers with this template and instruct them to replace `{customer-tenant-id}` with their own tenant ID.
 
 > [!NOTE]
 > Outside the scope of this quickstart, you can collect your customers tenant-id as part of the registration and onboarding flow for your application. 
@@ -174,7 +174,7 @@ The `customer_onboarding.json` file generated by the setup script contains:
 
 ## Authenticate and access customer GeoCatalogs
 
-Once a customer has authorized your application, you can authenticate and access their GeoCatalog resources.
+Once your customer [authorizes the your cross-tenant application](./authorizing-cross-tenant-partner-applications.md), you can authenticate and access their GeoCatalog resources.
 
 ### Authentication flow
 
@@ -184,7 +184,7 @@ Your application authenticates using the OAuth2 client credentials flow:
 
 ### Acquire an access token
 
-Use the OAuth2 client credentials flow to acquire a token for the GeoCatalog scope. For Python based application, it is recommended to use the MSAL libraries to retrieve the access tokens:
+Use the OAuth2 client credentials flow to acquire a token for the GeoCatalog scope. For Python based application, it's recommended to use the MSAL libraries to retrieve the access tokens:
 
 **Python example using MSAL:**