fixed PR review bugs

Author: R-C-Stewart

learn-pr/wwl-sci/introduction-entra-agent-id/includes/2-describe-agent-id-compare-identities.md

@@ -63,10 +63,10 @@ Managed identities are another type of identity used for Azure resources:
 
 Agent identities provide specific security benefits designed for AI agents:
 
-1. **Distinguish AI operations**: Operations performed by AI agents are clearly separated from operations performed by workforce, customer, or traditional workload identities in audit logs and monitoring
-2. **Right-sized access**: Enable AI agents to gain appropriate access across systems without excessive permissions
-3. **Prevent excessive privilege**: Block agents from accessing critical security roles and systems
-4. **Scale identity management**: Support large numbers of AI agents that can be quickly created and destroyed without leaving orphaned credentials
+- **Distinguish AI operations**: Operations performed by AI agents are clearly separated from operations performed by workforce, customer, or traditional workload identities in audit logs and monitoring
+- **Right-sized access**: Enable AI agents to gain appropriate access across systems without excessive permissions
+- **Prevent excessive privilege**: Block agents from accessing critical security roles and systems
+- **Scale identity management**: Support large numbers of AI agents that can be quickly created and destroyed without leaving orphaned credentials
 
 ## Authentication scenarios
 

learn-pr/wwl-sci/introduction-entra-agent-id/includes/3-identify-products-use-agent-identities.md

@@ -44,8 +44,8 @@ Agents in Microsoft Foundry access remote resources and tools by using agent ide
 > When you publish an agent, you must reassign RBAC permissions to the new agent identity for any resources that the agent needs to access. Permissions assigned to the shared identity don't automatically transfer.
 
 Currently, the tools that support authentication with agent identity are:
-1. **Model Context Protocol (MCP)**: Use your agent's identity to authenticate with MCP servers that support agent identity authentication
-2. **Agent-to-Agent (A2A)**: Enable secure communication between agents using agent identities
+- **Model Context Protocol (MCP)**: Use your agent's identity to authenticate with MCP servers that support agent identity authentication
+- **Agent-to-Agent (A2A)**: Enable secure communication between agents using agent identities
 
 ## Azure App Service and Azure Functions
 
@@ -123,8 +123,8 @@ Key features:
 
 When planning your agent deployments, consider:
 
-1. **Which platforms will you use?** Determine which Microsoft products host your agents
-2. **Identity governance requirements**: Understand how agent identities are created, managed, and governed
-3. **Permission management**: Plan how permissions are assigned, especially when publishing agents or moving them between environments
-4. **Audit and monitoring**: Ensure you have processes to monitor agent identity activity in the Microsoft Entra admin center
-5. **Lifecycle management**: Plan for how agent identities are created and deleted as agents are deployed and retired
+- **Which platforms will you use?** Determine which Microsoft products host your agents
+- **Identity governance requirements**: Understand how agent identities are created, managed, and governed
+- **Permission management**: Plan how permissions are assigned, especially when publishing agents or moving them between environments
+- **Audit and monitoring**: Ensure you have processes to monitor agent identity activity in the Microsoft Entra admin center
+- **Lifecycle management**: Plan for how agent identities are created and deleted as agents are deployed and retired

learn-pr/wwl-sci/introduction-entra-agent-id/includes/5-understand-access-permissions.md

@@ -2,7 +2,7 @@ Managing agent identities requires specific Microsoft Entra roles and understand
 
 ## Required roles for managing agent identities
 
-There are several different types of roles that can perform operations on agent identies, from viewing to managing.
+There are several different types of roles that can perform operations on agent identities, from viewing to managing.
 
 ### Roles for viewing agent identities
 
@@ -13,11 +13,11 @@ To view agent identities in the Microsoft Entra admin center:
 
 To manage agent identities (create, update, disable, delete), you need one of the following roles:
 
-1. **Agent ID Administrator**: Full permissions to manage agent identities, agent identity blueprints, and related configurations. Use the role for agent identity management (recommended).
+- **Agent ID Administrator**: Full permissions to manage agent identities, agent identity blueprints, and related configurations. Use the role for agent identity management (recommended).
 
-2. **Cloud Application Administrator**: Can manage enterprise applications and agent identities. This role has broader application management permissions beyond just agent identities.
+- **Cloud Application Administrator**: Can manage enterprise applications and agent identities. This role has broader application management permissions beyond just agent identities.
 
-3. **Owner of the agent identity**: If you're designated as an owner of a specific agent identity, you can manage that agent identity without holding a tenant-wide administrator role.
+- **Owner of the agent identity**: If you're designated as an owner of a specific agent identity, you can manage that agent identity without holding a tenant-wide administrator role.
 
 ### Roles for creating agent identity blueprints
 
@@ -77,9 +77,9 @@ A critical scenario for permission management occurs when publishing agents in p
 
 When you publish an agent:
 
-1. **RBAC permissions don't transfer**: Permissions assigned to the shared project identity don't automatically transfer to the new distinct identity
-2. **You must reassign permissions**: Navigate to each Azure resource the agent accesses and assign the required RBAC role to the new agent identity
-3. **Verify access**: Test that the published agent can still access all required resources
+- **RBAC permissions don't transfer**: Permissions assigned to the shared project identity don't automatically transfer to the new distinct identity
+- **You must reassign permissions**: Navigate to each Azure resource the agent accesses and assign the required RBAC role to the new agent identity
+- **Verify access**: Test that the published agent can still access all required resources
 
 ### Example: Publishing a Microsoft Foundry agent
 
@@ -103,7 +103,8 @@ Agent identities can be assigned Azure RBAC roles just like service principals:
 5. **Search for the agent identity** by its name or object ID
 6. **Assign the role**
 
-Note: You need the object ID of the agent identity for role assignments.
+> [!Note]
+> You need the object ID of the agent identity for role assignments.
 
 ## Microsoft Graph permissions