Fix formatting and wording in secure access section

Author: Carolyn135

learn-pr/wwl-sci/design-solutions-secure-applications/includes/6-secure-access-workload-identities.md

@@ -50,7 +50,7 @@ Assigning identities to workloads isn't sufficient. You need to secure those ide
 
 ### Conditional Access for workload identities
 
-Apply Conditional Access policies to single-tenant service principals owned by your organization. Third-party SaaS apps, multi-tenant apps, and managed identities are not covered by Conditional Access policies for workload identities. Supported policies include blocking service principals from outside known public IP ranges and blocking access based on risk detected by Microsoft Entra ID Protection. Because workload identities can't perform multifactor authentication, the only available grant control is **Block access**. Continuous access evaluation (CAE) for workload identities enables real-time enforcement of Conditional Access location and risk policies. CAE currently applies only to access requests sent to Microsoft Graph as a resource provider and does not support managed identities.
+Apply Conditional Access policies to single-tenant service principals owned by your organization. Third-party SaaS apps, multitenant apps, and managed identities are not covered by Conditional Access policies for workload identities. Supported policies include blocking service principals from outside known public IP ranges and blocking access based on risk detected by Microsoft Entra ID Protection. Because workload identities can't perform multifactor authentication, the only available grant control is **Block access**. Continuous access evaluation (CAE) for workload identities enables real-time enforcement of Conditional Access location and risk policies. CAE currently applies only to access requests sent to Microsoft Graph as a resource provider and does not support managed identities.
 
 ### Microsoft Entra ID Protection for workload identities