Update other files

Author: baanders

articles/digital-twins/media/troubleshoot-error-403/app-registrations.png

@@ -24,9 +24,9 @@ Most often, this error indicates that your role-based access control (RBAC) perm
 
 ### Cause #2
 
-If you are using a client app to communicate with Azure Digital Twins, this error may happen because your [Azure Active Directory (Azure AD)](../active-directory/fundamentals/active-directory-whatis.md) app registration does not have permissions set up for the Azure Digital Twins service.
+If you are using a client app to communicate with Azure Digital Twins that is authenticating with an [app registration](how-to-create-app-registration.md), this error may happen because your app registration does not have permissions set up for the Azure Digital Twins service.
 
-The app registration is required to have access permissions configured for the Azure Digital Twins APIs. Then, when your client app authenticates against the app registration, it will be granted the permissions that the app registration has configured.
+The app registration must have access permissions configured for the Azure Digital Twins APIs. Then, when your client app authenticates against the app registration, it will be granted the permissions that the app registration has configured.
 
 ## Solutions
 
@@ -58,19 +58,29 @@ If you have this role assignment already and still encounter the 403 issue, cont
 
 ### Solution #2
 
-The second solution is to verify that the Azure AD app registration has permissions configured for the Azure Digital Twins service. If this is not configured, set them up.
+The second solution is, if you're using an Azure AD app registration to authenticate a client app, to verify that the app registration has permissions configured for the Azure Digital Twins service. If these are not configured, set them up.
 
 #### Check current setup
 
-[!INCLUDE [digital-twins-setup-verify-app-registration-1.md](../../includes/digital-twins-setup-verify-app-registration-1.md)]
+To check whether the permissions have been configured correctly, navigate to the [Azure AD app registration overview page](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps) in the Azure portal. You can get to this page yourself by searching for *App registrations* in the portal search bar.
+
+Switch to the *All applications* tab to see all the app registrations that have been created in your subscription.
+
+You should see the app registration you just created in the list. Select it to open up its details.
+
+:::image type="content" source="media/troubleshoot-error-403/app-registrations.png" alt-text="App registrations page in the Azure portal":::
 
 First, verify that the Azure Digital Twins permissions settings were properly set on the registration. To do this, select *Manifest* from the menu bar to view the app registration's manifest code. Scroll to the bottom of the code window and look for these fields under `requiredResourceAccess`. The values should match those in the screenshot below:
 
-[!INCLUDE [digital-twins-setup-verify-app-registration-2.md](../../includes/digital-twins-setup-verify-app-registration-2.md)]
+:::image type="content" source="media/troubleshoot-error-403/verify-manifest.png" alt-text="Portal view of the manifest for the Azure AD app registration":::
+
+Next, select *API permissions* from the menu bar to verify that this app registration contains Read/Write permissions for Azure Digital Twins. You should see an entry like this:
+
+:::image type="content" source="media/troubleshoot-error-403/verify-api-permissions.png" alt-text="Portal view of the API permissions for the Azure AD app registration, showing 'Read/Write Access' for Azure Digital Twins":::
 
 #### Fix issues
 
-If any of this appears differently than described, follow the instructions on how to set up an app registration in the [*Set up access permissions for client applications* section](how-to-set-up-instance-cli.md#set-up-access-permissions-for-client-applications) of *How-to: Set up an instance and authentication (CLI or portal)*.
+If any of this appears differently than described, follow the instructions on how to set up an app registration in [*How-to: Create an app registration*](how-to-create-app-registration.md).
 
 ## Next steps
 

articles/digital-twins/media/troubleshoot-error-403/verify-api-permissions.png

@@ -13,9 +13,4 @@ To complete this tutorial, you'll need an **Azure Digital Twins instance** to pr
 
 * Otherwise, **set up an instance and authentication** using the instructions in [*How-to: Set up an instance and authentication*](../articles/digital-twins/how-to-set-up-instance-portal.md). The instructions also contain steps to verify that you have completed each step successfully and are ready to move on to using your new instance.
 
-In this tutorial, you will need the following values from when you set up your instance. 
-If you need to gather these values again, use the links below to the corresponding sections in the setup article for finding them in the [Azure portal](https://portal.azure.com).
-* Azure Digital Twins instance **_name_** ([find in portal](../articles/digital-twins/how-to-set-up-instance-portal.md#verify-success-and-collect-important-values))
-* Azure Digital Twins instance **_host name_** ([find in portal](../articles/digital-twins/how-to-set-up-instance-portal.md#verify-success-and-collect-important-values))
-* Azure AD app registration **_Application (client) ID_** ([find in portal](../articles/digital-twins/how-to-set-up-instance-portal.md#collect-important-values))
-* Azure AD app registration **_Directory (tenant) ID_** ([find in portal](../articles/digital-twins/how-to-set-up-instance-portal.md#collect-important-values))
+Once you have an Azure Digital Twins instance to work with in the tutorial, you'll need the instance's **_host name_** ([find in portal](how-to-set-up-instance-portal.md#verify-success-and-collect-important-values)).