From fcc3a5e1a4b026bd8b565db4793bf6436d112c24 Mon Sep 17 00:00:00 2001
From: Ben Alfasi <bealfasi@microsoft.com>
Date: Tue, 7 Jan 2020 15:04:46 +0200
Subject: [PATCH] done

---
 .../exposed-apis-create-app-partners.md               | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md
index c88ede1d0d..b3b9748689 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md
@@ -67,12 +67,13 @@ The following steps with guide you how to create an AAD application, get an acce
 
    To determine which permission you need, please look at the **Permissions** section in the API you are interested to call. For instance:
 
-     - To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission
-     - To [isolate a machine](isolate-machine.md), select 'Isolate machine' permission
+   - To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission
+   
+   - To [isolate a machine](isolate-machine.md), select 'Isolate machine' permission
 
-   - In the following example we will use **'Read all alerts'** permission:
+   In the following example we will use **'Read all alerts'** permission:
 
-   - Choose **Application permissions** > **Alert.Read.All** > Click on **Add permissions**
+   Choose **Application permissions** > **Alert.Read.All** > Click on **Add permissions**
 
    ![Image of API access and API selection](images/application-permissions.png)
 
@@ -210,7 +211,7 @@ Sanity check to make sure you got a correct token:
 - Copy/paste into [JWT](https://jwt.ms) the token you get in the previous step in order to decode it
 - Validate you get a 'roles' claim with the desired permissions
 - In the screen shot below you can see a decoded token acquired from an Application with multiple permissions to Microsoft Defender ATP:
-- The "tid" claim is the tenant ID the token belongs.
+- The "tid" claim is the tenant ID the token belongs to.
 
 ![Image of token validation](images/webapp-decoded-token.png)