dotnet
diff --git a/‎aspnetcore/security/authentication/ws-federation.md‎
Lines changed: 1 addition & 1 deletion b/‎aspnetcore/security/authentication/ws-federation.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎aspnetcore/security/authentication/ws-federation/_static/AadAppIdUri.png‎
28.4 KB b/‎aspnetcore/security/authentication/ws-federation/_static/AadAppIdUri.png‎
28.4 KB
diff --git a/‎aspnetcore/security/authentication/ws-federation/_static/AadFederationMetadataDocument.png‎
132 KB b/‎aspnetcore/security/authentication/ws-federation/_static/AadFederationMetadataDocument.png‎
132 KB
diff --git a/‎aspnetcore/security/authentication/ws-federation/samples/Startup21.cs‎
Lines changed: 4 additions & 4 deletions b/‎aspnetcore/security/authentication/ws-federation/samples/Startup21.cs‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎aspnetcore/security/authentication/ws-federation/samples/Startup31.cs‎
Lines changed: 2 additions & 2 deletions b/‎aspnetcore/security/authentication/ws-federation/samples/Startup31.cs‎
Lines changed: 2 additions & 2 deletions
@@ -71,7 +71,7 @@ By default, the new middleware:
 
 ![Azure Active Directory: Endpoints](ws-federation/_static/AadFederationMetadataDocument.png)
 
-* Navigate to the new app registration. Click **Settings** > **Properties** and make note of the **App ID URI**. This is the WS-Federation middleware's `Wtrealm`:
+* Navigate to the new app registration. Click **Expose an API**. Click Application ID URI **Set** > **Save**. Make note of the  **Application ID URI**. This is the WS-Federation middleware's `Wtrealm`:
 
 ![Azure Active Directory: App registration properties](ws-federation/_static/AadAppIdUri.png)
 
 
@@ -39,13 +39,13 @@ public void ConfigureServices(IServiceCollection services)
                 {
                     // MetadataAddress represents the Active Directory instance used to authenticate users.
                     options.MetadataAddress = "https://<ADFS FQDN or AAD tenant>/FederationMetadata/2007-06/FederationMetadata.xml";
-            
+
                     // Wtrealm is the app's identifier in the Active Directory instance.
                     // For ADFS, use the relying party's identifier, its WS-Federation Passive protocol URL:
                     options.Wtrealm = "https://localhost:44307/";
-            
-                    // For AAD, use the App ID URI from the app registration's Properties blade:
-                    options.Wtrealm = "https://wsfedsample.onmicrosoft.com/bf0e7e6d-056e-4e37-b9a6-2c36797b9f01";
+
+                    // For AAD, use the Application ID URI from the app registration's Overview blade:
+                    options.Wtrealm = "api://bbd35166-7c13-49f3-8041-9551f2847b69";
                 });
 
             services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
 
@@ -38,8 +38,8 @@ public void ConfigureServices(IServiceCollection services)
                     // For ADFS, use the relying party's identifier, its WS-Federation Passive protocol URL:
                     options.Wtrealm = "https://localhost:44307/";
 
-                    // For AAD, use the App ID URI from the app registration's Properties blade:
-                    options.Wtrealm = "https://wsfedsample.onmicrosoft.com/bf0e7e6d-056e-4e37-b9a6-2c36797b9f01";
+                    // For AAD, use the Application ID URI from the app registration's Overview blade:
+                    options.Wtrealm = "api://bbd35166-7c13-49f3-8041-9551f2847b69";
                 });
 
             services.AddControllersWithViews();