expand readmes

Author: derisen

4-Deployment/README-incremental.md

@@ -147,10 +147,10 @@ Were we successful in addressing your learning objective? Consider taking a mome
 
 See how to control access to your apps using:
 
-- [App Roles](../5-AccessControl/1-call-api-roles/README.md)
-- [Security Groups](../5-AccessControl/1-call-api-groups/README.md)
+- [App Roles](../5-AccessControl/1-call-api-roles/README-incremental.md)
+- [Security Groups](../5-AccessControl/1-call-api-groups/README-incremental.md)
 
-Or learn more about how to offer your apps to other tenants (SaaS): [Multitenancy](../6-Multitenancy/1-call-api-mt/README.md).
+Or learn more about how to offer your apps to other tenants (SaaS): [Multitenancy](../6-Multitenancy/1-call-api-mt/README-incremental.md).
 
 ## More information
 

5-AccessControl/1-call-api-roles/README-incremental.md

@@ -17,7 +17,7 @@
 
 This sample demonstrates a cross-platform application suite involving an Angular SPA (*TodoListSPA*) calling an ASP.NET Core web API (*TodoListAPI*) secured with the Microsoft identity platform. In doing so, it implements **Role-based Access Control** (RBAC) by using Azure AD **App Roles**.
 
-Access control in Azure AD can also be done with **Security Groups** as well, as we will cover in the [next chapter](../2-call-api-groups/README.md). **Security Groups** and **App Roles** in Azure AD are by no means mutually exclusive - they can be used in tandem to provide even finer grained access control.
+Access control in Azure AD can be done with **Security Groups** as well, as we will cover in the [next tutorial](../2-call-api-groups/README.md). **Security Groups** and **App Roles** in Azure AD are by no means mutually exclusive - they can be used in tandem to provide even finer grained access control.
 
 ## Scenario
 
@@ -31,20 +31,20 @@ In the sample, a **dashboard** component allows signed-in users to see the tasks
 
 ## Contents
 
-| File/folder | Description |
-|----------------------|------------------------------------------------------------|
+| File/folder  | Description |
+|-------------------------------------|------------------------------------------------------------|
 | `AppCreationScripts` | Contains Powershell scripts to automate app registration. |
 | `ReadmeFiles` | Sample readme files. |
 | `SPA/src/app/auth-config.ts` | Authentication parameters for SPA project reside here. |
 | `SPA/src/app/app.module.ts` | MSAL Angular is initialized here. |
+| `SPA/src/app/role-guard.service.ts` | This service protects other components that require user to be in a role. |
 | `API/appsettings.json` | Authentication parameters for API project reside here. |
 | `API/Startup.cs` | Microsoft.Identity.Web is initialized here. |
 
 ## Prerequisites
 
 - An **Azure AD** tenant. For more information see: [How to get an Azure AD tenant](https://docs.microsoft.com/azure/active-directory/develop/quickstart-create-new-tenant)
 - At least **two** user accounts in your Azure AD tenant.
-- A modern Browser. This sample uses **ES6** conventions and will not run on **Internet Explorer**.
 
 ## Setup
 
@@ -427,18 +427,44 @@ To debug the .NET Core Web API that comes with this sample, install the [C# exte
 
 Learn more about using [.NET Core with Visual Studio Code](https://docs.microsoft.com/dotnet/core/tutorials/with-visual-studio-code).
 
+## More information
+
+- [Microsoft identity platform (Azure Active Directory for developers)](https://docs.microsoft.com/azure/active-directory/develop/)
+- [Overview of Microsoft Authentication Library (MSAL)](https://docs.microsoft.com/azure/active-directory/develop/msal-overview)
+- [Quickstart: Register an application with the Microsoft identity platform (Preview)](https://docs.microsoft.com/azure/active-directory/develop/quickstart-register-app)
+- [Quickstart: Configure a client application to access web APIs (Preview)](https://docs.microsoft.com/azure/active-directory/develop/quickstart-configure-app-access-web-apis)
+- [Understanding Azure AD application consent experiences](https://docs.microsoft.com/azure/active-directory/develop/application-consent-experience)
+- [Understand user and admin consent](https://docs.microsoft.com/azure/active-directory/develop/howto-convert-app-to-be-multi-tenant#understand-user-and-admin-consent)
+- [Initialize client applications using MSAL.js](https://docs.microsoft.com/azure/active-directory/develop/msal-js-initializing-client-applications)
+- [Single sign-on with MSAL.js](https://docs.microsoft.com/azure/active-directory/develop/msal-js-sso)
+- [Handle MSAL.js exceptions and errors](https://docs.microsoft.com/azure/active-directory/develop/msal-handling-exceptions?tabs=javascript)
+- [Logging in MSAL.js applications](https://docs.microsoft.com/azure/active-directory/develop/msal-logging?tabs=javascript)
+- [Pass custom state in authentication requests using MSAL.js](https://docs.microsoft.com/azure/active-directory/develop/msal-js-pass-custom-state-authentication-request)
+- [Prompt behavior in MSAL.js interactive requests](https://docs.microsoft.com/azure/active-directory/develop/msal-js-prompt-behavior)
+- [Use MSAL.js to work with Azure AD B2C](https://docs.microsoft.com/azure/active-directory/develop/msal-b2c-overview)
+
+For more information about how OAuth 2.0 protocols work in this scenario and other scenarios, see [Authentication Scenarios for Azure AD](https://docs.microsoft.com/azure/active-directory/develop/authentication-flows-app-scenarios).
+
 ## Community Help and Support
 
 Use [Stack Overflow](http://stackoverflow.com/questions/tagged/msal) to get support from the community.
 Ask your questions on Stack Overflow first and browse existing issues to see if someone has asked your question before.
-Make sure that your questions or comments are tagged with [`azure-active-directory` `azure-ad-b2c` `ms-identity` `msal`].
+Make sure that your questions or comments are tagged with [`msal` `dotnet` `angular` `azure-active-directory`].
 
-If you find a bug in the sample, raise the issue on [GitHub Issues](../../../../issues).
+If you find a bug in the sample, please raise the issue on [GitHub Issues](../../issues).
 
-To provide feedback on or suggest features for Azure Active Directory, visit [User Voice page](https://feedback.azure.com/forums/169401-azure-active-directory).
+To provide a recommendation, visit the following [User Voice page](https://feedback.azure.com/forums/169401-azure-active-directory).
 
 ## Contributing
 
-If you'd like to contribute to this sample, see [CONTRIBUTING.MD](/CONTRIBUTING.md).
+This project welcomes contributions and suggestions. Most contributions require you to agree to a
+Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us
+the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
+
+When you submit a pull request, a CLA bot will automatically determine whether you need to provide
+a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions
+provided by the bot. You will only need to do this once across all repos using our CLA.
 
-This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). For more information, see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
+For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or
+contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.