Feature/beautify

samples/authX/create.ipynb

@@ -6,20 +6,20 @@
    "source": [
     "# Samples: AuthX - Authentication & Authorization\n",
     "\n",
-    "[BRIEF SAMPLE DESCRIPTION]\n",
+    "Sets up a simple authentication (authN) and authorization (authZ) combination for role-based access control (RBAC) to a mock _Employees_ API and its operations.\n",
     "\n",
     "⚙️ **Supported infrastructures**: All infrastructures\n",
     "\n",
     "⌚ **Expected *Run All* runtime (excl. infrastructure prerequisite): ~2-3 minutes**\n",
     "\n",
-    "## Objectives\n",
+    "## 🎯 Objectives\n",
     "\n",
     "1. Understand how API Management supports OAuth 2.0 authentication (authN) with JSON Web Tokens (JWT).\n",
     "1. Learn how authorization (authZ) can be accomplished based on JWT claims.\n",
     "1. Configure authN and authZ at various levels in the API Management hierarchy.\n",
     "1. Use external secrets in policies.\n",
     "\n",
-    "## Scenario\n",
+    "## 📝 Scenario\n",
     "\n",
     "This sample combines _authentication (authN)_ and _authorization (authZ)_ into _authX_. This scenario focuses on a Human Resources API that requires privileged role-based access to GET and to POST data. This is simplistic but shows the combination of authN and authZ.\n",
     "\n",
@@ -30,21 +30,23 @@
     "\n",
     "Both personas are part of an HR_Members group and may access the HR API Management Product. Subsequent access to the APIs and their operations must be granular.\n",
     "\n",
-    "### Notes\n",
+    "### 💡 Notes\n",
     "\n",
     "Many organizations require 100% authentication for their APIs. While that is prudent and typically done at the global _All APIs_ level, we refrain from doing so here as to not impact other samples. Instead, we focus on authentication at the API Management API and API operation levels.\n",
     "\n",
-    "## Lab Components\n",
+    "## 🧩 Lab Components\n",
     "\n",
     "While OAuth 2.0 includes an identity provider (IDP), for sake of the sample, we can remove the complexity of including real identities. It is sufficient to use mock JWTs that we can \"authenticate\" by way of a signing key. This is a valid, albeit not the default method for authentication. \n",
     "\n",
     "We do not need real APIs and can rely on mock returns.\n",
     "\n",
     "Furthermore, secrets would ideally be kept in a secret store such as Azure Key Vault and be accessed via API Management's managed identity. Adding a Key Vault to our architecture is a stretch goal that provides value but is not immediately necessary to showcase the authX sample.\n",
     "\n",
-    "JSON Web Tokens are defined in [RFC 7519](https://www.rfc-editor.org/rfc/rfc7519). Two websites to use with JWTs are [Okta's](https://jwt.io/) and [Microsoft's](https://jwt.ms/). Okta's may be preferential due to its features.\n",
+    "JSON Web Tokens are defined in RFC 7519. Okta's JWT website is great to experiment with tokens. Microsoft provides one as well, but it is not as feature-rich.\n",
     "\n",
-    "## Configuration\n",
+    "🔗 [RFC 7519 - JWT](https://www.rfc-editor.org/rfc/rfc7519) | [jwt.io](https://jwt.io/) | [jwt.ms](https://jwt.ms/)\n",
+    "\n",
+    "## ⚙️ Configuration\n",
     "\n",
     "1. Decide which of the [Infrastructure Architectures](../../README.md#infrastructure-architectures) you wish to use.\n",
     "    1. If the infrastructure _does not_ yet exist, navigate to the desired [infrastructure](../../infrastructure/) folder and follow its README.md.\n",
@@ -55,13 +57,11 @@
    "cell_type": "markdown",
    "metadata": {},
    "source": [
-    "### Initialize notebook variables\n",
+    "### 🛠️ 1. Initialize notebook variables\n",
     "\n",
     "Configures everything that's needed for deployment. \n",
     "\n",
-    "[ADD ANY SPECIAL INSTRUCTIONS]\n",
-    "\n",
-    "**Modify entries under _1) User-defined parameters_ and _3) Define the APIs and their operations and policies_**."
+    "👉 **Modify entries under _1) User-defined parameters_ and _3) Define the APIs and their operations and policies_**."
    ]
   },
   {
@@ -131,7 +131,7 @@
    "cell_type": "markdown",
    "metadata": {},
    "source": [
-    "### Create deployment using Bicep\n",
+    "### 🚀 2. Create deployment using Bicep\n",
     "\n",
     "Creates the bicep deployment into the previously-specified resource group. A bicep parameters file will be created prior to execution."
    ]
@@ -172,7 +172,7 @@
    "cell_type": "markdown",
    "metadata": {},
    "source": [
-    "### Verify API Request Success\n",
+    "### ✅ 3. Verify API Request Success\n",
     "\n",
     "Assert that the deployment was successful by making simple calls to APIM. \n",
     "\n",