Azure · scottaddie · Dec 2, 2024 · Nov 26, 2024 · Nov 26, 2024
@@ -11,9 +11,11 @@ To use `AzurePipelinesCredential`, configure the following values in the constru
 
 1. `clientId`: Client ID from your user-assigned managed identity OR Application (client) ID from your app registration.
 2. `tenantId`: Tenant ID from your user-assigned managed identity OR Directory (tenant) ID from your app registration.
-3. `serviceConnectionId`: The service connection ID is the **GUID representing your service connection**. The value is obtained by looking at the browser's address bar when you navigate to a service connection in the Azure Pipelines. It's the `resourceId` value, as found in the URL's query string.
-   ![resourceId value, as found in the query string of the Azure Resource Manager service connection created in Azure Pipelines](exampleServiceConnectionUrl.png)
-4. `systemAccessToken`: [See how to configure the predefined system variable System.AccessToken for the Azure Pipelines task](https://learn.microsoft.com/azure/devops/pipelines/build/variables?view=azure-devops&tabs=yaml#systemaccesstoken). This is the value you'll pass to the credential's constructor.
+3. `serviceConnectionId`: The service connection ID is the **GUID representing your service connection**. Once you navigate to an Azure Pipelines service connection details page, the value is obtained in one of the following ways:
+    1. Copy the **ID:** value that appears below the service connection name.
+    1. Copy the `resourceId` value from the querystring of the page's URL.
+   ![Places to locate the Azure Resource Manager service connection ID](../images/AzPipelinesServiceConnectionId.png)
+1. `systemAccessToken`: [See how to configure the predefined system variable System.AccessToken for the Azure Pipelines task](https://learn.microsoft.com/azure/devops/pipelines/build/variables?view=azure-devops&tabs=yaml#systemaccesstoken). This is the value you'll pass to the credential's constructor.
 
 ## Example of using an Azure Pipelines task
 
@@ -62,7 +64,6 @@ var client = new SecretClient(new Uri("https://keyvault-name.vault.azure.net/"),
 
 ***Note:*** This credential is **not** included in the `DefaultAzureCredential` chain.
 
-
 # OnBehalfOfCredential with Managed Identity FIC Example
 
 This example demonstrates the use of the `OnBehalfOfCredential` to authenticate the Key Vault `SecretClient` using a managed identity as the client assertion. More information about the On Behalf Of Flow can be found [here](https://learn.microsoft.com/entra/identity-platform/v2-oauth2-on-behalf-of-flow).