Merge pull request auth0-training#11 from auth0-training/fix/edumaint…

…-2221

Fixes EDUMAINT 2221

.auth0/lab/guides/working-with-the-user-profile.tour

@@ -24,7 +24,7 @@
       "file": "",
       "line": 1,
       "title": "Retrieve any user profile from the Management API",
-      "description": "## Retrieve any user profile from the Management API\n\n1. #### If you're not already logged in, log in to the Auth0 Dashboard and ensure that you're on your *dev-* tenant.  \n\n1. #### In the left-hand navigation, click _Applications > APIs_.  \n\n    The _APIs_ list view is displayed. For more on APIs, check out _lab 6 Working with APIs_. For the purposes of this lab, notice that an API already exists for your tenant, the _Auth0 Management API_.  \n\n    Yes, that is right we use Auth0 to secure our own APIs! The Management API is a system API with an identifier of _[https://{yourTenantName}.{yourRegion}.auth0.com/api/v2](https://{yourTenantName}.{yourRegion}.auth0.com/api/v2)_.  \n\n    ![profile-10](https://cdn.auth0.com/website/a0fun/v2/profile-10.gif)  \n\n1. #### Click the _Auth0 Management API_ link to display the _Settings_ for this API.  \n\n    Note the warning alerting you to the fact this is a special API.  \n\n1. #### Click the _Permissions_ tab located at the top of the page.  \n\n    These are all the fine grain permissions available for this API.  \n\n    ![profile-12](https://cdn.auth0.com/website/a0fun/v2/profile-12.gif)  \n\n1. #### Click the _API Explorer_ tab located at the top of the page.  \n \n    The API Explorer can be used to explore and prototype calls to the API without having to write a line of code. **If you've never used the API Explorer before, you will need to click _Create & Authorize Test Application_ on this page for the API Explorer to work.** \n\n    ![profile-13](https://cdn.auth0.com/website/a0fun/v2/profile-13.gif)  \n\n\n1. #### Click the _Copy_ button to the right of the Access Token.  \n\n    ![profile-14](https://cdn.auth0.com/website/a0fun/v2/profile-14.gif)  \n\n1. #### Examine the Access Token\n\n    Before we use the API Explorer, let's examine the Access Token we just copied. Open a tab in your browser and navigate to [_jwt.io_](https://jwt.io/).  \n\n1. #### Paste the token in the field labeled _Encoded_, replacing the sample token.  \n\n    ![profile-15](https://cdn.auth0.com/website/a0fun/v2/profile-15.gif)  \n\n    Look at the decoded JSON Payload in the _Decoded_ field on the right. Here you can see the token was issued by your tenant via the _iss_ claim. It has an _audience (aud)_ claim for your tenant’s Management API endpoint. And all the permissions are listed in the _scope_ claim.  \n\n    This means that this Access Token can be used to make calls to all of the endpoints of the Management API. So it is very useful for the API Explorer.\n\n1. #### Return to the _Auth0 Management API_ details view on the _API Explorer_ tab.  \n\n1. #### Scroll down to the _Using this token in the API Explorer_ section. \n\n1. #### Click the _Management API Explorer_ link listed in step 1.\n    The _Management API Explorer_ will open in a new tab. Feel free to bookmark this tool, it is quite useful. It can always be found at [_https://auth0.com/docs/api/management/v2_](https://auth0.com/docs/api/management/v2).  \n\n    ![profile-16](https://cdn.auth0.com/website/a0fun/v2/profile-16.gif)  \n\n1. #### Click the _SET API TOKEN_ button located in the upper right corner of the page.  \n\n    The _Set Management API Token_ modal dialog is displayed.  \n\n1. #### Paste the Access Token into the _API Token_ field and click the _Set Token_ button.\n    The Explorer will update to show your tenant domain and the allowed scopes provided by the Access Token in the left-hand navigation.  \n\n1. #### Scroll the left-hand navigation down to the _Users_ section.  \n\n1. #### Select the _Users_ link in the left-hand navigation.\n    The navigation expands to show all of the endpoints provided by this API for managing users. \n    \n1. #### Select the _List or search users_ link to view details about this endpoint.\n     Looking at the documentation for this endpoint, you can see it requires a _GET_ request to _/api/v2/users_ with an access token containing the _read:users_ and *read:user\\_idp\\_tokens* scopes.  \n\n1. #### Click _QUERY PARAMETERS_ to reveal a list of the parameters accepted by this endpoint.  \n\n1. #### Locate the endpoint test area to the right of this page, and click the _Test Endpoint_ button.\n    A request is made to the Management API and then you'll see the response displayed. You can see that a GET request was made to the endpoint described in the _ENDPOINT_ section. The _Response Code_ section shows the [_HTTP Status Code_](https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html) returned from the API, in this case, a _200_.\n    Finally, the _RESPONSE BODY_ section displays the JSON response from the API.   \n\n\n1. #### Locate the user you updated earlier in this lab in the list.\n    It should be pretty easy because at this point we have not created many users. But as you can imagine this list will grow quickly and you will need to filter it using the parameters available to the API endpoint.  \n    Of course, you do not have to search for a user if you already know their user id.  \n\n    ![profile-19](https://cdn.auth0.com/website/a0fun/v2/profile-19.gif)  \n\n1. #### Locate the *user_id* property of the user and _copy its value_. \n\n    ![profile-20](https://cdn.auth0.com/website/a0fun/v2/profile-20.gif)    \n\n1. #### In the left-hand navigation under the Users section, click the _Get a user_ link.\n    The _Get a user_ endpoint documentation is displayed. It requires a _GET_ request to _/api/v2/users/{id}_ with an Access Token containing the _read:users_ and _read:user_idp_tokens_ scopes. In the _PATH PARAMETERS_ section, you can see the _id_ parameter is required.  \n\n1. #### Locate the endpoint test area to the right of this page.\n\n1. #### Paste the user’s id into the _path: id_ field.  \n\n1. #### Click the _Test Endpoint_ button.\n\n    You should see a successful _Get a User_ response containing the user profile of the user. This profile contains all of the stored profile information of the user including **user_metadata** and **app_metadata** values you set earlier.\n    Note there are other useful properties contained in the profile that you have not seen yet. These include the number of times this user has authenticated, the last time they authenticated, and the IP address associated with the last login."
+      "description": "## Retrieve any user profile from the Management API\n\n1. #### If you're not already logged in, log in to the Auth0 Dashboard and ensure that you're on your *dev-* tenant.  \n\n1. #### In the left-hand navigation, click _Applications > APIs_.  \n\n    The _APIs_ list view is displayed. For more on APIs, check out _lab 6 Working with APIs_. For the purposes of this lab, notice that an API already exists for your tenant, the _Auth0 Management API_.  \n\n    Yes, that is right we use Auth0 to secure our own APIs! The Management API is a system API with an identifier of _[https://{yourTenantName}.{yourRegion}.auth0.com/api/v2](https://{yourTenantName}.{yourRegion}.auth0.com/api/v2)_.  \n\n    ![profile-10](https://cdn.auth0.com/website/a0fun/v2/profile-10.gif)  \n\n1. #### Click the _Auth0 Management API_ link to display the _Settings_ for this API.  \n\n    Note the warning alerting you to the fact this is a special API.  \n\n1. #### Click the _Permissions_ tab located at the top of the page.  \n\n    These are all the fine grain permissions available for this API.  \n\n    ![profile-12](https://cdn.auth0.com/website/a0fun/v2/profile-12.gif)  \n\n1. #### Click the _API Explorer_ tab located at the top of the page.  \n \n    The API Explorer can be used to explore and prototype calls to the API without having to write a line of code. **If you've never used the API Explorer before, you will need to click _Create & Authorize Test Application_ on this page for the API Explorer to work.** \n\n    ![profile-13](https://cdn.auth0.com/website/a0fun/v2/profile-13.gif)  \n\n\n1. #### Click the _Copy_ button to the right of the Access Token.  \n\n    ![profile-14](https://cdn.auth0.com/website/a0fun/v2/profile-14.gif)  \n\n1. #### Examine the Access Token\n\n    Before we use the API Explorer, let's examine the Access Token we just copied. Open a tab in your browser and navigate to [_jwt.io_](https://jwt.io/).  \n\n1. #### Paste the token in the field labeled _Encoded_, replacing the sample token.  \n\n    ![profile-15](https://cdn.auth0.com/website/a0fun/v2/profile-15.gif)  \n\n    Look at the decoded JSON Payload in the _Decoded_ field on the right. Here you can see the token was issued by your tenant via the _iss_ claim. It has an _audience (aud)_ claim for your tenant’s Management API endpoint. And all the permissions are listed in the _scope_ claim.  \n\n    This means that this Access Token can be used to make calls to all of the endpoints of the Management API. So it is very useful for the API Explorer.\n\n1. #### Return to the _Auth0 Management API_ details view on the _API Explorer_ tab.  \n\n1. #### Scroll down to the _Using this token in the API Explorer_ section. \n\n1. #### Click the _Management API Explorer_ link listed in step 1.\n    The _Management API Explorer_ will open in a new tab. Feel free to bookmark this tool, it is quite useful. It can always be found at [_https://auth0.com/docs/api/management/v2_](https://auth0.com/docs/api/management/v2).  \n\n    ![profile-16](https://cdn.auth0.com/website/a0fun/v2/profile-16.gif)  \n\n1. #### Click the _SET API TOKEN_ button located in the upper right corner of the page.  \n\n    The _Set Management API Token_ modal dialog is displayed.  \n\n1. #### Paste the Access Token into the _API Token_ field and click the _Set Token_ button.\n    The Explorer will update to show your tenant domain and the allowed scopes provided by the Access Token in the left-hand navigation.  \n\n1. #### Scroll the left-hand navigation down to the _Users_ section.  \n\n1. #### Select the _Users_ link in the left-hand navigation.\n    The navigation expands to show all of the endpoints provided by this API for managing users. \n    \n1. #### Select the _List or search users_ link to view details about this endpoint.\n     Looking at the documentation for this endpoint, you can see it requires a _GET_ request to _/api/v2/users_ with an access token containing the _read:users_ and *read:user\\_idp\\_tokens* scopes.  \n\n1. #### Select _Show Optional Parameters_ to reveal a list of the parameters accepted by this endpoint.  \n\n1. #### Locate the endpoint test area to the right of this page, and click the _Test Endpoint_ button.\n    A request is made to the Management API and then you'll see the response displayed. You can see that a GET request was made to the endpoint described in the _ENDPOINT_ section. The _Response Code_ section shows the [_HTTP Status Code_](https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html) returned from the API, in this case, a _200_.\n    Finally, the _RESPONSE BODY_ section displays the JSON response from the API.   \n\n\n1. #### Locate the user you updated earlier in this lab in the list.\n    It should be pretty easy because at this point we have not created many users. But as you can imagine this list will grow quickly and you will need to filter it using the parameters available to the API endpoint.  \n    Of course, you do not have to search for a user if you already know their user id.  \n\n    ![profile-19](https://cdn.auth0.com/website/a0fun/v2/profile-19.gif)  \n\n1. #### Locate the *user_id* property of the user and _copy its value_. \n\n    ![profile-20](https://cdn.auth0.com/website/a0fun/v2/profile-20.gif)    \n\n1. #### In the left-hand navigation under the Users section, click the _Get a user_ link.\n    The _Get a user_ endpoint documentation is displayed. It requires a _GET_ request to _/api/v2/users/{id}_ with an Access Token containing the _read:users_ and _read:user_idp_tokens_ scopes. In the _PATH PARAMETERS_ section, you can see the _id_ parameter is required.  \n\n1. #### Locate the endpoint test area to the right of this page.\n\n1. #### Paste the user’s id into the _path: id_ field.  \n\n1. #### Click the _Test Endpoint_ button.\n\n    You should see a successful _Get a User_ response containing the user profile of the user. This profile contains all of the stored profile information of the user including **user_metadata** and **app_metadata** values you set earlier.\n    Note there are other useful properties contained in the profile that you have not seen yet. These include the number of times this user has authenticated, the last time they authenticated, and the IP address associated with the last login."
 
     },
     {