Simplify multitenancy guide (#2173)

- `with-mtx` profile config is added on `cds add multitenancy` by
default.
- Removed `oauth-configuration` snippet: was hardcoded to a specific
region (bad practice!) and we add a more generic one in `cds add
xsuaa/ias`.
- `cds add kyma` is a convenient shortcut for `cds add
helm,containerize`.
- Removed the "Behind the Scenes" section as it's overly hard-wired to
XSUAA + Service Manager. It wasn't adding a lot of value imo.

Author: swaldmann

guides/deployment/to-cf.md

@@ -216,8 +216,6 @@ To enable multitenancy for production, run the following command:
 cds add multitenancy
 ```
 
-[Learn more about MTX services.](../multitenancy/#behind-the-scenes){.learn-more}
-
 <br>
 
 ::: tip You're set!

guides/multitenancy/index.md

@@ -79,6 +79,9 @@ cds add multitenancy
         "requires": {
           "[production]": {
             "multitenancy": true
+          },
+          "[with-mtx]": {
+            "multitenancy": true
           }
        }
      }
@@ -721,25 +724,11 @@ cds add mta
 ```
 
 ```sh [Kyma]
-cds add helm,containerize
+cds add kyma
 ```
 
 :::
 
-::: details Add xsuaa redirect for trial / extension landscapes
-Add the following snippet to your _xs-security.json_ and adapt it to the landscape you're deploying to:
-
-```json
-  "oauth2-configuration": {
-    "redirect-uris": ["https://*.cfapps.us10-001.hana.ondemand.com/**"]
-  }
-```
-
-:::
-
-[Learn more about configured BTP services for SaaS applications.](#behind-the-scenes){.learn-more}
-
-
 ::: code-group
 
 ```sh [Cloud Foundry]
@@ -1275,24 +1264,6 @@ The main task for the MTX sidecar is to serve `subscribe` and `upgrade` requests
 
 The CAP services runtime requests models from the sidecar only when you apply tenant-specific extensions. For Node.js projects, you have the option to run the MTX services embedded in the main app, instead of in a sidecar.
 
-<!-- Who cares? Also outdated with IAS -> busywork keeping that in sync -->
-### Behind the Scenes { #behind-the-scenes}
-
-With adding the MTX services, your project configuration is adapted at all relevant places.
-
-Configuration and dependencies are added to your _package.json_ and an _xs-security.json_ containing MTX-specific scopes and roles is created. {.node}
-
-Configuration and dependencies are added to your _.cdsrc.json_ and an _xs-security.json_ containing MTX-specific scopes and roles is created. {.java}
-
-For the MTA deployment service dependencies are added to the _mta.yaml_ file. Each SaaS application will have bindings to at least three SAP BTP service instances.
-
-| Service                                                      | Description                                                  |
-| ------------------------------------------------------------ | ------------------------------------------------------------ |
-| [Service Manager](https://help.sap.com/docs/SERVICEMANAGEMENT/09cc82baadc542a688176dce601398de/4e19b11211fe4ca2a266d3fdd4a72188.html) (`service-manager`) | CAP uses this service for creating a new SAP HANA Deployment Infrastructure (HDI) container for each tenant and for retrieving tenant-specific database connections. |
-| [SaaS Provisioning Service](https://help.sap.com/products/BTP/65de2977205c403bbc107264b8eccf4b/3971151ba22e4faa9b245943feecea54.html) (`saas-registry`)                  | To make a SaaS application available for subscription to SaaS consumer tenants, the application provider must register the application in the SAP BTP Cloud Foundry environment through the SaaS Provisioning Service. |
-| [User Account and Authentication Service](https://help.sap.com/docs/CP_AUTHORIZ_TRUST_MNG) (`xsuaa`)            | Binding information contains the OAuth client ID and client credentials. The XSUAA service can be used to validate the JSON Web Token (JWT) from requests and to retrieve the tenant context from the JWT.|
-
-
 <!--
 
 ## Multiple Microservices