Merge pull request #6122 from MicrosoftDocs/main

learn-build-service-prod[bot] · web-flow · commit b10e667e7185 · 2025-07-18T17:11:28.000Z
Auto Publish – main to live - 2025-07-18 17:09 UTC
diff --git a/articles/ai-foundry/agents/how-to/tools/overview.md b/articles/ai-foundry/agents/how-to/tools/overview.md
@@ -73,7 +73,7 @@ The Foundry Agent Service provides the following built-in tools. You can use the
 |[Azure AI Search](azure-ai-search.md)     | Use an existing Azure AI Search index to ground agents with data in the index, and chat with your data.        |
 |[Azure Functions](azure-functions.md)     | Leverage your Azure Functions to create intelligent, event-driven applications.        |
 |[Code Interpreter](code-interpreter.md)     | Enable agents to write and run Python code in a sandboxed execution environment.         |
-|[Deep Research](./deep-research.md) | Use OpenAI's advanced agentic research capability for analysis and reasoning. | 
+|[Deep Research (preview)](./deep-research.md) | Use OpenAI's advanced agentic research capability for analysis and reasoning. | 
 |[File Search](file-search.md)     | Augment agents with knowledge from outside its model, such as proprietary product information or documents provided by your users.          |
 |[Function calling](function-calling.md)     |Describe the structure of functions you create to an agent and have them be called when appropriate during the agent's interactions with users.         |
 |[Grounding with Bing Search](bing-grounding.md)     | Enable your agent to use Grounding with Bing Search to access and return information from the internet.         |
diff --git a/articles/ai-foundry/agents/toc.yml b/articles/ai-foundry/agents/toc.yml
@@ -33,13 +33,6 @@ items:
         - name: Tool Overview
           href: how-to/tools/overview.md
           displayName: tools
-        - name: Deep Research (preview)
-          items:
-            - name: Overview
-              href: how-to/tools/deep-research.md
-              displayName: deep research
-            - name: How to use Deep Research
-              href: how-to/tools/deep-research-samples.md
         - name: Azure AI Search
           items:
           - name: Overview
@@ -61,6 +54,13 @@ items:
               displayName: code interpreter
             - name: How to use code interpreter
               href: how-to/tools/code-interpreter-samples.md
+        - name: Deep Research (preview)
+          items:
+            - name: Overview
+              href: how-to/tools/deep-research.md
+              displayName: deep research
+            - name: How to use Deep Research
+              href: how-to/tools/deep-research-samples.md
         - name: File search
           items:
           - name: Overview
@@ -77,11 +77,18 @@ items:
             displayName: bing, grounding with bing  
           - name: How to use Grounding with Bing Search
             href: how-to/tools/bing-code-samples.md
+        - name: Grounding with Bing Custom Search (preview)
+          items:
+          - name: Overview
+            href: how-to/tools/bing-custom-search.md
+            displayName: bing, grounding with bing custom search
+          - name: How to use Grounding with Bing Custom Search
+            href: how-to/tools/bing-custom-search-samples.md
         - name: Logic apps
           href: how-to/tools/logic-apps.md
-        - name: Microsoft Fabric
+        - name: Microsoft Fabric (preview)
           href: how-to/tools/fabric.md
-        - name: Model Context Protocol (MCP)
+        - name: Model Context Protocol (preview)
           items:
             - name: Overview
               href: how-to/tools/model-context-protocol.md
@@ -105,13 +112,6 @@ items:
               displayName: sharepoint
             - name: How to use SharePoint
               href: how-to/tools/sharepoint-samples.md
-        - name: Use Grounding with Bing Custom Search
-          items:
-          - name: Overview
-            href: how-to/tools/bing-custom-search.md
-            displayName: bing, grounding with bing custom search
-          - name: How to use Grounding with Bing Custom Search
-            href: how-to/tools/bing-custom-search-samples.md
     - name: Enterprise features
       items: 
         - name: Use your own resources
diff --git a/articles/search/search-document-level-access-overview.md b/articles/search/search-document-level-access-overview.md
@@ -21,7 +21,7 @@ Azure AI Search supports document-level access control, enabling organizations t
 | Approach | Description |
 |----------|-------------|
 | Security filters | String comparison. Your application passes in a user or group identity as a string, which populates a filter on a query, excluding any documents that don't match on the string. <br><br>Security filters are a technique for achieving document-level access control. This approach isn't bound to an API so you can use any version or package. |
-| ACLs / RBAC scopes (preview) | Microsoft Entra ID security principal behind the query token is compared to the permission metadata of documents returned in search results, excluding any documents that don't match on permissions. <br><br>Built-in support for identity-based access at the document level is in preview, available in REST APIs and prerelease Azure SDK packages that provide the feature. Be sure to check the [SDK package change log](#retrieve-permissions-metadata-during-data-ingestion-process) for evidence of feature support.|
+| ACLs / RBAC scopes (preview) | Microsoft Entra ID security principal behind the query token is compared to the permission metadata of documents returned in search results, excluding any documents that don't match on permissions. Access Control Lists (ACL) permissions apply to Azure Data Lake Storage (ADLS) Gen2 directories and files. Role-based access control (RBAC) scopes apply to ADLS Gen2 content and to Azure blobs. <br><br>Built-in support for identity-based access at the document level is in preview, available in REST APIs and prerelease Azure SDK packages that provide the feature. Be sure to check the [SDK package change log](#retrieve-permissions-metadata-during-data-ingestion-process) for evidence of feature support.|
 
 ## Pattern for security trimming using filters  
 
@@ -42,9 +42,9 @@ This approach is useful for systems with custom access models or non-Microsoft s
 
 Native support is based on Microsoft Entra ID user and group access IDs affiliated with documents that you want to index and query. 
 
-Azure Data Lake Storage (ADLS) Gen2 containers support ACLs on the container and on files. For ADLS Gen2, RBAC scope preservation at document level is natively supported when you use the [ADLS Gen2 indexer](search-howto-index-azure-data-lake-storage.md) and a preview API to ingest content. 
+Azure Data Lake Storage (ADLS) Gen2 containers support ACLs on the container and on files. For ADLS Gen2, RBAC scope preservation at document level is natively supported when you use the [ADLS Gen2 indexer](search-howto-index-azure-data-lake-storage.md) and a preview API to ingest content. For Azure blobs using the [Azure blob indexer](search-blob-indexer-role-based-access.md), RBAC scope preservation is at the container level.
 
-For any content that's secured through ACLs, we recommend group access IDs over user access IDs for ease of management. The pattern includes the following components:
+For ACL-secured content, we recommend group access IDs over user access IDs for ease of management. The pattern includes the following components:
 
 - Start with documents or files that have ACL assignments.
 - [Enable permission filters](/rest/api/searchservice/indexes/create-or-update?view=rest-searchservice-2025-05-01-preview&preserve-view=true#searchindexpermissionfilteroption) in the index.
