MicrosoftDocs
diff --git a/‎articles/iot-operations/connect-to-cloud/howto-configure-fabric-endpoint.md
Lines changed: 2 additions & 2 deletions b/‎articles/iot-operations/connect-to-cloud/howto-configure-fabric-endpoint.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/iot-operations/connect-to-cloud/howto-configure-kafka-endpoint.md
Lines changed: 9 additions & 3 deletions b/‎articles/iot-operations/connect-to-cloud/howto-configure-kafka-endpoint.md
Lines changed: 9 additions & 3 deletions
diff --git a/‎articles/iot-operations/connect-to-cloud/howto-configure-mqtt-endpoint.md
Lines changed: 11 additions & 6 deletions b/‎articles/iot-operations/connect-to-cloud/howto-configure-mqtt-endpoint.md
Lines changed: 11 additions & 6 deletions
diff --git a/‎articles/iot-operations/connect-to-cloud/media/concept-schema-registry/upload-schema.png
34.6 KB b/‎articles/iot-operations/connect-to-cloud/media/concept-schema-registry/upload-schema.png
34.6 KB
diff --git a/‎articles/iot-operations/connect-to-cloud/media/howto-configure-adlsv2-endpoint/adls-advanced.png
11.9 KB b/‎articles/iot-operations/connect-to-cloud/media/howto-configure-adlsv2-endpoint/adls-advanced.png
11.9 KB
diff --git a/‎articles/iot-operations/connect-to-cloud/media/howto-configure-adlsv2-endpoint/create-adls-endpoint.png
26.2 KB b/‎articles/iot-operations/connect-to-cloud/media/howto-configure-adlsv2-endpoint/create-adls-endpoint.png
26.2 KB
diff --git a/‎articles/iot-operations/connect-to-cloud/media/howto-configure-adx-endpoint/adx-advanced.png
-21.8 KB b/‎articles/iot-operations/connect-to-cloud/media/howto-configure-adx-endpoint/adx-advanced.png
-21.8 KB
diff --git a/‎articles/iot-operations/connect-to-cloud/media/howto-configure-adx-endpoint/create-adx-endpoint.png
-5.96 KB b/‎articles/iot-operations/connect-to-cloud/media/howto-configure-adx-endpoint/create-adx-endpoint.png
-5.96 KB
diff --git a/‎articles/iot-operations/connect-to-cloud/media/howto-configure-adx-endpoint/dataflow-mq-adx.png
-162 KB b/‎articles/iot-operations/connect-to-cloud/media/howto-configure-adx-endpoint/dataflow-mq-adx.png
-162 KB
diff --git a/‎articles/iot-operations/connect-to-cloud/media/howto-configure-dataflow-endpoint/create-dataflow-mq-kafka.png
44.2 KB b/‎articles/iot-operations/connect-to-cloud/media/howto-configure-dataflow-endpoint/create-dataflow-mq-kafka.png
44.2 KB
@@ -168,9 +168,9 @@ fabricOneLakeSettings:
 
 The following authentication methods are available for Microsoft Fabric OneLake dataflow endpoints. For more information about enabling secure settings by configuring an Azure Key Vault and enabling workload identities, see [Enable secure settings in Azure IoT Operations deployment](../deploy-iot-ops/howto-enable-secure-settings.md).
 
-Before you create the dataflow endpoint, assign workspace *Contributor* role to the IoT Operations extension that grants permission to write to the Fabric lakehouse. 
+Before you create the dataflow endpoint, assign workspace *Contributor* role to the IoT Operations extension that grants permission to write to the Fabric lakehouse. You can find the extension name in the Azure IoT Operations instance overview page under **Essentials** > **Arc extension**.
 
-![Screenshot of IoT Operations extension name to grant workspace access to.](media/howto-configure-fabric-endpoint/extension-name.png)
+![Screenshot of IoT Operations extension name to grant workspace access. ](media/howto-configure-fabric-endpoint/extension-name.png)
 
 To learn more, see [Give access to a workspace](/fabric/get-started/give-access-workspaces).
 
 
@@ -58,8 +58,14 @@ Finally, create the *DataflowEndpoint* resource. Use your own values to replace
     | Setting              | Description                                                                                       |
     | -------------------- | ------------------------------------------------------------------------------------------------- |
     | Name                 | The name of the dataflow endpoint.                                     |
-    | Host                 | The hostname of the Kafka broker in the format `<NAMEPSACE>.servicebus.windows.net:9093`. Include port number `9093` in the host setting for Event Hubs. |
-    | Authentication method| The method used for authentication. Choose *System assigned managed identity* |
+    | Host                 | The hostname of the Kafka broker in the format `<NAMESPACE>.servicebus.windows.net:9093`. Include port number `9093` in the host setting for Event Hubs. |
+    | Authentication method| The method used for authentication. Choose *System assigned managed identity*, *User assigned managed identity*, or *SASL*. |
+    | Client ID             | The client ID of the user-assigned managed identity. Required if using *User assigned managed identity*. |
+    | Tenant ID             | The tenant ID of the user-assigned managed identity. Required if using *User assigned managed identity*. |
+    | SASL type                      | Choose `Plain`. |
+    | Synced secret name             | Enter a name of the Kubernetes secret that contains the connection string. Required if using *SASL*.  |
+    | Username reference or token secret | The reference to the username or token secret used for SASL authentication. Either pick it from the Key Vault list or create a new one. The value must be `$ConnectionString`. |
+    | Password reference of token secret | The reference to the password or token secret used for SASL authentication. Either pick it from the Key Vault list or create a new one. The value must be in the format of `Endpoint=sb://<NAMESPACE>.servicebus.windows.net/;SharedAccessKeyName=<KEY-NAME>;SharedAccessKey=<KEY>`. |
 
 1. Select **Apply** to provision the endpoint.
 
@@ -234,7 +240,7 @@ To configure a dataflow endpoint for non-Event-Hub Kafka brokers, set the host,
     | -------------------- | ------------------------------------------------------------------------------------------------- |
     | Name                 | The name of the dataflow endpoint.                                     |
     | Host                 | The hostname of the Kafka broker in the format `<Kafa-broker-host>:xxxx`. Include port number in the host setting. |
-    | Authentication method| The method used for authentication. Choose *SASL*. |
+    | Authentication method| The method used for authentication. Choose *SASL* or *None*. |
     | SASL type            | The type of SASL authentication. Choose *Plain*, *ScramSha256*, or *ScramSha512*. Required if using *SASL*. |
     | Synced secret name   | The name of the secret. Required if using *SASL*. |
     | Username reference of token secret | The reference to the username in the SASL token secret. Required if using *SASL*. |
 
@@ -6,7 +6,7 @@ ms.author: patricka
 ms.service: azure-iot-operations
 ms.subservice: azure-data-flows
 ms.topic: how-to
-ms.date: 11/11/2024
+ms.date: 11/14/2024
 ai-usage: ai-assisted
 
 #CustomerIntent: As an operator, I want to understand how to understand how to configure dataflow endpoints for MQTT sources and destinations in Azure IoT Operations so that I can send data to and from MQTT brokers.
@@ -126,8 +126,8 @@ You can also create new local MQTT broker endpoints with custom settings. For ex
     | -------------------- | ------------------------------------------------------------------------------------------------- |
     | Name                 | The name of the dataflow endpoint.                                                        |
     | Host                 | The hostname and port of the MQTT broker. Use the format `<hostname>:<port>`                                |
-    | Authentication method | The method used for authentication. Choose *Service account token*, or *X509 certificate* |
-    | Service audience      | The audience for the service account token. Required if using *Service account token*. |
+    | Authentication method | The method used for authentication. Choose *Kubernetes service account token*, *X509 certificate*, or *None*. |
+    | Service audience      | The audience for the service account token. Required if using *Kubernetes service account token*. |
     | X509 client certificate | The X.509 client certificate used for authentication. Required if using *X509 certificate*. |
     | X509 client key       | The private key corresponding to the X.509 client certificate. Required if using *X509 certificate*. |
     | X509 intermediate certificates | The intermediate certificates for the X.509 client certificate chain. Required if using *X509 certificate*. |
@@ -249,7 +249,12 @@ Once the Event Grid namespace is configured, you can create a dataflow endpoint
     | -------------------- | ------------------------------------------------------------------------------------------------- |
     | Name                 | The name of the dataflow endpoint.                                                        |
     | Host                 | The hostname and port of the Event Grid MQTT broker. Use the format `<NAMESPACE>.<REGION>-1.ts.eventgrid.azure.net:8883`                                |
-    | Authentication method | The method used for authentication. Choose *System assigned managed identity* |
+    | Authentication method | The method used for authentication. Choose *System assigned managed identity*, *User assigned managed identity*, or *X509 certificate* |
+    | Client ID             | The client ID of the user-assigned managed identity. Required if using *User assigned managed identity*. |
+    | Tenant ID             | The tenant ID of the user-assigned managed identity. Required if using *User assigned managed identity*. |
+    | X509 client certificate | The X.509 client certificate used for authentication. Required if using *X509 certificate*. |
+    | X509 client key       | The private key corresponding to the X.509 client certificate. Required if using *X509 certificate*. |
+    | X509 intermediate certificates | The intermediate certificates for the X.509 client certificate chain. Required if using *X509 certificate*. |
 
 1. Select **Apply** to provision the endpoint.
 
@@ -366,8 +371,8 @@ For other MQTT brokers, you can configure the endpoint, TLS, authentication, and
     | --------------------- | ------------------------------------------------------------------------------------------------- |
     | Name                  | The name of the dataflow endpoint                                                                 |
     | Host                  | The hostname of the MQTT broker endpoint in the format `<hostname>.<port>`. |
-    | Authentication method | The method used for authentication. Choose *System assigned managed identity*, *User assigned managed identity*, or *Service account token*. |
-    | Service audience      | The audience for the service account token. Required if using service account token. |
+    | Authentication method | The method used for authentication. Choose *System assigned managed identity*, *Kubernetes service account token*, or *None*. |
+    | Service audience      | The audience for the service account token. Required if using Kubernetes service account token. |
     | Client ID             | The client ID of the user-assigned managed identity. Required if using *User assigned managed identity*. |
     | Tenant ID             | The tenant ID of the user-assigned managed identity. Required if using *User assigned managed identity*. |
     | Access token secret name | The name of the Kubernetes secret containing the SAS token. Required if using *Access token*. |