Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into patch-2

Author: yelevin

.openpublishing.redirection.json

@@ -38,7 +38,7 @@ BlokSec integration includes the following components:
 * **BlokSec Decentralized Identity Router** – gateway for services that apply BlokSec DIaaS to route authentication and authorization requests to user Personal Identity Provider (PIdP) applications
   * It's an OpenID Connect (OIDC) identity provider in Azure AD B2C
 * **BlokSec SDK-based mobile app** – user PIdP in the decentralized authentication scenario. 
-  * If you're not using the BlokSec SDK, go to Google Play for the free [BlokSec yuID](https://play.google.com/store/apps/details?id=com.bloksec)
+  * If you're not using the BlokSec SDK, go to Google Play for the free [BlokSec yuID](https://play.google.com/store/apps/details/Google?id=com.google.android.googlequicksearchbox&hl=en-US)
 
 The following architecture diagram illustrates the sign-up, sign-in flow in the BlokSec solution implementation.
 

articles/active-directory-b2c/partner-bloksec.md

@@ -28,7 +28,7 @@ API Management APIs automatically synchronize to the API center whenever existin
 
 > [!NOTE]
 > * There are [limits](../azure-resource-manager/management/azure-subscription-service-limits.md?toc=/azure/api-center/toc.json&bc=/azure/api-center/breadcrumb/toc.json#api-center-limits) for the number of linked API Management instances (API sources).
-> * API updates in API Management can take a few minutes to up to 24 hours to synchronize to your API center.
+> * API updates in API Management typically synchronize to your API center within minutes but synchronization can take up to 24 hours.
 
 ### Entities synchronized from API Management
 

articles/api-center/synchronize-api-management-apis.md

@@ -126,7 +126,7 @@ Managed and self-hosted gateways support all available [policies](api-management
 | [GraphQL resolvers](api-management-policies.md#graphql-resolvers) and [GraphQL validation](api-management-policies.md#content-validation)|  ✔️ | ✔️ |✔️ | ❌ | ❌ |
 | [Get authorization context](get-authorization-context-policy.md) |  ✔️ |  ✔️ |✔️ | ❌ | ❌ |
 | [Authenticate with managed identity](authentication-managed-identity-policy.md) |  ✔️ |  ✔️ |✔️ | ✔️ | ❌ |
-| [Azure OpenAI and LLM semantic caching](api-management-policies.md#caching) |  ❌ | ✔️ |❌ | ❌ | ❌ |
+| [Azure OpenAI and LLM semantic caching](api-management-policies.md#caching) |  ✔️ | ✔️ |✔️ | ❌ | ❌ |
 | [Quota and rate limit](api-management-policies.md#rate-limiting-and-quotas) |  ✔️ | ✔️<sup>2</sup> | ✔️<sup>3</sup> | ✔️<sup>4</sup> | ✔️ |
 
 <sup>1</sup> Configured policies that aren't supported by the self-hosted gateway are skipped during policy execution.<br/>

articles/api-management/api-management-gateways-overview.md

@@ -22,6 +22,8 @@ More information about policies:
 + [Policy overview](api-management-howto-policies.md)
 + [Set or edit policies](set-edit-policies.md)
 + [Policy expressions](api-management-policy-expressions.md)
++ [Policy snippets repo](https://github.com/Azure/api-management-policy-snippets)
++ [Azure API Management policy toolkit](https://github.com/Azure/azure-api-management-policy-toolkit/)
 + [Author policies using Microsoft Copilot in Azure](/azure/copilot/author-api-management-policies?toc=%2Fazure%2Fapi-management%2Ftoc.json&bc=/azure/api-management/breadcrumb/toc.json)
 
 > [!IMPORTANT]

articles/api-management/api-management-policies.md

@@ -247,11 +247,12 @@ The `context` variable is implicitly available in every policy [expression](api-
 
 For more information working with policies, see:
 
-+ [Policies in API Management](api-management-howto-policies.md)
-+ [Tutorial: Transform and protect APIs](transform-api.md)
-+ [Policy reference](./api-management-policies.md) for a full list of policy statements and their settings
-+ [Policy snippets repo](https://github.com/Azure/api-management-policy-snippets)	
-+ [Author policies using Microsoft Copilot in Azure](/azure/copilot/author-api-management-policies?toc=%2Fazure%2Fapi-management%2Ftoc.json&bc=/azure/api-management/breadcrumb/toc.json)
+* [Policies in API Management](api-management-howto-policies.md)
+* [Tutorial: Transform and protect APIs](transform-api.md)
+* [Policy reference](./api-management-policies.md) for a full list of policy statements and their settings
+* [Policy snippets repo](https://github.com/Azure/api-management-policy-snippets)
+* [Azure API Management policy toolkit](https://github.com/Azure/azure-api-management-policy-toolkit/)
+* [Author policies using Microsoft Copilot in Azure](/azure/copilot/author-api-management-policies?toc=%2Fazure%2Fapi-management%2Ftoc.json&bc=/azure/api-management/breadcrumb/toc.json)
 
 For more information:
 

articles/api-management/api-management-policy-expressions.md

@@ -31,7 +31,7 @@ Both system-assigned identity and any of the multiple user-assigned identities c
 | Attribute         | Description                                            | Required | Default |
 | ----------------- | ------------------------------------------------------ | -------- | ------- |
 |resource|String. The application ID of the target web API (secured resource) in Microsoft Entra ID. Policy expressions are allowed. |Yes|N/A|
-|client-id|String. The client ID of the user-assigned identity in Microsoft Entra ID. Policy expressions aren't allowed. |No|system-assigned identity|
+|client-id|String. The client ID of the user-assigned identity in Microsoft Entra ID. Policy expressions aren't allowed. |No|N/A. System-assigned identity is used if attribute is not present.|
 |output-token-variable-name|String. Name of the context variable that will receive token value as an object of type `string`. Policy expressions aren't allowed. |No|N/A|  
 |ignore-error|Boolean. If set to `true`, the policy pipeline continues to execute even if an access token isn't obtained.|No|`false`|  
 

articles/api-management/authentication-managed-identity-policy.md

@@ -6,7 +6,7 @@ author: dlepow
 
 ms.service: azure-api-management
 ms.topic: article
-ms.date: 07/09/2024
+ms.date: 09/26/2024
 ms.author: danlep
 ms.collection: ce-skilling-ai-copilot
 ms.custom:

articles/api-management/azure-openai-emit-token-metric-policy.md

@@ -6,7 +6,7 @@ ms.service: azure-api-management
 ms.custom:
   - build-2024
 ms.topic: how-to
-ms.date: 07/23/2024
+ms.date: 12/13/2024
 ms.author: danlep
 ms.collection: ce-skilling-ai-copilot
 ---
@@ -61,6 +61,10 @@ Configure a [backend](backends.md) resource for the embeddings API deployment wi
         ```
         https://my-aoai.openai.azure.com/openai/deployments/embeddings-deployment/embeddings
         ```
+* **Authorization credentials** - Go to **Managed Identity** tab.
+  * **Client indentity** - Select *System assigned identity* or type in a User assigned managed identity client ID.
+  * **Resource ID** - Enter `https://cognitiveservices.azure.com/` for Azure OpenAI Service.
+
 ### Test backend 
 
 To test the backend, create an API operation for your Azure OpenAI Service API:
@@ -123,7 +127,6 @@ Configure the following policies to enable semantic caching for Azure OpenAI API
     <azure-openai-semantic-cache-lookup
         score-threshold="0.8"
         embeddings-backend-id="embeddings-deployment"
-        embeddings-backend-auth="system-assigned"
         ignore-system-messages="true"
         max-message-count="10">
         <vary-by>@(context.Subscription.Id)</vary-by>

articles/api-management/azure-openai-enable-semantic-caching.md

@@ -9,7 +9,7 @@ ms.collection: ce-skilling-ai-copilot
 ms.custom:
   - build-2024
 ms.topic: article
-ms.date: 06/25/2024
+ms.date: 12/13/2024
 ms.author: danlep
 ---
 
@@ -34,7 +34,6 @@ Use the `azure-openai-semantic-cache-lookup` policy to perform cache lookup of r
 <azure-openai-semantic-cache-lookup
     score-threshold="similarity score threshold"
     embeddings-backend-id ="backend entity ID for embeddings API"
-    embeddings-backend-auth ="system-assigned"             
     ignore-system-messages="true | false"      
     max-message-count="count" >
     <vary-by>"expression to partition caching"</vary-by>
@@ -47,7 +46,6 @@ Use the `azure-openai-semantic-cache-lookup` policy to perform cache lookup of r
 | ----------------- | ------------------------------------------------------ | -------- | ------- |
 | score-threshold	| Similarity score threshold used to determine whether to return a cached response to a prompt. Value is a decimal between 0.0 and 1.0. [Learn more](../azure-cache-for-redis/cache-tutorial-semantic-cache.md#change-the-similarity-threshold). | Yes |	N/A |
 | embeddings-backend-id | [Backend](backends.md) ID for OpenAI embeddings API call. |	Yes |	N/A |
-| embeddings-backend-auth | Authentication used for Azure OpenAI embeddings API backend. | Yes. Must be set to `system-assigned`. | N/A |
 | ignore-system-messages | Boolean. If set to `true`, removes system messages from a GPT chat completion prompt before assessing cache similarity. | No | false |
 | max-message-count | If specified, number of remaining dialog messages after which caching is skipped. | No | N/A |
                                              
@@ -62,7 +60,7 @@ Use the `azure-openai-semantic-cache-lookup` policy to perform cache lookup of r
 
 - [**Policy sections:**](./api-management-howto-policies.md#sections) inbound
 - [**Policy scopes:**](./api-management-howto-policies.md#scopes) global, product, API, operation
--  [**Gateways:**](api-management-gateways-overview.md) v2
+-  [**Gateways:**](api-management-gateways-overview.md) classic, v2, consumption
 
 ### Usage notes