Merge pull request #293403 from MicrosoftDocs/main

1/22/2025 AM Publish

Author: Taojunshen

.github/workflows/stale.yml

@@ -411,7 +411,7 @@ if (this.msalGuardConfig.authRequest) {
   authRequestConfig = { ...this.msalGuardConfig.authRequest } as RedirectRequest
 }
 
-authRequestConfig.extraQueryParameters = {"id_token_hint": idToken};;
+authRequestConfig.extraQueryParameters = {"id_token_hint": idToken};
 
 this.authService.loginRedirect(authRequestConfig);
 

articles/active-directory-b2c/enable-authentication-angular-spa-app-options.md

@@ -435,7 +435,7 @@ If you have an Asignio Signature, you're prompted to authenticate with your Asig
 ## Next steps
 
 * [Solutions and Training for Azure Active Directory B2C](solution-articles.md)
-* Ask questions on [Stackoverflow](https://stackoverflow.com/questions/tagged/azure-ad-b2c)
+* Ask questions on [Stack Overflow](https://stackoverflow.com/questions/tagged/azure-ad-b2c)
 * [Azure AD B2C Samples](https://stackoverflow.com/questions/tagged/azure-ad-b2c)
 * YouTube: [Identity Azure AD B2C Series](https://www.youtube.com/playlist?list=PL3ZTgFEc7LyuJ8YRSGXBUVItCPnQz3YX0)
 * [Azure AD B2C custom policy overview](custom-policy-overview.md)

articles/active-directory-b2c/partner-asignio.md

@@ -444,5 +444,5 @@ Using the directory with your Azure AD B2C tenant, test your custom policy:
 
 ## Next steps
 
-* Ask questions on [Stackoverflow](https://stackoverflow.com/questions/tagged/azure-ad-b2c)
+* Ask questions on [Stack Overflow](https://stackoverflow.com/questions/tagged/azure-ad-b2c)
 * Check out the [Azure AD B2C custom policy overview](custom-policy-overview.md)

articles/active-directory-b2c/partner-transmit-security.md

@@ -495,7 +495,7 @@ For additional information, review the following articles:
 
 - [Azure AD B2C docs](solution-articles.md)
 
-- [Ask your question on Stackoverflow](https://stackoverflow.com/questions/tagged/azure-ad-b2c)
+- [Ask your question on Stack Overflow](https://stackoverflow.com/questions/tagged/azure-ad-b2c)
 
 - [Azure AD B2C Samples](https://stackoverflow.com/questions/tagged/azure-ad-b2c)
 

articles/active-directory-b2c/partner-trusona.md

@@ -38,8 +38,12 @@
         href: manage-apis-azure-cli.md
       - name: Import APIs from API Management
         href: import-api-management-apis.md
-      - name: Synchronize APIs from API Management
-        href: synchronize-api-management-apis.md
+      - name: Integrate API sources
+        items:    
+        - name: Synchronize APIs from API Management
+          href: synchronize-api-management-apis.md
+        - name: Synchronize APIs from Amazon API Gateway
+          href: synchronize-aws-gateway-apis.md
       - name: Build and register APIs - VS Code extension
         href: build-register-apis-vscode-extension.md
       - name: Register APIs - GitHub Actions

articles/api-center/TOC.yml

@@ -7,7 +7,7 @@ author: dlepow
 
 ms.service: azure-api-center
 ms.topic: include
-ms.date: 11/07/2024
+ms.date: 01/09/2025
 ms.author: danlep
 ms.custom: Include file
 ---

articles/api-center/includes/api-center-service-limits.md

@@ -19,9 +19,9 @@ To allow import of APIs, assign your API center's managed identity the **API Man
 1. In the left menu, select **Access control (IAM)**.
 1. Select **+ Add role assignment**.
 1. On the **Add role assignment** page, set the values as follows: 
-    1. On the **Role** tab - Select **API Management Service Reader**.
+    1. On the **Role** tab, select **API Management Service Reader**.
     1. On the **Members** tab, in **Assign access to** - Select **Managed identity** > **+ Select members**.
-    1. On the **Select managed identities** page - Select the system-assigned managed identity of your API center that you added in the previous section. Click **Select**.
+    1. On the **Select managed identities** page, select the system-assigned managed identity of your API center that you added in the previous section. Click **Select**.
     1. Select **Review + assign**.
 
 #### [Azure CLI](#tab/cli)

articles/api-center/includes/configure-managed-identity-apim-reader.md

@@ -0,0 +1,79 @@
+---
+title: Include file
+description: Include file
+services: api-center
+author: dlepow
+
+ms.service: azure-api-center
+ms.topic: include
+ms.date: 12/20/2024
+ms.author: danlep
+ms.custom: Include file
+---
+
+To allow import of APIs, assign your API center's managed identity the **Key Vault Secrets User** role in your Azure key vault. You can use the [portal](../../role-based-access-control/role-assignments-portal-managed-identity.yml) or the Azure CLI.
+
+#### [Portal](#tab/portal)
+
+1. In the [portal](https://azure.microsoft.com), navigate to your key vault.
+1. In the left menu, select **Access control (IAM)**.
+1. Select **+ Add role assignment**.
+1. On the **Add role assignment** page, set the values as follows: 
+    1. On the **Role** tab, select **Key Vault Secrets User**.
+    1. On the **Members** tab, in **Assign access to** - Select **Managed identity** > **+ Select members**.
+    1. On the **Select managed identities** page, select the system-assigned managed identity of your API center that you added in the previous section. Click **Select**.
+    1. Select **Review + assign**.
+
+#### [Azure CLI](#tab/cli)
+
+1. Get the principal ID of the identity. For a system-assigned identity, use the [az apic show](/cli/azure/apic#az-apic-show) command. 
+
+    ```azurecli
+    #! /bin/bash
+    apicObjID=$(az apic show --name <api-center-name> \
+        --resource-group <resource-group-name> \
+        --query "identity.principalId" --output tsv)
+    ```
+
+    ```azurecli
+    # Formatted for PowerShell
+    $apicObjID=$(az apic show --name <api-center-name> `
+        --resource-group <resource-group-name> `
+        --query "identity.principalId" --output tsv)
+    ```
+
+1. Get the resource ID of your key vault using the [az keyvault show](/cli/azure/keyvault#az-keyvault-show) command.
+ 
+    ```azurecli
+    #! /bin/bash
+    kvID=$(az keyvault show --name <kv-name> --resource-group <resource-group-name> --query "id" --output tsv)
+    ```
+
+    ```azurecli
+    # Formatted for PowerShell
+    $kvID=$(az keyvault show --name <kv-name> --resource-group <resource-group-name> --query "id" --output tsv)
+    ```
+
+1. Assign the managed identity the **Key Vault Secrets User** role in your key vault the [az role assignment create](/cli/azure/role/assignment#az-role-assignment-create) command.
+
+    ```azurecli
+    #! /bin/bash
+    scope="${kvID:1}"
+
+    az role assignment create \
+        --role "Key Vault Secrets User" \
+        --assignee-object-id $apicObjID \
+        --assignee-principal-type ServicePrincipal \
+        --scope $scope 
+    ```
+    
+    ```azurecli
+    # Formatted for PowerShell
+    $scope=$apimID.substring(1)
+
+    az role assignment create `
+        --role "Key Vault Secrets User" `
+        --assignee-object-id $apicObjID `
+        --assignee-principal-type ServicePrincipal `
+        --scope $scope 
+---

articles/api-center/includes/configure-managed-identity-kv-secret-user.md

@@ -0,0 +1,39 @@
+---
+title: Include file
+description: Include file
+services: api-center
+author: dlepow
+
+ms.service: azure-api-center
+ms.topic: include
+ms.date: 01/21/2025
+ms.author: danlep
+ms.custom: Include file
+---
+
+## Delete an integration
+
+While an API source is integrated, you can't delete synchronized APIs from your API center. If you need to, you can delete the integration. When you delete an integration:
+
+* The synchronized APIs in your API center inventory are deleted
+* The environment and deployments associated with the API source are deleted
+
+You can delete an integration using the portal or the Azure CLI. 
+
+#### [Portal](#tab/portal)
+
+1. In the [portal](https://portal.azure.com), navigate to your API center.
+1. Under **Assets**, select **Environments** > **Links (preview)**.
+1. Select the link, and then select **Delete** (trash can icon). 
+
+#### [Azure CLI](#tab/cli)
+
+Run the [az apic integration delete](/cli/azure/apic/integration#az-apic-integration-delete) (preview) command to delete an integration. Provide the names of the resource group, API center, and integration.
+
+```azurecli
+az apic integration delete \
+    --resource-group <resource-group-name> \
+    --service-name <api-center-name> \
+    --integration-name <integration-name> \
+```
+---