Merge pull request #303377 from MicrosoftDocs/main

Auto Publish – main to live - 2025-07-26 05:00 UTC

Author: learn-build-service-prod[bot]

articles/api-management/api-management-gateways-overview.md

@@ -8,7 +8,7 @@ ms.service: azure-api-management
 ms.custom:
   - build-2024
 ms.topic: concept-article
-ms.date: 07/11/2024
+ms.date: 07/22/2025
 ms.author: danlep
 ---
 
@@ -79,20 +79,20 @@ The following tables compare features available in the following API Management
 | [Virtual network injection](virtual-network-concepts.md)  |  Developer, Premium | Premium v2 | ❌ | ✔️<sup>1,2</sup> | ✔️ |
 | [Inbound private endpoints](private-endpoint.md)  |  Developer, Basic, Standard, Premium | Standard v2 | ❌ | ❌ | ❌ |
 | [Outbound virtual network integration](integrate-vnet-outbound.md)  | ❌ | Standard  v2, Premium v2  |  ❌ | ❌ | ✔️ |
-| [Availability zones](zone-redundancy.md)  |  Premium | ✔️<sup>3</sup>  | ❌ | ✔️<sup>1</sup> | ✔️<sup>3</sup> |
+| [Availability zones](zone-redundancy.md)  |  Premium | ❌  | ❌ | ✔️<sup>1</sup> | ❌ |
 | [Multi-region deployment](api-management-howto-deploy-multi-region.md) |  Premium | ❌ |  ❌ | ✔️<sup>1</sup> | ❌ |
-| [CA root certificates](api-management-howto-ca-certificates.md) for certificate validation |  ✔️ | ❌ | ❌ | ✔️<sup>4</sup> |  ❌ |
+| [CA root certificates](api-management-howto-ca-certificates.md) for certificate validation |  ✔️ | ❌ | ❌ | ✔️<sup>3</sup> |  ❌ |
 | [Managed domain certificates](configure-custom-domain.md?tabs=managed#domain-certificate-options) |  Developer, Basic, Standard, Premium | ❌ | ✔️ | ❌ | ❌ |
 | [TLS settings](api-management-howto-manage-protocols-ciphers.md) |  ✔️ | ✔️ | ✔️ | ✔️ | ❌ |
-| **HTTP/2** (Client-to-gateway) | ✔️<sup>5</sup> | ✔️<sup>5</sup> |❌ | ✔️ | ❌ |
-| **HTTP/2** (Gateway-to-backend) |  ❌ | ❌ | ❌ | ✔️ | ❌ |
+| **HTTP/2** (Client-to-gateway) | ✔️<sup>4</sup> | ✔️<sup>4</sup> |❌ | ✔️ | ❌ |
+| **HTTP/2** (Gateway-to-backend) |  ❌ | ✔️<sup>5</sup> | ❌ | ✔️<sup>5</sup> | ❌ |
 | API threat detection with [Defender for APIs](protect-with-defender-for-apis.md) | ✔️ | ✔️ |  ❌ | ❌ | ❌ |
 
 <sup>1</sup> Depends on how the gateway is deployed, but is the responsibility of the customer.<br/>
 <sup>2</sup> Connectivity to the self-hosted gateway v2 [configuration endpoint](self-hosted-gateway-overview.md#fqdn-dependencies) requires DNS resolution of the endpoint hostname.<br/>
-<sup>3</sup> Two zones are enabled by default; not configurable.<br/>
-<sup>4</sup> CA root certificates for self-hosted gateway are managed separately per gateway<br/>
-<sup>5</sup> Client protocol needs to be enabled.
+<sup>3</sup> CA root certificates for self-hosted gateway are managed separately per gateway<br/>
+<sup>4</sup> Client protocol needs to be enabled.<br/>
+<sup>5</sup> Configure using the [forward-request](forward-request-policy.md) policy.
 
 ### Backend APIs
 

articles/api-management/configure-custom-domain.md

@@ -7,7 +7,7 @@ author: dlepow
 
 ms.service: azure-api-management
 ms.topic: how-to
-ms.date: 05/30/2025
+ms.date: 07/25/2025
 ms.author: danlep
 ms.custom:
   - engagement-fy23
@@ -104,12 +104,20 @@ For more information, see [Use managed identities in Azure API Management](api-m
 
 API Management offers a free, managed TLS certificate for your domain, if you don't wish to purchase and manage your own certificate. The certificate is autorenewed automatically.
 
+> [!IMPORTANT]
+> **Creation of managed certificates for custom domains in API Management will be temporarily unavailable from August 15, 2025 to March 15, 2026.** Our Certificate Authority (CA), DigiCert, will migrate to a new validation platform to meet Multi-Perspective Issuance Corroboration (MPIC) requirements for issuing certificates. This migration requires us to temporarily suspend the creation of managed certificates for custom domains. [Learn more](breaking-changes/managed-certificates-suspension-august-2025.md)
+>
+> Existing managed certificates will be autorenewed and remain unaffected.
+>
+> While creation of managed certificates is suspended, use other certificate options for configuring custom domains.
+
 > [!NOTE]
-> The free, managed TLS certificate is in preview. Currently, it's unavailable in the v2 service tiers. 
+> The free, managed TLS certificate is in preview. 
 
 #### Limitations
 
 * Currently can be used only with the Gateway endpoint of your API Management service
+* Not supported in the v2 tiers
 * Not supported with the self-hosted gateway
 * Not supported in the following Azure regions: France South and South Africa West
 * Currently available only in the Azure cloud

articles/api-management/forward-request-policy.md

@@ -35,7 +35,7 @@ The `forward-request` policy forwards the incoming request to the backend servic
 | timeout                             | The amount of time in seconds to wait for the HTTP response headers to be returned by the backend service before a timeout error is raised. Minimum value is 0 seconds. Values greater than 240 seconds may not be honored, because the underlying network infrastructure can drop idle connections after this time. Policy expressions are allowed. You can specify either `timeout` or `timeout-ms` but not both. | No       | 300    |
 | timeout-ms                             | The amount of time in milliseconds to wait for the HTTP response headers to be returned by the backend service before a timeout error is raised. Minimum value is 0 ms. Policy expressions are allowed. You can specify either `timeout` or `timeout-ms` but not both.  | No       | N/A    |
 | continue-timeout | The amount of time in seconds to wait for a `100 Continue` status code to be returned by the backend service before a timeout error is raised. Policy expressions are allowed. | No  | N/A |
-| http-version                             | The HTTP spec version to use when sending the HTTP response to the backend service. When using `2or1`, the gateway will favor HTTP /2 over /1, but fall back to HTTP /1 if HTTP /2 doesn't work. | No       | 1    |
+| http-version                             | The HTTP protocol version to use when sending the HTTP request to the backend service: <br> - `1`: HTTP/1 <br> - `2`: HTTP/2 <br/> - `2or1`: The gateway favors HTTP/2 over HTTP/1, but falls back to HTTP/1 if HTTP/2 doesn't work.<br/><br/> HTTP/2 outbound is supported in select gateways. See [Usage notes](#usage-notes) for details. | No       | 1    |
 | follow-redirects | Specifies whether redirects from the backend service are followed by the gateway or returned to the caller. Policy expressions are allowed.                                                                                                                                                                                                    | No       | `false`   |
 | buffer-request-body      | When set to `true`, request is buffered and will be reused on [retry](retry-policy.md).                                                                                                                                                                                               | No       | `false`   |
 | buffer-response | Affects processing of chunked responses. When set to `false`, each chunk received from the backend is immediately returned to the caller. When set to `true`, chunks are buffered (8 KB, unless end of stream is detected) and only then returned to the caller.<br/><br/>Set to `false` with backends such as those implementing [server-sent events (SSE)](how-to-server-sent-events.md) that require content to be returned or streamed immediately to the caller. Policy expressions aren't allowed. | No | `true` |
@@ -48,11 +48,18 @@ The `forward-request` policy forwards the incoming request to the backend servic
 - [**Policy scopes:**](./api-management-howto-policies.md#scopes) global, workspace, product, API, operation
 -  [**Gateways:**](api-management-gateways-overview.md) classic, v2, consumption, self-hosted, workspace
 
+### Usage notes
+
+*  Use the `http-version` attribute to enable the HTTP/2 protocol outbound from the gateway to the backend. Set the attribute to `2or1` or `2`. Currently, HTTP/2 outbound is supported in the self-hosted gateway and in preview in the v2 gateway.
+
+    > [!IMPORTANT]
+    > In the v2 gateway, HTTP/2 is supported inbound to the API Management gateway and outbound from the gateway to the backend but not end-to-end. Currently, the v2 gateway downgrades an incoming HTTP/2 connection to HTTP/1 before forwarding the request to the backend.
+
 ## Examples
 
 ### Send request to HTTP/2 backend
 
-The following API level policy forwards all API requests to an HTTP/2 backend service.
+The following API level policy forwards all API requests to an HTTP/2 backend service. For example, use this policy to forward requests from a self-hosted gateway to a gRPC backend.
 
 ```xml
 <!-- api level -->
@@ -69,8 +76,6 @@ The following API level policy forwards all API requests to an HTTP/2 backend se
 </policies>
 ```
 
-This is required for HTTP /2 or gRPC workloads and currently only supported in self-hosted gateway. Learn more in our [API gateway overview](api-management-gateways-overview.md).
-
 ### Forward request with timeout interval
 
 The following API level policy forwards all API requests to the backend service with a timeout interval of 60 seconds.

articles/communication-services/concepts/analytics/logs/voice-and-video-logs.md

@@ -2,11 +2,11 @@
 title: Azure Communication Services voice and video call logs 
 titleSuffix: An Azure Communication Services concept article
 description: Learn about logging for Azure Communication Services voice and video calling.
-author:  amagginetti
+author:  sloanster
 services: azure-communication-services
 
-ms.author: amagginetti
-ms.date: 03/21/2023
+ms.author: micahvivion
+ms.date: 07/25/2025
 ms.topic: conceptual
 ms.service: azure-communication-services
 ms.subservice: calling
@@ -35,23 +35,32 @@ any quality investigations, and using **[call diagnostics](../../voice-video-cal
 
 ## Available logs 
 
-Azure Communication Services creates eight call logs: 
+Azure Communication Services calling generates **eight distinct log types**, each serving a specific purpose: 
 
 ### **Call summary updates logs**: 
-These log data arrive in Azure Monitor faster than the call summary logs and we recommend using these logs instead of the call summary log schema. This log contains basic information about the call, including all the relevant IDs, time stamps, endpoints, and SDK information. 
+Fast-arriving logs with basic call metadata (IDs, timestamps, endpoints, SDK info). These log data arrive in Azure Monitor faster than the call summary logs. This log contains basic information about the call, including all the relevant IDs, time stamps, endpoints, and SDK information.
+- Data available within 60 minutes of the call ending.
+- May contain multiple rows per call participant.
+- Contains the most recent updates for each participant.
+- Useful for near-real-time monitoring and analysis of call activities.
 
 To learn more, see: [Call summary updates log schema](call-summary-updates-log-schema.md)
 
 ### **Call summary logs**:
 This log is a subset of the Call summary updates log schema. It contains basic information about the call, including all the relevant IDs, time stamps, endpoints, and SDK information. For faster log latency, use the call summary updates logs instead. 
+- Data available within 3-5 hours of the call ending.
+- Contains a single row per call participant.
+- Represents a snapshot of the call state at the time of finalization.
+- Useful for post-call analysis and reporting.
 
 To learn more, see: [Call summary log schema](call-summary-log-schema.md)
 
 ### **Call diagnostics updates logs**:
 These log data arrive in Azure Monitor faster than the call diagnostics logs and we recommend using these logs instead of the call diagnostics log schema. This log contains information about a participant's call media stream, along with a set of metrics that indicate quality of experience measurements. 
 
 To learn more, see: [Call diagnostics updates log schema](call-diagnostics-updates-log-schema.md)
-
+> [!NOTE]  
+> **Call summary logs** and **Call diagnostics updates logs** tables of contain the same columns, but differ in the time they are updated and the number of rows they contain per call.
 
 ### **Call diagnostics logs**:
 This log is a subset of the call diagnostics updates log schema. It contains information about the stream, along with a set of metrics that indicate quality of experience measurements. For faster log latency, use the call summary updates logs instead.