Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into yelevin/aux-logs-ga

Author: yelevin

.openpublishing.redirection.json

@@ -6509,6 +6509,11 @@
       "source_path": "articles/cloud-services/schema-csdef-workerrole.md",
       "redirect_url": "/previous-versions/azure/cloud-services/schema-csdef-workerrole",
       "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/reliability/migrate-sql-managed-instance.md",
+      "redirect_url": "/azure/azure-sql/managed-instance/instance-zone-redundancy-configure",
+      "redirect_document_id": false
     }
   ]
 }

articles/active-directory-b2c/billing.md

@@ -5,7 +5,7 @@ author: kengaderdus
 manager: CelesteDG
 ms.service: azure-active-directory
 ms.topic: reference
-ms.date: 09/11/2024
+ms.date: 03/10/2025
 ms.author: kengaderdus
 ms.subservice: b2c
 ms.custom: fasttrack-edit
@@ -29,7 +29,7 @@ A monthly active user (MAU) is a unique user that performs an authentication wit
 
 If Azure AD B2C [Go-Local add-on](data-residency.md#go-local-add-on) is available in your country/region, and you enable it, you'll be charged per MAU, which is an added charge to your Azure AD B2C [Premium P1 or P2 pricing](https://azure.microsoft.com/pricing/details/active-directory-b2c/) license. Learn more [About Local Data Residency add-on](#about-go-local-add-on)  
 
-Also, if you choose to provide higher levels of assurance by using multifactor authentication (MFA) for Voice and SMS, you'll be charged a worldwide flat fee for each MFA attempt that month, whether the sign in is successful or unsuccessful. 
+Also, if you choose to provide higher levels of assurance by using multifactor authentication (MFA) for Voice and SMS, you'll be charged a fee for each MFA attempt that month, whether the sign in is successful or unsuccessful. 
 
 
 > [!IMPORTANT]
@@ -85,7 +85,7 @@ A subscription linked to an Azure AD B2C tenant can be used for the billing of A
 ### Create the link
 
 1. Sign in to the [Azure portal](https://portal.azure.com).
-1. If you have access to multiple tenants, select the **Settings** icon in the top menu to switch to your Azure AD B2C tenant from the **Directories + subscriptions** menu.
+1. If you have access to multiple tenants, select the **Settings** icon in the top menu to switch to your Microsoft Entra tenant from the **Directories + subscriptions** menu.
 1. Select **Create a resource**, and then, in the **Search services and Marketplace** field, search for and select **Azure Active Directory B2C**.
 1. Select **Create**.
 1. Select **Link an existing Azure AD B2C Tenant to my Azure subscription**.

articles/active-directory-b2c/openid-connect-technical-profile.md

@@ -89,7 +89,7 @@ The technical profile also returns claims that aren't returned by the identity p
 | HttpBinding | No | The expected HTTP binding to the access token and claims token endpoints. Possible values: `GET` or `POST`.  |
 | ValidTokenIssuerPrefixes | No | A key that can be used to sign in to each of the tenants when using a multi-tenant identity provider such as Microsoft Entra ID. |
 | UsePolicyInRedirectUri | No | Indicates whether to use a policy when constructing the redirect URI. When you configure your application in the identity provider, you need to specify the redirect URI. The redirect URI points to Azure AD B2C, `https://{your-tenant-name}.b2clogin.com/{your-tenant-name}.onmicrosoft.com/oauth2/authresp`.  If you specify `true`, you need to add a redirect URI for each policy you use. For example: `https://{your-tenant-name}.b2clogin.com/{your-tenant-name}.onmicrosoft.com/{policy-name}/oauth2/authresp`. |
-| MarkAsFailureOnStatusCode5xx | No | Indicates whether a request to an external service should be marked as a failure if the Http status code is in the 5xx range. The default is `false`. |
+| MarkAsFailureOnStatusCode5xx | No | Indicates whether a request to an external service should be marked as a failure if the HTTP status code is in the 5xx range. The default is `false`. |
 | DiscoverMetadataByTokenIssuer | No | Indicates whether the OIDC metadata should be discovered by using the issuer in the JWT.If you need to build the metadata endpoint URL based on Issuer, set this to `true`.|
 | IncludeClaimResolvingInClaimsHandling  | No | For input and output claims, specifies whether [claims resolution](claim-resolver-overview.md) is included in the technical profile. Possible values: `true`, or `false` (default). If you want to use a claims resolver in the technical profile, set this to `true`. |
 |token_endpoint_auth_method| No | Specifies how Azure AD B2C sends the authentication header to the token endpoint. Possible values: `client_secret_post` (default), and `client_secret_basic`, `private_key_jwt`. For more information, see [OpenID Connect client authentication section](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication). |

articles/api-center/TOC.yml

@@ -68,12 +68,14 @@
         href: set-up-notification-workflow.md
 - name: API discovery and consumption
   items:
+      - name: Enable API Center portal
+        href: set-up-api-center-portal.md
+      - name: Self-host Azure API Center portal
+        href: self-host-api-center-portal.md
       - name: Discover and consume APIs - VS Code extension
         href: discover-apis-vscode-extension.md
       - name: Enable platform API catalog - VS Code extension
         href: enable-platform-api-catalog-vscode-extension.md
-      - name: Self-host Azure API Center portal
-        href: enable-api-center-portal.md
       - name: Check API calls use minimal permissions with Dev Proxy
         href: check-minimal-api-permissions-dev-proxy.md
 - name: API center management and operations

articles/api-center/enable-api-center-portal.md

@@ -0,0 +1,36 @@
+---
+title: Include file
+description: Include file
+services: api-center
+author: dlepow
+
+ms.service: azure-api-center
+ms.topic: include
+ms.date: 03/04/2025
+ms.author: danlep
+ms.custom: Include file
+---
+
+## Create Microsoft Entra app registration
+
+First configure an app registration in your Microsoft Entra ID tenant. The app registration enables the API Center portal to access data from your API center on behalf of a signed-in user.
+
+1. In the [Azure portal](https://portal.azure.com), navigate to **Microsoft Entra ID** > **App registrations**.
+1. Select **+ New registration**. 
+1. On the **Register an application** page, set the values as follows:
+    
+    1. Set **Name** to a meaningful name such as *api-center-portal*
+    1. Under **Supported account types**, select **Accounts in this organizational directory (Single tenant)**. 
+    1. In **Redirect URI**, select **Single-page application (SPA)** and set the URI. 
+        Enter the URI of your API Center portal deployment, in the following form: `https://<service-name>.portal.<location>.azure-api-center.ms`. Replace `<service name>` and `<location>` with the name of your API center and the location where it's deployed, Example: `https://myapicenter.portal.eastus.azure-api-center.ms`.
+    1. Select **Register**.
+1. On the **Overview** page, copy the **Application (client) ID**. You set this value when you publish the portal.
+      
+1. On the **API permissions** page, select **+ Add a permission**. 
+    1. On the **Request API permissions** page, select the **APIs my organization uses** tab. Search for and select **Azure API Center**. You can also search for and select application ID `c3ca1a77-7a87-4dba-b8f8-eea115ae4573`. 
+    1. On the **Request permissions** page, select **user_impersonation**.
+    1. Select **Add permissions**. 
+
+    The Azure API Center permissions appear under **Configured permissions**.
+
+    :::image type="content" source="media/api-center-portal-app-registration/configure-app-permissions.png" alt-text="Screenshot of required permissions in Microsoft Entra ID app registration in the portal." lightbox="media/api-center-portal-app-registration/configure-app-permissions.png":::