Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into apimrel

Author: gitName

.openpublishing.publish.config.json

@@ -626,6 +626,12 @@
             "branch": "main",
             "branch_mapping": {}
         },
+        {
+            "path_to_root": "app-service-agentic-semantic-kernel-java",
+            "url": "https://github.com/Azure-Samples/app-service-agentic-semantic-kernel-java",
+            "branch": "main",
+            "branch_mapping": {}
+        },
         {
             "path_to_root": "playwright-testing-service",
             "url": "https://github.com/microsoft/playwright-testing-service",

.openpublishing.redirection.json

@@ -6879,6 +6879,11 @@
       "redirect_url": "/azure/sre-agent/troubleshoot-azure-container-apps",
       "redirect_document_id": false
     },
+    {
+      "source_path": "articles/sre-agent/permissions.md",
+      "redirect_url": "/azure/sre-agent/security-context",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/reliability/whats-new.md",
       "redirect_url": "/azure/reliability/overview",

articles/active-directory-b2c/page-layout.md

@@ -9,7 +9,7 @@ manager: CelesteDG
 ms.service: azure-active-directory
 
 ms.topic: reference
-ms.date: 06/12/2025
+ms.date: 07/09/2025
 ms.author: kengaderdus
 ms.subservice: b2c
 
@@ -65,6 +65,9 @@ Azure AD B2C page layout uses the following versions of the [jQuery library](htt
 
 ## Self-asserted page (selfasserted)
 
+**2.1.36** 
+- The CAPTCHA input now displays French accented characters correctly. This update resolves previous font encoding and localization errors that affected character rendering
+
 **2.1.35**
 - Enhanced CAPTCHA error handling now ensures that any validation failures—such as “unmatched challenge”—returned by the backend are consistently captured and displayed in the UI.
 
@@ -227,6 +230,9 @@ Azure AD B2C page layout uses the following versions of the [jQuery library](htt
 > [!TIP]
 > If you localize your page to support multiple locales, or languages in a user flow. The [localization IDs](localization-string-ids.md) article provides the list of localization IDs that you can use for the page version you select.
 
+**2.1.24**
+- This release resolves issues with French accents in the CAPTCHA input. Accented characters now appear correctly, and font and encoding limitations no longer affect their display. All French-specific characters show as intended.
+
 **2.1.23**
 - Enhanced CAPTCHA error handling now ensures that any validation failures—such as “unmatched challenge”—returned by the backend are consistently captured and displayed in the UI.
 
@@ -330,6 +336,9 @@ Azure AD B2C page layout uses the following versions of the [jQuery library](htt
 
 ## MFA page (multifactor)
 
+**1.2.22**
+- This release resolves issues with French accents in the CAPTCHA input. Accented characters now appear correctly, and font and encoding limitations no longer affect their display. All French-specific characters show as intended.
+
 **1.2.21**
 - Enhanced CAPTCHA error handling now ensures that any validation failures—such as “unmatched challenge”—returned by the backend are consistently captured and displayed in the UI. 
 

articles/active-directory-b2c/partner-whoiam.md

@@ -60,7 +60,7 @@ The following diagram shows the implementation architecture.
 
     * [Key Vault](https://azure.microsoft.com/services/key-vault/): Store passwords
     * [App Service](https://azure.microsoft.com/services/app-service/): Host the BRIMS API and admin portal services
-    * [Microsoft Entra ID](https://azure.microsoft.com/services/active-directory/): Authenticate administrative users for the portal
+    * [Microsoft Entra ID](https://www.microsoft.com/en-us/security/business/identity-access/microsoft-entra-id): Authenticate administrative users for the portal
     * [Azure Cosmos DB](https://azure.microsoft.com/services/cosmos-db/): Store and retrieve settings
     * [Application Insights overview](/azure/azure-monitor/app/app-insights-overview) (optional): Sign in to the API and the portal
 

articles/active-directory-b2c/service-limits.md

@@ -8,7 +8,7 @@ manager: CelesteDG
 ms.service: azure-active-directory
 
 ms.topic: reference
-ms.date: 05/11/2024
+ms.date: 07/15/2025
 ms.subservice: b2c
 zone_pivot_groups: b2c-policy-type
 
@@ -197,6 +197,7 @@ As a protection for our customers, Microsoft places some restrictions on telepho
 | 228 |  Togo  | 10  |  30  |
 | 233 |	Ghana|	10	| 30 |
 | 234 | Nigeria | 20 | 100 |
+| 235 | Chad | 10 | 30 |
 | 236 |	Central African Republic  |	10	| 30 |
 | 238 | Cape Verde | 10 | 30 |
 | 249 |  Sudan | 10  |  30  |
@@ -212,6 +213,7 @@ As a protection for our customers, Microsoft places some restrictions on telepho
 | 265 |	Malawi  |	10	| 30 |
 | 373 |	Moldova |	20	| 100 |
 | 375 |	Belarus   |	10	| 30 |
+| 381 | Serbia | 50 | 200 |
 | 386 | Slovenia | 10 | 50 |
 | 501 |  Belize| 10  |  30  |
 | 502 | Guatemala | 10 | 50 
@@ -236,10 +238,13 @@ As a protection for our customers, Microsoft places some restrictions on telepho
 | 95 |	Myanmar (Burma) | 10	| 30 |
 | 961 |	Lebanon  |	10	| 30 |
 | 963 |	Syria  |	10	| 30 |
+| 964 | Iraq | 50 | 200 |
 | 967 |	Yemen	|10	| 30 |
 | 970 |  State of Palestine| 10  |  30  |
 | 972 |	Israel  |	50	| 200 |
+| 975 | Bhutan | 20 | 100 |
 | 976 |	Mongolia  |	10	| 30 |
+| 977 | Nepal | 20 | 100 |
 | 992 | Tajikistan | 10 | 30 |
 | 993 | Turkmenistan | 10 | 30 |
 | 994 | Azerbaijan | 50 | 200 | 

articles/api-management/api-management-capacity.md

@@ -56,6 +56,8 @@ Available aggregations for these metrics are as follows.
 
 In the Developer, Basic, Standard, and Premium tiers, the **Capacity** metric is available for making decisions about scaling or upgrading an API Management instance. Its construction is complex and imposes certain behavior.
 
+[!INCLUDE [capacity-change.md](../../includes/api-management-capacity-change.md)]
+
 Available aggregations for this metric are as follows.
 
 * **Avg** - Average percentage of capacity used across gateway processes in every [unit](upgrade-and-scale.md) of an API Management instance. 
@@ -171,6 +173,7 @@ Use capacity metrics for making decisions whether to scale an API Management ins
 + Ignore sudden spikes that are most likely not related to an increase in load (see [Capacity metric behavior](#capacity-metric-behavior) section for explanation).
 + As a general rule, upgrade or scale your instance when a capacity metric value exceeds **60% - 70%** for a long period of time (for example, 30 minutes). Different values may work better for your service or scenario.
 + If your instance or workspace gateway is configured with only 1 unit, upgrade or scale it when a capacity metric value exceeds **40%** for a long period. This recommendation is based on the need to reserve capacity for guest OS updates in the underlying service platform.
++ Use [available diagnostics](monitor-api-management.md) to monitor the response times of API calls. Consider adjusting scaling thresholds if you notice degraded response times with increasing value of capacity metric. 
 
 > [!TIP]  
 > If you are able to estimate your traffic beforehand, test your API Management instance or workspace gateway on workloads you expect. You can increase the request load gradually and monitor the value of the capacity metric that corresponds to your peak load. Follow the steps from the previous section to use Azure portal to understand how much capacity is used at any given time.

articles/api-management/api-management-howto-use-managed-service-identity.md

@@ -317,7 +317,7 @@ API Management is a trusted Microsoft service to the following resources. This t
 
 
 - [Trusted access for Key Vault](/azure/key-vault/general/overview-vnet-service-endpoints#trusted-services)
-- [Trusted access for Azure Storage](../storage/common/storage-network-security.md?tabs=azure-portal#trusted-access-based-on-system-assigned-managed-identity)
+- [Trusted access for Azure Storage](../storage/common/storage-network-security-trusted-azure-services.md?tabs=azure-portal#trusted-access-based-on-system-assigned-managed-identity)
 - [Trusted access for Azure Services Bus](../service-bus-messaging/service-bus-ip-filtering.md#trusted-microsoft-services)
 - [Trusted access for Azure Event Hubs](../event-hubs/event-hubs-ip-filtering.md#trusted-microsoft-services)
 

articles/api-management/applications.md

@@ -7,7 +7,7 @@ author: dlepow
 
 ms.service: azure-api-management
 ms.topic: how-to
-ms.date: 05/19/2025
+ms.date: 07/11/2025
 ms.author: danlep
 ms.custom:
   - build-2025
@@ -22,9 +22,9 @@ API Management now supports built-in OAuth 2.0 application-based access to produ
 > Applications are currently in limited preview. To sign up, fill [this form](https://aka.ms/apimappspreview).
 
 With this feature:
-
 * API managers set a product property to enable application-based access.
 * API managers register client applications in Microsoft Entra ID to limit access to specific products. 
+* Developers can access client application credentials using the API Management developer portal.
 * Using the OAuth 2.0 client credentials flow, developers or apps obtain tokens that they can include in API requests
 * Tokens presented in API requests are validated by the API Management gateway to authorize access to the product's APIs.
 
@@ -61,7 +61,8 @@ Follow these steps to enable **Application based access** for a product. A produ
 
 The following example uses the **Starter** product, but choose any published product that has at least one API assigned to it.
 
-1. Sign in to the [portal](https://portal.azure.com) and navigate to your API Management instance.
+1. Sign in to the portal at the following custom URL for the applications feature: [https://portal.azure.com/?feature.customPortal=false&Microsoft_Azure_ApiManagement=applications](https://portal.azure.com/?feature.customPortal=false&Microsoft_Azure_ApiManagement=applications)
+1. Navigate to your API Management instance.
 1. In the left menu, under **APIs**, select **Products**.
 1. Choose the product that you want to configure, such as the **Starter** product.
 1. In the left menu, under **Product**, select **Properties**.
@@ -103,10 +104,13 @@ To review application settings in **App registrations**:
 Now register a client application that limits access to one or more products. 
 
 * A product must have **Application based access** enabled to be associated with a client application. 
-* Each client application has a single user (owner) in the API Management instance. One the owner can access product APIs through the application.
+* Each client application has a single user (owner) in the API Management instance. Only the owner can access product APIs through the application.
 * A product can be associated with more than one client application.
 
-1. Sign in to the [portal](https://portal.azure.com) and navigate to your API Management instance.
+To register a client application:
+
+1. Sign in to the portal at the following custom URL for the applications feature: [https://portal.azure.com/?feature.customPortal=false&Microsoft_Azure_ApiManagement=applications](https://portal.azure.com/?feature.customPortal=false&Microsoft_Azure_ApiManagement=applications)
+1. Navigate to your API Management instance.
 1. In the left menu, under **APIs**, select **Applications** > **+ Register application**.
 1. In the **Register an application** page, enter the following application settings:
     * **Name**: Enter a name for the application. 
@@ -152,6 +156,16 @@ To review application settings in **App registrations**:
 
     :::image type="content" source="media/applications/client-api-permissions.png" alt-text="Screenshot of API permissions in the portal.":::  
 
+## Get application settings in developer portal
+
+Users can sign in to the developer portal to view the client applications that they own.
+
+1. Sign in to the developer portal (`https://<your-apim-instance-name>.developer.azure-api.net`) using a user account that was set as the owner of a client application.
+1. In the top navigation menu, select **Applications**.
+1. Applications that the user owns appear in the list. 
+1. Select an application to view its details, such as the **Client ID**, **Client secret**, and **Scope**. These values are needed to generate a token to call the product APIs.
+
+    :::image type="content" source="media/applications/applications-developer-portal.png" alt-text="Screenshot of client applications in the developer portal.":::
 
 ## Create token and use with API call
 
@@ -204,6 +218,16 @@ Write-Host "Response:"
 $getresponse | ConvertTo-Json -Depth 5
 ```
 
+## Troubleshooting
+
+### Internal server error when registering applications in the portal
+
+If you're unable to list applications, or you receive an internal server error when registering applications in the portal, check the following:    
+
+* The **Application Administrator** role is assigned to the API Management instance's managed identity in Microsoft Entra ID. 
+* You're signed in to the portal at the following custom URL for the applications feature: [https://portal.azure.com/?feature.customPortal=false&Microsoft_Azure_ApiManagement=applications](https://portal.azure.com/?feature.customPortal=false&Microsoft_Azure_ApiManagement=applications). This URL is required to access the applications feature in API Management.
+
+
 ## Related content
 
 * [Create and publish a product](api-management-howto-add-products.md)