Merge pull request #210537 from MicrosoftDocs/release-apim-retirement-202209

Release apim retirement 202209--scheduled release at 3PM of 9/09

Author: huypub

.openpublishing.redirection.json

@@ -5,6 +5,11 @@
     "redirect_url":  "/azure/availability-zones/migrate-api-mgt",
     "redirect_document_id":  false
 },
+{
+    "source_path":  "articles/api-management/breaking-changes/rp-source-ip-address-change-mar2023.md",
+    "redirect_url":  "/azure/api-management/breaking-changes/rp-source-ip-address-change-mar-2023",
+    "redirect_document_id":  false
+},
 {
     "source_path":  "articles/api-management/developer-portal-implement-widgets.md",
     "redirect_url":  "/azure/api-management/developer-portal-extend-custom-functionality",

articles/api-management/TOC.yml

@@ -432,10 +432,20 @@
         href: https://aka.ms/apimupdates
       - name: Release notes
         href: https://aka.ms/apim/releases
-      - name: Retiring features
+      - name: Breaking changes
         items:
-          - name: Deprecated developer portal
-            items:
+            - name: Breaking changes overview
+              href: breaking-changes/overview.md
+            - name: Virtual network changes (March 2023)
+              href: breaking-changes/rp-source-ip-address-change-mar-2023.md
+            - name: Virtual network changes (September 2023)
+              href: breaking-changes/rp-source-ip-address-change-sep-2023.md
+            - name: API version retirements (September 2023)
+              href: breaking-changes/api-version-retirement-sep-2023.md
+            - name: Self-hosted gateway v0/v1 retirements (October 2023)
+              href: breaking-changes/self-hosted-gateway-v0-v1-retirement-oct-2023.md
+            - name: Deprecated (legacy) developer portal (October 2023)
+              items:
                 - name: Deprecated portal - customize the portal
                   href: api-management-customize-styles.md
                 - name: Deprecated portal - modify pages and layouts
@@ -464,17 +474,17 @@
                       href: api-management-page-templates.md
                     - name: Template resources
                       href: api-management-template-resources.md
-      - name: Breaking changes
-        items:
-            - name: Breaking changes overview
-              href: breaking-changes/overview.md
-            - name: Virtual network changes (March 2023)
-              href: breaking-changes/rp-source-ip-address-change-mar2023.md
+            - name: stv1 compute platform retirement (August 2024)
+              href: breaking-changes/stv1-platform-retirement-august-2024.md
+            - name: ADAL-based identity provider retirement (September 2025)
+              href: breaking-changes/identity-provider-adal-retirement-sep-2025.md
+            - name: CAPTCHA endpoint update (September 2025)
+              href: breaking-changes/captcha-endpoint-change-sep-2025.md       
       - name: Regional availability
         href: https://azure.microsoft.com/global-infrastructure/services/
       - name: Microsoft Q&A question page
         href: /answers/topics/azure-api-management.html
       - name: Stack Overflow
         href: https://stackoverflow.com/questions/tagged/azure-api-management
       - name: Additional resources
-        href: https://aka.ms/apimlove
+        href: https://aka.ms/apimlove

articles/api-management/breaking-changes/api-version-retirement-sep-2023.md

@@ -0,0 +1,62 @@
+---
+title: Azure API Management - API version retirements (September 2023) | Microsoft Docs
+description: Azure API Management is retiring all API versions prior to 2021-08-01. If you use one of these API versions, you must update your tools, scripts, or programs to use the latest versions.
+services: api-management
+documentationcenter: ''
+author: adrianhall
+ms.service: api-management
+ms.topic: reference
+ms.date: 07/25/2022
+ms.author: adhal
+---
+
+# API version retirements (September 2023)
+
+Azure API Management uses Azure Resource Manager (ARM) to configure your API Management instances. The API version is embedded in your use of templates that describe your infrastructure, tools that are used to configure the service, and programs that you write to manage your Azure API Management services. 
+
+On 30 September 2023, all API versions prior to **2021-08-01** will be retired and API calls using those API versions will fail. This means you'll no longer be able to create or manage your API Management services using your existing templates, tools, scripts, and programs until they've been updated. Data operations (such as accessing the APIs or Products configured on Azure API Management) will be unaffected by this update, including after 30 September 2023. 
+
+From now through 30 September 2023, you can continue to use the templates, tools, and programs without impact. You can transition to API version 2021-08-01 or later at any point prior to 30 September 2023. 
+
+## Is my service affected by this?
+
+While your service isn't* affected by this change, any tool, script, or program that uses the Azure Resource Manager (such as the Azure CLI, Azure PowerShell, Azure API Management DevOps Resource Kit, or Terraform) is affected by this change. You'll be unable to run those tools successfully unless you update the tools.
+
+## What is the deadline for the change?
+
+The affected API versions will no longer be valid after 30 September 2023.
+
+After 30 September 2023, if you prefer not to update your tools, scripts, and programs, your services will continue to run but you won't be able to add or remove APIs, change API policy, or otherwise configure your API Management service. 
+
+## Required action
+
+* **ARM, Bicep, or Terraform templates** - Update the template to use API version 2021-08-01 or later. 
+
+* **Azure CLI** - Run `az version -help` to check your version. If you're running version 2.38.0 or later, no action is required. Use the `az upgrade` command to upgrade the Azure CLI if necessary. For more information, see [How to update the Azure CLI](/cli/azure/update-azure-cli).
+
+* **Azure PowerShell** - Run `Get-Module -ListAvailable -Name Az` to check your version. If you're running version 8.1.0 or later, no action is required. Use `Update-Module -Name Az -Repository PSGallery` to update the module if necessary. For more information, see [Install the Azure Az PowerShell module](/powershell/azure/install-az-ps).
+
+* **Other tools** - Use the following versions (or later):
+
+    * API Management DevOps Resource Kit: 1.0.0
+    * Terraform azurerm provider: 3.0.0
+    
+* **Azure SDKs** - Update the Azure API Management SDKs to the latest versions (or later): 
+
+    * .NET: 8.0.0 
+    * Go: 1.0.0 
+    * Python: 3.0.0 
+    * JavaScript: 8.0.1 
+
+## More information
+
+* [Azure CLI](/cli/azure/update-azure-cli)
+* [Azure PowerShell](/powershell/azure/install-az-ps)
+* [Azure Resource Manager](/azure/azure-resource-manager/management/overview)
+* [Terraform on Azure](/azure/developer/terraform/)
+* [Bicep](/azure/azure-resource-manager/bicep/overview)
+* [Microsoft Q&A](/answers/topics/azure-api-management.html)
+
+## Next steps
+
+See all [upcoming breaking changes and feature retirements](overview.md).

articles/api-management/breaking-changes/captcha-endpoint-change-sep-2025.md

@@ -0,0 +1,70 @@
+---
+title: Azure API Management CAPTCHA endpoint change (September 2025) | Microsoft Docs
+description: Azure API Management is updating the CAPTCHA endpoint. If your service is hosted in an Azure virtual network, you may need to update network settings to continue using the developer portal.
+services: api-management
+documentationcenter: ''
+author: mikebudzynski
+ms.service: api-management
+ms.topic: reference
+ms.date: 09/06/2022
+ms.author: mibudz
+---
+
+# CAPTCHA endpoint update (September 2025)
+
+On 30 September, 2025 as part of our continuing work to increase the resiliency of API Management services, we're permanently changing the CAPTCHA endpoint used by the developer portal. 
+
+This change will have no effect on the availability of your API Management service. However, you may have to take steps described below to continue using the developer portal beyond 30 September, 2025.
+
+## Is my service affected by this change?
+
+Your service may be impacted by this change if:
+
+* Your API Management service is running inside an Azure virtual network.
+* You use the Azure API Management developer portal.
+
+Follow the steps below to confirm if your network restricts connectivity to the new CAPTCHA endpoint.
+
+1. Navigate to your API Management service in the Azure portal.
+2. Select **Network** from the menu and go to the **Network status tab**.
+3. Check the status for the **Captcha endpoint**. Your service is impacted if the status isn't **Success**.
+
+## What is the deadline for the change?
+
+The CAPTCHA endpoint will permanently change on 30 September, 2025. Complete all required networking changes before then.
+
+After 30 September 2025, if you prefer not to make changes to your network configuration, your services will continue to run but the developer portal sign-up and password reset functionality will no longer work.
+
+## What do I need to do?
+
+Update the virtual network configuration to allow connectivity to the new CAPTCHA hostnames. 
+
+| Environment | Endpoint |
+| --- | --- |
+| Global Azure cloud | `partner.prod.repmap.microsoft.com` |
+| USGov | `partner.prod.repmap.microsoft.us` |
+
+The new CAPTCHA endpoints provide the same functionality as the previous endpoints.
+
+## Help and support
+
+If you have questions, get answers from community experts in [Microsoft Q&A](https://aka.ms/apim/azureqa/change/captcha-2022). If you have a support plan and you need technical help, create a [support request](https://portal.azure.com/#view/Microsoft_Azure_Support/HelpAndSupportBlade/~/overview).
+
+1. For **Summary**, type a description of your issue, for example, "stv1 retirement". 
+1. Under **Issue type**, select **Technical**.  
+1. Under **Subscription**, select your subscription.  
+1. Under **Service**, select **My services**, then select **API Management Service**. 
+1. Under **Resource**, select the Azure resource that you’re creating a support request for.  
+1. For **Problem type**, select **General configuration**. 
+1. For **Problem subtype**, select **VNET integration**.
+
+## More information
+
+* [Virtual Network](../../virtual-network/index.yml)
+* [API Management VNet Reference](../virtual-network-reference.md)
+* [Microsoft Q&A](/answers/topics/azure-api-management.html)
+
+
+## Next steps
+
+See all [upcoming breaking changes and feature retirements](overview.md).

articles/api-management/breaking-changes/identity-provider-adal-retirement-sep-2025.md

@@ -0,0 +1,68 @@
+---
+title: Azure API Management identity providers configuration change (September 2025) | Microsoft Docs
+description: Azure API Management is updating the library used for user authentication in the developer portal. If you use Azure AD or Azure AD B2C identity providers, you need to update application settings and identity provider configuration to use the Microsoft Authentication Library (MSAL).
+services: api-management
+documentationcenter: ''
+author: mikebudzynski
+ms.service: api-management
+ms.topic: reference
+ms.date: 09/06/2022
+ms.author: mibudz
+---
+
+# ADAL-based Azure AD or Azure AD B2C identity provider retirement (September 2025)
+
+On 30 September, 2025 as part of our continuing work to increase the resiliency of API Management services, we're removing the support for the previous library for user authentication and authorization in the developer portal (AD Authentication Library, or ADAL). You need to migrate your Azure AD or Azure AD B2C applications, change identity provider configuration to use the Microsoft Authentication Library (MSAL), and republish your developer portal.
+
+This change will have no effect on the availability of your API Management service. However, you have to take steps described below to configure your API Management service if you wish to continue using Azure AD or Azure AD B2C identity providers beyond 30 September, 2025.
+
+## Is my service affected by this change?
+
+Your service is impacted by this change if:
+
+* You've configured an [Azure AD](../api-management-howto-aad.md) or [Azure AD B2C](../api-management-howto-aad-b2c.md) identity provider for user account authentication using the ADAL and use the provided developer portal.
+
+## What is the deadline for the change?
+
+On 30 September, 2025, these identity providers will stop functioning. To avoid disruption of your developer portal, you need to update your Azure AD applications and identity provider configuration in Azure API Management by that date. Your developer portal might be at a security risk after Microsoft ADAL support ends in December 2022. 
+
+Developer portal sign-in and sign-up with Azure AD or Azure AD B2C will stop working past 30 September, 2025 if you don't update your ADAL-based Azure AD or Azure AD B2C identity providers. This new authentication method is more secure, as it relies on the OAuth 2.0 authorization code flow with PKCE and uses an up-to-date software library. 
+
+## What do I need to do?
+
+### Update Azure AD and Azure AD B2C applications for MSAL compatibility
+
+[Switch redirect URIs to the single-page application type](../../active-directory/develop/migrate-spa-implicit-to-auth-code.md#switch-redirect-uris-to-spa-platform).
+
+### Update identity provider configuration
+
+1. Go to the [Azure portal](https://portal.azure.com) and navigate to your Azure API Management service.
+2. Select **Identities** in the menu.
+3. Select **Azure Active Directory** or **Azure Active Directory B2C** from the list.
+4. Select **MSAL** in the **Client library** dropdown.
+5. Select **Update**.
+6. [Republish your developer portal](../api-management-howto-developer-portal-customize.md#publish-from-the-azure-portal).
+
+
+## Help and support
+
+If you have questions, get answers from community experts in [Microsoft Q&A](https://aka.ms/apim/azureqa/change/msal-2022). If you have a support plan and you need technical help, create a [support request](https://portal.azure.com/#view/Microsoft_Azure_Support/HelpAndSupportBlade/~/overview).
+
+1. For **Summary**, type a description of your issue, for example, "stv1 retirement". 
+1. Under **Issue type**, select **Technical**.  
+1. Under **Subscription**, select your subscription.  
+1. Under **Service**, select **My services**, then select **API Management Service**. 
+1. Under **Resource**, select the Azure resource that you’re creating a support request for.  
+1. For **Problem type**, select **Authentication and Security**. 
+1. For **Problem subtype**, select **Azure Active Directory Authentication** or **Azure Active Directory B2C Authentication**.
+
+
+## More information
+
+* [Authenticate users with Azure AD](../api-management-howto-aad.md)
+* [Authenticate users with Azure AD B2C](../api-management-howto-aad-b2c.md)
+* [Microsoft Q&A](/answers/topics/azure-api-management.html)
+
+## Next steps
+
+See all [upcoming breaking changes and feature retirements](overview.md).

articles/api-management/breaking-changes/overview.md

@@ -7,7 +7,7 @@ author: adrianhall
 
 ms.service: api-management
 ms.topic: reference
-ms.date: 02/07/2022
+ms.date: 09/07/2022
 ms.author: adhal
 ---
 
@@ -17,7 +17,21 @@ The following table lists all the upcoming breaking changes and feature retireme
 
 | Change Title | Effective Date |
 |:-------------|:---------------|
-| [Resource Provider Source IP Address Update][bc1] | March 31, 2023 |
+| [Resource provider source IP address updates][bc1] | March 31, 2023 |
+| [Resource provider source IP address updates][rp2023] | September 30, 2023 |
+| [API version retirements][api2023] | September 30, 2023 |
+| [Deprecated (legacy) portal retirement][devportal2023] | October 2023 |
+| [Self-hosted gateway v0/v1 retirement][shgwv0v1] | October 1, 2023 |
+| [stv1 platform retirement][stv12024] | August 31, 2024 |
+| [ADAL-based Azure AD or Azure AD B2C identity provider retirement][msal2025] | September 30, 2025 |
+| [CAPTCHA endpoint update][captcha2025] | September 30, 2025 |
 
 <!-- Links -->
-[bc1]: ./rp-source-ip-address-change-mar2023.md
+[bc1]: ./rp-source-ip-address-change-mar-2023.md
+[rp2023]: ./rp-source-ip-address-change-sep-2023.md 
+[api2023]: ./api-version-retirement-sep-2023.md
+[devportal2023]: ../api-management-customize-styles.md
+[shgwv0v1]: ./self-hosted-gateway-v0-v1-retirement-oct-2023.md
+[stv12024]: ./stv1-platform-retirement-august-2024.md
+[msal2025]: ./identity-provider-adal-retirement-sep-2025.md
+[captcha2025]: ./captcha-endpoint-change-sep-2025.md