Merge main into live

.openpublishing.redirection.azure.json

@@ -127,6 +127,10 @@
         {
             "source_path_from_root": "/docs/azure/sdk/authentication/authentication-best-practices.md",
             "redirect_url": "/dotnet/azure/sdk/authentication/best-practices"
+        },
+        {
+            "source_path_from_root": "/docs/azure/sdk/authentication/azure-hosted-apps.md",
+            "redirect_url": "/docs/azure/sdk/authentication/system-assigned-managed-identity"
         }
     ]
 }

docs/azure/TOC.yml

@@ -66,7 +66,11 @@
         - name: Auth using developer accounts
           href: ./sdk/authentication/local-development-dev-accounts.md
       - name: Auth from Azure-hosted apps
-        href: ./sdk/authentication/azure-hosted-apps.md
+        items:
+        - name: Use a system-assigned managed identity
+          href: ./sdk/authentication/system-assigned-managed-identity.md
+        - name: Use a user-assigned managed identity
+          href: ./sdk/authentication/user-assigned-managed-identity.md
       - name: Auth from on-premises apps
         href: ./sdk/authentication/on-premises-apps.md
       - name: Auth via configuration files

docs/azure/includes/dotnet-new.md

@@ -25,7 +25,7 @@
 | Communication SMS | NuGet [1.0.1](https://www.nuget.org/packages/Azure.Communication.Sms/1.0.1)<br>NuGet [1.1.0-beta.2](https://www.nuget.org/packages/Azure.Communication.Sms/1.1.0-beta.2) | [docs](/dotnet/api/overview/azure/Communication.Sms-readme) | GitHub [1.0.1](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Communication.Sms_1.0.1/sdk/communication/Azure.Communication.Sms/)<br>GitHub [1.1.0-beta.2](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Communication.Sms_1.1.0-beta.2/sdk/communication/Azure.Communication.Sms/) |
 | Compute Batch | NuGet [1.0.0-beta.1](https://www.nuget.org/packages/Azure.Compute.Batch/1.0.0-beta.1) | [docs](/dotnet/api/overview/azure/Compute.Batch-readme?view=azure-dotnet-preview&amp;preserve-view=true) | GitHub [1.0.0-beta.1](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Compute.Batch_1.0.0-beta.1/sdk/batch/Azure.Compute.Batch/) |
 | Confidential Ledger | NuGet [1.3.0](https://www.nuget.org/packages/Azure.Security.ConfidentialLedger/1.3.0)<br>NuGet [1.4.1-beta.1](https://www.nuget.org/packages/Azure.Security.ConfidentialLedger/1.4.1-beta.1) | [docs](/dotnet/api/overview/azure/Security.ConfidentialLedger-readme) | GitHub [1.3.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Security.ConfidentialLedger_1.3.0/sdk/confidentialledger/Azure.Security.ConfidentialLedger/)<br>GitHub [1.4.1-beta.1](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Security.ConfidentialLedger_1.4.1-beta.1/sdk/confidentialledger/Azure.Security.ConfidentialLedger/) |
-| Container Registry | NuGet [1.1.1](https://www.nuget.org/packages/Azure.Containers.ContainerRegistry/1.1.1)<br>NuGet [1.2.0-beta.1](https://www.nuget.org/packages/Azure.Containers.ContainerRegistry/1.2.0-beta.1) | [docs](/dotnet/api/overview/azure/Containers.ContainerRegistry-readme) | GitHub [1.1.1](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Containers.ContainerRegistry_1.1.1/sdk/containerregistry/Azure.Containers.ContainerRegistry/)<br>GitHub [1.2.0-beta.1](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Containers.ContainerRegistry_1.2.0-beta.1/sdk/containerregistry/Azure.Containers.ContainerRegistry/) |
+| Container Registry | NuGet [1.2.0](https://www.nuget.org/packages/Azure.Containers.ContainerRegistry/1.2.0) | [docs](/dotnet/api/overview/azure/Containers.ContainerRegistry-readme) | GitHub [1.2.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Containers.ContainerRegistry_1.2.0/sdk/containerregistry/Azure.Containers.ContainerRegistry/) |
 | Content Safety | NuGet [1.0.0](https://www.nuget.org/packages/Azure.AI.ContentSafety/1.0.0) | [docs](/dotnet/api/overview/azure/AI.ContentSafety-readme) | GitHub [1.0.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.AI.ContentSafety_1.0.0/sdk/contentsafety/Azure.AI.ContentSafety/) |
 | Conversational Language Understanding | NuGet [1.1.0](https://www.nuget.org/packages/Azure.AI.Language.Conversations/1.1.0)<br>NuGet [2.0.0-beta.2](https://www.nuget.org/packages/Azure.AI.Language.Conversations/2.0.0-beta.2) | [docs](/dotnet/api/overview/azure/AI.Language.Conversations-readme) | GitHub [1.1.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.AI.Language.Conversations_1.1.0/sdk/cognitivelanguage/Azure.AI.Language.Conversations/)<br>GitHub [2.0.0-beta.2](https://github.com/Azure/azure-sdk-for-net/tree/Azure.AI.Language.Conversations_2.0.0-beta.2/sdk/cognitivelanguage/Azure.AI.Language.Conversations/) |
 | Core - Client - AMQP | NuGet [1.3.1](https://www.nuget.org/packages/Azure.Core.Amqp/1.3.1) | [docs](/dotnet/api/overview/azure/Core.Amqp-readme) | GitHub [1.3.1](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Core.Amqp_1.3.1/sdk/core/Azure.Core.Amqp/) |
@@ -79,7 +79,7 @@
 | Monitor Query | NuGet [1.6.0](https://www.nuget.org/packages/Azure.Monitor.Query/1.6.0) | [docs](/dotnet/api/overview/azure/Monitor.Query-readme) | GitHub [1.6.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Monitor.Query_1.6.0/sdk/monitor/Azure.Monitor.Query/) |
 | NUnit ? Microsoft Playwright Testing | NuGet [1.0.0-beta.4](https://www.nuget.org/packages/Azure.Developer.MicrosoftPlaywrightTesting.NUnit/1.0.0-beta.4) | [docs](/dotnet/api/overview/azure/Developer.MicrosoftPlaywrightTesting.NUnit-readme?view=azure-dotnet-preview&amp;preserve-view=true) | GitHub [1.0.0-beta.4](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Developer.MicrosoftPlaywrightTesting.NUnit_1.0.0-beta.4/sdk/playwrighttesting/Azure.Developer.MicrosoftPlaywrightTesting.NUnit/) |
 | OpenAI Assistants | NuGet [1.0.0-beta.4](https://www.nuget.org/packages/Azure.AI.OpenAI.Assistants/1.0.0-beta.4) | [docs](/dotnet/api/overview/azure/AI.OpenAI.Assistants-readme?view=azure-dotnet-preview&amp;preserve-view=true) | GitHub [1.0.0-beta.4](https://github.com/Azure/azure-sdk-for-net/tree/Azure.AI.OpenAI.Assistants_1.0.0-beta.4/sdk/openai/Azure.AI.OpenAI.Assistants/) |
-| OpenAI Inference | NuGet [2.1.0](https://www.nuget.org/packages/Azure.AI.OpenAI/2.1.0) | [docs](/dotnet/api/overview/azure/AI.OpenAI-readme) | GitHub [2.1.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.AI.OpenAI_2.1.0/sdk/openai/Azure.AI.OpenAI/) |
+| OpenAI Inference | NuGet [2.1.0](https://www.nuget.org/packages/Azure.AI.OpenAI/2.1.0)<br>NuGet [2.2.0-beta.1](https://www.nuget.org/packages/Azure.AI.OpenAI/2.2.0-beta.1) | [docs](/dotnet/api/overview/azure/AI.OpenAI-readme) | GitHub [2.1.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.AI.OpenAI_2.1.0/sdk/openai/Azure.AI.OpenAI/)<br>GitHub [2.2.0-beta.1](https://github.com/Azure/azure-sdk-for-net/tree/Azure.AI.OpenAI_2.2.0-beta.1/sdk/openai/Azure.AI.OpenAI/) |
 | OpenTelemetry AspNetCore | NuGet [1.2.0](https://www.nuget.org/packages/Azure.Monitor.OpenTelemetry.AspNetCore/1.2.0)<br>NuGet [1.3.0-beta.2](https://www.nuget.org/packages/Azure.Monitor.OpenTelemetry.AspNetCore/1.3.0-beta.2) | [docs](/dotnet/api/overview/azure/Monitor.OpenTelemetry.AspNetCore-readme) | GitHub [1.2.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Monitor.OpenTelemetry.AspNetCore_1.2.0/sdk/monitor/Azure.Monitor.OpenTelemetry.AspNetCore/)<br>GitHub [1.3.0-beta.2](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Monitor.OpenTelemetry.AspNetCore_1.3.0-beta.2/sdk/monitor/Azure.Monitor.OpenTelemetry.AspNetCore/) |
 | OpenTelemetry Exporter | NuGet [1.3.0](https://www.nuget.org/packages/Azure.Monitor.OpenTelemetry.Exporter/1.3.0)<br>NuGet [1.4.0-beta.2](https://www.nuget.org/packages/Azure.Monitor.OpenTelemetry.Exporter/1.4.0-beta.2) | [docs](/dotnet/api/overview/azure/Monitor.OpenTelemetry.Exporter-readme) | GitHub [1.3.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Monitor.OpenTelemetry.Exporter_1.3.0/sdk/monitor/Azure.Monitor.OpenTelemetry.Exporter/)<br>GitHub [1.4.0-beta.2](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Monitor.OpenTelemetry.Exporter_1.4.0-beta.2/sdk/monitor/Azure.Monitor.OpenTelemetry.Exporter/) |
 | OpenTelemetry LiveMetrics | NuGet [1.0.0-beta.3](https://www.nuget.org/packages/Azure.Monitor.OpenTelemetry.LiveMetrics/1.0.0-beta.3) | [docs](/dotnet/api/overview/azure/Monitor.OpenTelemetry.LiveMetrics-readme?view=azure-dotnet-preview&amp;preserve-view=true) | GitHub [1.0.0-beta.3](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Monitor.OpenTelemetry.LiveMetrics_1.0.0-beta.3/sdk/monitor/Azure.Monitor.OpenTelemetry.LiveMetrics/) |
@@ -124,13 +124,13 @@
 | Web PubSub | NuGet [1.4.0](https://www.nuget.org/packages/Azure.Messaging.WebPubSub/1.4.0) | [docs](/dotnet/api/overview/azure/Messaging.WebPubSub-readme) | GitHub [1.4.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Messaging.WebPubSub_1.4.0/sdk/webpubsub/Azure.Messaging.WebPubSub/) |
 | Web PubSub Client | NuGet [1.0.0](https://www.nuget.org/packages/Azure.Messaging.WebPubSub.Client/1.0.0) | [docs](/dotnet/api/overview/azure/Messaging.WebPubSub.Client-readme) | GitHub [1.0.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Messaging.WebPubSub.Client_1.0.0/sdk/webpubsub/Azure.Messaging.WebPubSub.Client/) |
 | Azure client library integration for ASP.NET Core | NuGet [1.10.0](https://www.nuget.org/packages/Microsoft.Extensions.Azure/1.10.0) | [docs](/dotnet/api/overview/azure/Microsoft.Extensions.Azure-readme) | GitHub [1.10.0](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.Extensions.Azure_1.10.0/sdk/extensions/Microsoft.Extensions.Azure/) |
-| Blob Storage Key Store for .NET Data Protection | NuGet [1.4.0](https://www.nuget.org/packages/Azure.Extensions.AspNetCore.DataProtection.Blobs/1.4.0) | [docs](/dotnet/api/overview/azure/Extensions.AspNetCore.DataProtection.Blobs-readme) | GitHub [1.4.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Extensions.AspNetCore.DataProtection.Blobs_1.4.0/sdk/extensions/Azure.Extensions.AspNetCore.DataProtection.Blobs/) |
+| Blob Storage Key Store for .NET Data Protection | NuGet [1.5.0](https://www.nuget.org/packages/Azure.Extensions.AspNetCore.DataProtection.Blobs/1.5.0) | [docs](/dotnet/api/overview/azure/Extensions.AspNetCore.DataProtection.Blobs-readme) | GitHub [1.5.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Extensions.AspNetCore.DataProtection.Blobs_1.5.0/sdk/extensions/Azure.Extensions.AspNetCore.DataProtection.Blobs/) |
 | CloudNative CloudEvents with Event Grid  | NuGet [1.0.0](https://www.nuget.org/packages/Microsoft.Azure.Messaging.EventGrid.CloudNativeCloudEvents/1.0.0) | [docs](/dotnet/api/overview/azure/Microsoft.Azure.Messaging.EventGrid.CloudNativeCloudEvents-readme) | GitHub [1.0.0](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.Azure.Messaging.EventGrid.CloudNativeCloudEvents_1.0.0/sdk/eventgrid/Microsoft.Azure.Messaging.EventGrid.CloudNativeCloudEvents/) |
 | Core - Client - Spatial | NuGet [1.1.0](https://www.nuget.org/packages/Microsoft.Azure.Core.Spatial/1.1.0)<br>NuGet [1.2.0-beta.1](https://www.nuget.org/packages/Microsoft.Azure.Core.Spatial/1.2.0-beta.1) | [docs](/dotnet/api/overview/azure/Microsoft.Azure.Core.Spatial-readme) | GitHub [1.1.0](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.Azure.Core.Spatial_1.1.0/sdk/core/Microsoft.Azure.Core.Spatial/)<br>GitHub [1.2.0-beta.1](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.Azure.Core.Spatial_1.2.0-beta.1/sdk/core/Microsoft.Azure.Core.Spatial/) |
 | Core - Client - Spatial Newtonsoft Json | NuGet [1.0.0](https://www.nuget.org/packages/Microsoft.Azure.Core.Spatial.NewtonsoftJson/1.0.0)<br>NuGet [1.1.0-beta.1](https://www.nuget.org/packages/Microsoft.Azure.Core.Spatial.NewtonsoftJson/1.1.0-beta.1) | [docs](/dotnet/api/overview/azure/Microsoft.Azure.Core.Spatial.NewtonsoftJson-readme) | GitHub [1.0.0](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.Azure.Core.Spatial.NewtonsoftJson_1.0.0/sdk/core/Microsoft.Azure.Core.Spatial.NewtonsoftJson/)<br>GitHub [1.1.0-beta.1](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.Azure.Core.Spatial.NewtonsoftJson_1.1.0-beta.1/sdk/core/Microsoft.Azure.Core.Spatial.NewtonsoftJson/) |
 | Functions extension for Azure Tables | NuGet [1.3.2](https://www.nuget.org/packages/Microsoft.Azure.WebJobs.Extensions.Tables/1.3.2) | [docs](/dotnet/api/overview/azure/Microsoft.Azure.WebJobs.Extensions.Tables-readme) | GitHub [1.3.2](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.Azure.WebJobs.Extensions.Tables_1.3.2/sdk/tables/Microsoft.Azure.WebJobs.Extensions.Tables/) |
-| Key Encryptor for .NET Data Protection | NuGet [1.3.0](https://www.nuget.org/packages/Azure.Extensions.AspNetCore.DataProtection.Keys/1.3.0) | [docs](/dotnet/api/overview/azure/Extensions.AspNetCore.DataProtection.Keys-readme) | GitHub [1.3.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Extensions.AspNetCore.DataProtection.Keys_1.3.0/sdk/extensions/Azure.Extensions.AspNetCore.DataProtection.Keys/) |
-| Secrets Configuration Provider for .NET | NuGet [1.3.2](https://www.nuget.org/packages/Azure.Extensions.AspNetCore.Configuration.Secrets/1.3.2) | [docs](/dotnet/api/overview/azure/Extensions.AspNetCore.Configuration.Secrets-readme) | GitHub [1.3.2](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Extensions.AspNetCore.Configuration.Secrets_1.3.2/sdk/extensions/Azure.Extensions.AspNetCore.Configuration.Secrets/) |
+| Key Encryptor for .NET Data Protection | NuGet [1.4.0](https://www.nuget.org/packages/Azure.Extensions.AspNetCore.DataProtection.Keys/1.4.0) | [docs](/dotnet/api/overview/azure/Extensions.AspNetCore.DataProtection.Keys-readme) | GitHub [1.4.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Extensions.AspNetCore.DataProtection.Keys_1.4.0/sdk/extensions/Azure.Extensions.AspNetCore.DataProtection.Keys/) |
+| Secrets Configuration Provider for .NET | NuGet [1.4.0](https://www.nuget.org/packages/Azure.Extensions.AspNetCore.Configuration.Secrets/1.4.0) | [docs](/dotnet/api/overview/azure/Extensions.AspNetCore.Configuration.Secrets-readme) | GitHub [1.4.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Extensions.AspNetCore.Configuration.Secrets_1.4.0/sdk/extensions/Azure.Extensions.AspNetCore.Configuration.Secrets/) |
 | Storage - Common | NuGet [12.22.0](https://www.nuget.org/packages/Azure.Storage.Common/12.22.0) | [docs](/dotnet/api/overview/azure/Storage.Common-readme) | GitHub [12.22.0](https://github.com/Azure/azure-sdk-for-net/tree/Azure.Storage.Common_12.22.0/sdk/storage/Azure.Storage.Common/) |
 | WebJobs Extensions - Event Grid | NuGet [3.4.3](https://www.nuget.org/packages/Microsoft.Azure.WebJobs.Extensions.EventGrid/3.4.3) | [docs](/dotnet/api/overview/azure/Microsoft.Azure.WebJobs.Extensions.EventGrid-readme) | GitHub [3.4.3](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.Azure.WebJobs.Extensions.EventGrid_3.4.3/sdk/eventgrid/Microsoft.Azure.WebJobs.Extensions.EventGrid/) |
 | WebJobs Extensions - Event Hubs | NuGet [6.3.5](https://www.nuget.org/packages/Microsoft.Azure.WebJobs.Extensions.EventHubs/6.3.5) | [docs](/dotnet/api/overview/azure/Microsoft.Azure.WebJobs.Extensions.EventHubs-readme) | GitHub [6.3.5](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.Azure.WebJobs.Extensions.EventHubs_6.3.5/sdk/eventhub/Microsoft.Azure.WebJobs.Extensions.EventHubs/) |

docs/azure/sdk/authentication/azure-hosted-apps.md → docs/azure/sdk/authentication/system-assigned-managed-identity.md

@@ -1,30 +1,23 @@
 ---
-title: Authenticate Azure-hosted .NET apps to Azure resources
-description: Learn how to authenticate apps to Azure services when hosted in an Azure compute service like Azure App Service, Azure Functions, or Azure Virtual Machines.
+title: Authenticate Azure-hosted .NET apps to Azure resources using a system-assigned managed identity
+description: Learn how to authenticate Azure-hosted .NET apps to other Azure services using a system-assigned managed identity.
 ms.topic: how-to
 ms.custom: devx-track-dotnet, engagement-fy23, devx-track-azurecli
 ms.date: 02/06/2025
 ---
 
-# Authenticate Azure-hosted apps to Azure resources with the Azure SDK for .NET
+# Authenticate Azure-hosted .NET apps to Azure resources using a system-assigned managed identity
 
 The recommended approach to authenticate an Azure-hosted app to other Azure resources is to use a [managed identity](/entra/identity/managed-identities-azure-resources/overview). This approach is [supported for most Azure services](/entra/identity/managed-identities-azure-resources/managed-identities-status), including apps hosted on Azure App Service, Azure Container Apps, and Azure Virtual Machines. Discover more about different authentication techniques and approaches on the [authentication overview](/dotnet/azure/sdk/authentication) page. In the sections ahead, you'll learn:
 
 - Essential managed identity concepts
-- How to create a managed identity for your app
-- How to assign roles to the managed identity
-- How to authenticate using the managed identity from your app code
+- How to create a system-assigned managed identity for your app
+- How to assign roles to the system-assigned managed identity
+- How to authenticate using the system-assigned managed identity from your app code
 
-## Essential managed identity concepts
+[!INCLUDE [managed-identity-concepts](../includes/managed-identity-concepts.md)]
 
-A managed identity enables your app to securely connect to other Azure resources without the use of secret keys or other application secrets. Internally, Azure tracks the identity and which resources it's allowed to connect to. Azure uses this information to automatically obtain Microsoft Entra tokens for the app to allow it to connect to other Azure resources.
-
-There are two types of managed identities to consider when configuring your hosted app:
-
-- **System-assigned** identities are enabled directly on an Azure resource and are tied to its life cycle. When the resource is deleted, Azure automatically deletes the identity for you. System-assigned identities provide a minimalistic approach to using managed identities.
-- **User-assigned** identities are created as standalone Azure resources and offer greater flexibility and capabilities. They are ideal for solutions involving multiple Azure resources that need to share the same identity and permissions. For example, if multiple virtual machines need to access the same set of Azure resources, a user-assigned managed identity provides reusability and optimized management.
-
-The sections ahead describe the steps to enable and use a system-assigned managed identity for an Azure-hosted app. If you need to use a user-assigned managed identity, visit the [Manage user-assigned managed identities](/entra/identity/managed-identities-azure-resources/how-manage-user-assigned-managed-identities?pivots=identity-mi-methods-azp) article for more information.
+The sections ahead describe the steps to enable and use a system-assigned managed identity for an Azure-hosted app. If you need to use a user-assigned managed identity, visit the [user-assigned managed identities](/dotnet/azure/sdk/authentication/user-assigned-managed-identity) article for more information.
 
 ## Enable a system-assigned managed identity on the Azure hosting resource