MicrosoftDocs
diff --git a/‎articles/active-directory-b2c/add-password-reset-policy.md‎
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-b2c/add-password-reset-policy.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory-b2c/configure-authentication-sample-spa-app.md‎
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-b2c/configure-authentication-sample-spa-app.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory-b2c/localization-string-ids.md‎
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-b2c/localization-string-ids.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory-b2c/partner-dynamics-365-fraud-protection.md‎
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-b2c/partner-dynamics-365-fraud-protection.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory-b2c/technicalprofiles.md‎
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-b2c/technicalprofiles.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/api-center/register-discover-mcp-server.md‎
Lines changed: 13 additions & 10 deletions b/‎articles/api-center/register-discover-mcp-server.md‎
Lines changed: 13 additions & 10 deletions
diff --git a/‎articles/api-management/breaking-changes/trusted-service-connectivity-retirement-march-2026.md‎
Lines changed: 5 additions & 0 deletions b/‎articles/api-management/breaking-changes/trusted-service-connectivity-retirement-march-2026.md‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎articles/application-gateway/configuration-http-settings.md‎
Lines changed: 9 additions & 0 deletions b/‎articles/application-gateway/configuration-http-settings.md‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎articles/artifact-signing/how-to-signing-integrations.md‎
Lines changed: 1 addition & 1 deletion b/‎articles/artifact-signing/how-to-signing-integrations.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/azure-app-configuration/howto-geo-replication.md‎
Lines changed: 9 additions & 2 deletions b/‎articles/azure-app-configuration/howto-geo-replication.md‎
Lines changed: 9 additions & 2 deletions
@@ -43,7 +43,7 @@ The default name of the **Change email** button in *selfAsserted.html* is **chan
 [!INCLUDE [active-directory-b2c-customization-prerequisites](../../includes/active-directory-b2c-customization-prerequisites.md)]
 
 
-- The B2C users need to have an authentication method specified for self-service password reset. Select the B2C User, in the left menu under **Manage**, select **Authentication methods**. Ensure **Authentication contact info** is set. B2C users created via a Sign-up flow has this set by default. For users created via Azure Portal or by Graph API, you need to set **Authentication contact info** for SSPR to work. 
+- The B2C users need to have an authentication method specified for self-service password reset. Select the B2C User, in the left menu under **Manage**, select **Authentication methods**. Ensure **Authentication contact info** is set. B2C users created via a Sign-up flow has this set by default. For users created via Azure portal or by Graph API, you need to set **Authentication contact info** for SSPR to work. 
 
 
 ## Self-service password reset (recommended)
 
@@ -160,7 +160,7 @@ const msalConfig = {
       clientId: "<your-MyApp-application-ID>", // This is the ONLY mandatory field; everything else is optional.
       authority: b2cPolicies.authorities.signUpSignIn.authority, // Choose sign-up/sign-in user-flow as your default.
       knownAuthorities: [b2cPolicies.authorityDomain], // You must identify your tenant's domain as a known authority.
-      redirectUri: "http://localhost:6420", // You must register this URI on Azure Portal/App Registration. Defaults to "window.location.href".
+      redirectUri: "http://localhost:6420", // You must register this URI on Azure portal/App Registration. Defaults to "window.location.href".
     },
     cache: {
       cacheLocation: "sessionStorage",  
 
@@ -531,7 +531,7 @@ The following IDs are used for [RESTful service technical profile](restful-techn
 
 ## Microsoft Entra multifactor authentication error messages
 
-The following IDs are used for an [Microsoft Entra ID multifactor authentication technical profile](multi-factor-auth-technical-profile.md) error message:
+The following IDs are used for a [Microsoft Entra ID multifactor authentication technical profile](multi-factor-auth-technical-profile.md) error message:
 
 | ID | Default value |
 | --- | ------------- |
 
@@ -94,7 +94,7 @@ Learn more: [UI customization documentation](./customize-ui-with-html.md?pivots=
 
 ### Add policy keys for your Microsoft DFP client app ID and secret
 
-1. In the Microsoft Entra tenant where Microsoft DFP is set up, create an [Microsoft Entra application and grant admin consent](/dynamics365/fraud-protection/integrate-real-time-api#create-azure-active-directory-applications).
+1. In the Microsoft Entra tenant where Microsoft DFP is set up, create a [Microsoft Entra application and grant admin consent](/dynamics365/fraud-protection/integrate-real-time-api#create-azure-active-directory-applications).
 2. Create a secret value for this application registration. Note the application client ID and client secret value.
 3. Save the client ID and client secret values as [policy keys in your Azure AD B2C tenant](./policy-keys-overview.md).
 
 
@@ -311,7 +311,7 @@ In the following technical profile:
 
 ## Persisted claims
 
-The **PersistedClaims** element contains all of the values that should be persisted by an [Microsoft Entra ID technical profile](active-directory-technical-profile.md) with possible mapping information between a claim type already defined in the [ClaimsSchema](claimsschema.md) section in the policy and the Microsoft Entra attribute name.
+The **PersistedClaims** element contains all of the values that should be persisted by a [Microsoft Entra ID technical profile](active-directory-technical-profile.md) with possible mapping information between a claim type already defined in the [ClaimsSchema](claimsschema.md) section in the policy and the Microsoft Entra attribute name.
 
 The name of the claim is the name of the [Microsoft Entra attribute](user-profile-attributes.md) unless the **PartnerClaimType** attribute is specified, which contains the Microsoft Entra attribute name.
 
 
@@ -4,7 +4,7 @@ description: Learn about how Azure API Center can be a centralized registry for
 
 ms.service: azure-api-center
 ms.topic: concept-article
-ms.date: 09/08/2025
+ms.date: 02/05/2026
 
 ms.collection: ce-skilling-ai-copilot
 ms.update-cycle: 180-days
@@ -15,17 +15,20 @@ ms.custom:
 
 # Register and discover remote MCP servers in your API inventory
 
-This article describes how to use Azure API Center to maintain an inventory (or *registry*) of remote model context protocol (MCP) servers and help stakeholders discover them using the API Center portal. MCP servers expose backend APIs or data sources in a standard way to AI agents and models that consume them.
+This article describes how to use Azure API Center to maintain an inventory (or *registry*) of remote model context protocol (MCP) servers and help stakeholders discover them through the API Center portal. MCP servers expose backend APIs or data sources in a standard way to AI agents and models that consume them.
+
+> [!NOTE]
+> New! MCP servers registered in your API Center can now be integrated with Azure AI Foundry's tool catalogs, enabling you to govern MCP tools and make them available to AI agents. Learn more in  [Tool catalog for agents in Azure AI Foundry](/azure/ai-foundry/agents/concepts/tool-catalog) and [Private tool catalogs for Azure AI Foundry agents](/azure/ai-foundry/agents/how-to/private-tool-catalog).
 
 [!INCLUDE [about-mcp-servers](includes/about-mcp-servers.md)]
 
 ## Manually register an MCP server in your API inventory
 
-The following sections describe how to manually inventory a remote MCP server in your API center.
+The following sections describe how to manually add a remote MCP server to your API center inventory.
 
 ### MCP API type
 
-Manually register an MCP server in your API center inventory similar to the way you register other APIs, specifying the API type as **MCP**. To register an API using the Azure portal, see [Tutorial: Register APIs in your API inventory](././tutorials/register-apis.md).
+Manually register an MCP server in your API center inventory similar to the way you register other APIs. Specify the API type as **MCP**. To register an API by using the Azure portal, see [Tutorial: Register APIs in your API inventory](././tutorials/register-apis.md).
 
 As described in the following sections, when you register an MCP server, you can specify an environment, deployment, and definition.
 
@@ -35,7 +38,7 @@ As described in the following sections, when you register an MCP server, you can
 
 ### Environment and deployment for MCP server
 
-In API Center, specify an *environment* and a *deployment* for your MCP server. The environment is the location of the MCP server, such as an API management platform or a compute service, and the deployment is a runtime URL for the MCP service. 
+In API Center, specify an *environment* and a *deployment* for your MCP server. The environment is the location of the MCP server, such as an API management platform or a compute service. The deployment is a runtime URL for the MCP service. 
 
 For information about creating an environment and a deployment, see [Tutorial: Add environments and deployments for APIs](././tutorials/configure-environments-deployments.md).
 
@@ -44,7 +47,7 @@ For information about creating an environment and a deployment, see [Tutorial: A
 Optionally, add an API definition for a remote MCP server in OpenAPI 3.0 format. The API definition must include a URL endpoint for the MCP server. For an example of adding an OpenAPI definition, see [Tutorial: Register APIs in your API inventory](././tutorials/register-apis.md#add-a-definition-to-your-version).
 
 
-You can use the following lightweight OpenAPI 3.0 API definition for your MCP server, which includes a `url` endpoint for the MCP server:
+Use the following lightweight OpenAPI 3.0 API definition for your MCP server, which includes a `url` endpoint for the MCP server:
 
 
 ```json
@@ -73,15 +76,15 @@ Register one or more of the partner MCP servers in your API inventory to make th
 
 To register a partner MCP server:
 
-1. In the [Azure portal](https://portal.azure.com), navigate to your API center.
+1. In the [Azure portal](https://portal.azure.com), go to your API center.
 1. In the sidebar menu, under **Discover**, select **MCP** (preview).
-1. Browse the available partner MCP servers. Select **Register** to add an MCP server to your API inventory. Follow on-screen instructions if provided to complete the registration.
+1. Browse the available partner MCP servers. Select **Register** to add an MCP server to your API inventory. Follow the on-screen instructions if they're provided to complete the registration.
 
-When you add a partner MCP server, API Center automatically configures the following for you:
+When you add a partner MCP server, API Center automatically configures the following settings for you:
 
 * Creates an API entry in your API inventory with the API type set to **MCP**.
 * Creates an environment and a deployment for the MCP server.
-* Adds an OpenAPI definition for the MCP server if available from the partner.
+* Adds an OpenAPI definition for the MCP server if the partner provides one.
 
 To build and register a Logic Apps MCP server, see [Build and register a Logic Apps MCP server](../logic-apps/create-mcp-server-api-center.md).
 
 
@@ -111,6 +111,11 @@ You can configure the networking of target resources to one of the following opt
 
   - [How to front a network security perimeter-protected Azure resource with Azure API Management](../using-network-security-perimeter.md)
 
+> [!IMPORTANT]
+> Customers can continue using trusted services on the target Azure service for non-Azure API Management scenarios. However, Azure API Management will no longer support it so the gateway needs alternative ways to communicate and have network line-of-sight.
+>
+> For example, you can enable trusted service connectivity for an Azure Storage resource and use Network Security Perimeter to access it from API Management's gateway.
+ 
 ### Step 3: Disable trusted service connectivity in API Management gateway
 
 After ensuring that your API Management gateway doesn't access other Azure services using trusted service connectivity, you must explicitly disable trusted connectivity in your gateway to acknowledge you have verified that the service no longer depends on trusted connectivity.
 
@@ -188,6 +188,15 @@ This capability establishes direct, one-to-one mapping between frontend and back
 >
 >Dedicated Backend connection is not supported with HTTP/2.
 
+**Troubleshooting 4xx Errors with Dedicated Backend Connections**
+
+When Dedicated Backend Connections is enabled for a backend setting, and the backend application returns 4xx status codes, use the following guidance to diagnose and resolve the issue.
+
+**Verify Service Principal Name (SPN) Configuration**-Authentication mechanisms such as NTLM and Kerberos require correctly registered Service Principal Names .Ensure that SPNs are properly configured and unique in the directory to allow successful authentication.For additional details , see the [Kerberos documentation.]( /windows/win32/ad/mutual-authentication-using-kerberos)
+
+**Review Backend Server Logs for Sub‑Status Codes**-Application Gateway surfaces only the primary HTTP status (for example, 401 Unauthorized). To identify the underlying cause, review the backend server logs for more detailed sub‑status information.For guidance refer to the [Windows Authentication configuration.](/iis/configuration/system.webserver/security/authentication/windowsauthentication/#remarks)
+
+
 ## [Backend Settings](#tab/backendsettings)
 
 ### Port
 
@@ -227,7 +227,7 @@ You can also use the following tools or platforms to set up signing integrations
 
 - **PowerShell for Authenticode**: To use PowerShell for Artifact Signing, see [Artifact Signing](https://www.powershellgallery.com/packages/TrustedSigning/) in PowerShell Gallery to install the PowerShell module.
 
-- **Azure PowerShell - App Control for Business CI policy**: To use Artifact Signing for code integrity (CI) policy signing, follow the instructions in [Sign a new CI policy](./how-to-sign-ci-policy.md) and see [Az.TrustedSigning PowerShell Module](/powershell/azure/install-azps-windows).
+- **Azure PowerShell - App Control for Business CI policy**: To use Artifact Signing for code integrity (CI) policy signing, follow the instructions in [Sign a new CI policy](./how-to-sign-ci-policy.md) and download the [Az.ArtifactSigning PowerShell Module](https://www.powershellgallery.com/packages/Az.ArtifactSigning).
 
 - **Artifact Signing SDK**: To create your own signing integration, you can use our open-source [Artifact Signing SDK](https://www.nuget.org/packages/Azure.CodeSigning.Sdk). 
 
 
@@ -7,7 +7,7 @@ ms.service: azure-app-configuration
 ms.devlang: csharp
 # ms.devlang: csharp, java, python, javascript
 ms.topic: how-to
-ms.date: 08/25/2025
+ms.date: 02/11/2026
 ms.author: zhiyuanliang
 ms.custom: devx-track-azurecli
 
@@ -321,7 +321,14 @@ configurationBuilder.AddAzureAppConfiguration(options =>
 
 ### [Java Spring](#tab/spring)
 
-This feature isn't yet supported in the Azure App Configuration Java Spring Provider.
+Specify the `loadBalancingEnabled` property in the `application.properties` file of your application.
+
+```properties
+spring.cloud.azure.appconfiguration.stores[0].load-balancing-enabled=true
+```
+
+> [!NOTE]
+> Load balancing support is available if you use version **6.1.0** or later
 
 ### [Kubernetes](#tab/kubernetes)