Merge branch 'main' into patch-11

Author: kondalarao-MSFT

.openpublishing.publish.config.json

@@ -500,6 +500,12 @@
             "branch": "v1.x",
             "branch_mapping": {}
         },
+        {
+            "path_to_root": "functions-scenarios-quickstart-sql",
+            "url": "https://github.com/Azure-Samples/functions-quickstart-dotnet-azd-sql",
+            "branch": "main",
+            "branch_mapping": {}
+        },        
         {
             "path_to_root": "functions-sql-todo-sample",
             "url": "https://github.com/Azure-Samples/azure-sql-binding-func-dotnet-todo",

.openpublishing.redirection.json

@@ -33,6 +33,8 @@
       href: ./tutorials/register-apis.md
     - name: 3 - Add environments and deployments
       href: ./tutorials/configure-environments-deployments.md
+    - name: 4 - Link an API Management instance
+      href: ../api-management/tutorials/link-api-center.md
   expanded: true
 - name: API inventory
   items:
@@ -121,4 +123,4 @@
   - name: Azure updates
     href: https://aka.ms/apic/updates
   - name: MCP Center
-    href: https://mcp.azure.com
+    href: https://mcp.azure.com

articles/api-center/TOC.yml

@@ -63,6 +63,8 @@
       href: api-management-howto-developer-portal-customize.md
     - name: 10 - Manage APIs in Visual Studio Code
       href: visual-studio-code-tutorial.md
+    - name: 11 - Link to an API Center
+      href: tutorials/link-api-center.md
   expanded: true
 - name: Deployment and operations
   items:

articles/api-management/TOC.yml

@@ -23,7 +23,7 @@ In this article, you learn about ways to authenticate and authorize to Azure Ope
 
 For background, see:
 
-* [Azure OpenAI Service REST API reference](/azure/ai-services/openai/reference)
+* [Azure OpenAI Service REST API reference](/azure/ai-foundry/openai/reference)
 
 * [Authentication and authorization to APIs in API Management](authentication-authorization-overview.md).
 
@@ -80,13 +80,13 @@ In this example, the named value in API Management is *openai-api-key*.
 ## Authenticate with managed identity
 
 An alternative and recommended way to authenticate to an Azure OpenAI API is by using a managed identity in Microsoft Entra ID. For background, see
-[How to configure Azure OpenAI Service with managed identity](/azure/ai-services/openai/how-to/managed-identity).
+[How to configure Azure OpenAI Service with managed identity](/azure/api-management/api-management-authenticate-authorize-azure-openai).
 
 Following are steps to configure your API Management instance to use a managed identity to authenticate requests to an Azure OpenAI API. 
 
 1. [Enable](api-management-howto-use-managed-service-identity.md) a system-assigned or user-assigned managed identity for your API Management instance. The following example assumes that you've enabled the instance's system-assigned managed identity.
 
-1. Assign the managed identity the **Cognitive Services OpenAI User** role, scoped to the appropriate resource. For example, assign the system-assigned managed identity the **Cognitive Services OpenAI User** role on the Azure OpenAI resource. For detailed steps, see [Role-based access control for Azure OpenAI service](/azure/ai-services/openai/how-to/role-based-access-control).
+1. Assign the managed identity the **Cognitive Services OpenAI User** role, scoped to the appropriate resource. For example, assign the system-assigned managed identity the **Cognitive Services OpenAI User** role on the Azure OpenAI resource. For detailed steps, see [Role-based access control for Azure OpenAI service](/azure/ai-foundry/openai/how-to/role-based-access-control).
 
 1. Add the following policy snippet in the `inbound` policy section to authenticate requests to the Azure OpenAI API using the managed identity. 
 
@@ -163,5 +163,5 @@ Following are high level steps to restrict API access to users or apps that are
 
 ## Related content
 
-* Learn more about [Microsoft Entra ID and OAuth2.0](../active-directory/develop/authentication-vs-authorization.md).  
+* Learn more about [Microsoft Entra ID and OAuth2.0](/entra/architecture/auth-oauth2).  
 * [Authenticate requests to Azure AI services](/azure/ai-services/authentication)

articles/api-management/api-management-authenticate-authorize-azure-openai.md

@@ -6,7 +6,7 @@ author: dlepow
 
 ms.service: azure-api-management
 ms.topic: how-to
-ms.date: 09/11/2025
+ms.date: 10/27/2025
 ms.author: danlep
 ms.custom: sfi-image-nochange
 
@@ -44,10 +44,10 @@ To complete this tutorial, you need to:
 
 + [Create an Azure API Management instance](get-started-create-service-instance.md)
 + Understand [caching in Azure API Management](api-management-howto-cache.md)
-+ Have an [Azure Managed Redis](../redis/quickstart-create-managed-redis.md), [Azure Cache for Redis](../azure-cache-for-redis/quickstart-create-redis.md), or another Redis-compatible cache available.
++ Have an [Azure Managed Redis](../redis/quickstart-create-managed-redis.md) or another Redis-compatible cache available.
 
     > [!IMPORTANT]
-    > Azure API Management uses a Redis connection string to connect to the cache. If you use Azure Cache for Redis or Azure Managed Redis, enable access key authentication in your cache to use a connection string. Currently, you can't use Microsoft Entra authentication to connect Azure API Management to Azure Cache for Redis or Azure Managed Redis.
+    > Azure API Management uses a Redis connection string to connect to the cache. If you use Azure Managed Redis, enable access key authentication in your cache to use a connection string. Currently, you can't use Microsoft Entra authentication to connect Azure API Management to Azure Managed Redis.
 
 ### Redis cache for Kubernetes
 
@@ -57,7 +57,7 @@ For an API Management self-hosted gateway, caching requires an external cache. F
 
 Follow the steps below to add an external Redis-compatible cache in Azure API Management. You can limit the cache to a specific gateway in your API Management instance.
 
-![Screenshot that shows how to add an external Azure Cache for Redis in Azure API Management.](media/api-management-howto-cache-external/add-external-cache.png)
+![Screenshot that shows how to add an external Azure Managed Redis cache in Azure API Management.](media/api-management-howto-cache-external/add-external-cache.png)
 
 ### Use from setting
 
@@ -76,7 +76,7 @@ The **Use from** setting in the configuration specifies the location of your API
 > [!NOTE]
 > You can configure the same external cache for more than one API Management instance. The API Management instances can be in the same or different regions. When sharing the cache for more than one instance, you must select **Default** in the **Use from** setting. 
 
-### Add an Azure Cache for Redis or Azure Managed Redis instance from the same subscription
+### Add an Azure Managed Redis instance from the same subscription
 
 1. Browse to your API Management instance in the Azure portal.
 1. In the left menu, under **Deployment + infrastructure** select **External cache**.
@@ -85,14 +85,17 @@ The **Use from** setting in the configuration specifies the location of your API
 1. In the [**Use from**](#use-from-setting) dropdown, select **Default** or specify the desired region. The **Connection string** is automatically populated.
 1. Select **Save**.
 
+> [!NOTE]
+> The default connection string is in the form `<cache-name>:10000,<cache-access-key>,ssl=True,abortConnect=False`. API Management stores the string as a secret named value. If you need to view or edit the string to  rotate the access key or troubleshoot connection issues, go to the **Named values** blade.
+
 ### Add a Redis-compatible cache hosted outside of the current Azure subscription or Azure in general
 
 1. Browse to your API Management instance in the Azure portal.
 1. In the left menu, under **Deployment + infrastructure** select **External cache**.
 1. Select **+ Add**.
 1. In the **Cache instance** dropdown, select **Custom**.
 1. In the [**Use from**](#use-from-setting) dropdown, select **Default** or specify the desired region.
-1. Enter your Azure Cache for Redis, Azure Managed Redis, or Redis-compatible cache connection string in the **Connection string** field.
+1. Enter your Azure Managed Redis or Redis-compatible cache connection string in the **Connection string** field.
 1. Select **Save**.
 
 ### Add a Redis cache to a self-hosted gateway

articles/api-management/api-management-howto-cache-external.md

@@ -82,7 +82,7 @@ With the caching policies shown in this example, the first request to a test ope
 1. Select **Save**.
 
 > [!TIP]
-> If you're using an external cache, as described in [Use an external Azure Cache for Redis in Azure API Management](api-management-howto-cache-external.md), you might want to specify the `caching-type` attribute of the caching policies. See [API Management caching policies](api-management-policies.md#caching) for more information.
+> If you're using an external cache, as described in [Use an external Redis-compatible cache in Azure API Management](api-management-howto-cache-external.md), you might want to specify the `caching-type` attribute of the caching policies. See [API Management caching policies](api-management-policies.md#caching) for more information.
 
 ## Call an operation to test the caching
 

articles/api-management/api-management-howto-cache.md

@@ -55,7 +55,7 @@ Create an app registration in your Microsoft Entra ID tenant. The app registrati
     * In the **Supported account types** section, select **Accounts in this organizational directory only**.
     * In **Redirect URI**, select **Single-page application (SPA)** and enter the following URL: `https://{your-api-management-service-name}.developer.azure-api.net/signin`, where `{your-api-management-service-name}` is the name of your API Management instance.
     * Select **Register** to create the application.
-1.On the app **Overview** page, find the **Application (client) ID** and **Directory (tenant) ID** and copy theses values to a safe location. You need them later.
+1.On the app **Overview** page, find the **Application (client) ID** and **Directory (tenant) ID** and copy these values to a safe location. You need them later.
 1. In the sidebar menu, under **Manage**, select **Certificates & secrets**. 
 1. From the **Certificates & secrets** page, on the **Client secrets** tab, select **+ New client secret**. 
     * Enter a **Description**.

articles/api-management/api-management-howto-entra-external-id.md

@@ -97,7 +97,7 @@ ApiManagementGatewayLlmLog
     RequestContent = tostring(RequestArray.content),
     ResponseContent = tostring(ResponseArray.content)
 | summarize
-    Input = strcat_aray(make_list(RequestContent), " . "),
+    Input = strcat_array(make_list(RequestContent), " . "),
     Output = strcat_array(make_list(ResponseContent), " . ")
     by CorrelationId
 | where isnotempty(Input) and isnotempty(Output)
@@ -121,4 +121,4 @@ For details to create and run a model evaluation in Azure AI Foundry, see [Evalu
 
 * [Learn more about monitoring API Management](monitor-api-management.md)
 * [Azure Monitor reference for API Management](monitor-api-management-reference.md)
-* [Tutorial: Monitor published APIs](api-management-howto-use-azure-monitor.md)
+* [Tutorial: Monitor published APIs](api-management-howto-use-azure-monitor.md)