MicrosoftDocs
diff --git a/‎.openpublishing.redirection.json‎
Lines changed: 84 additions & 0 deletions b/‎.openpublishing.redirection.json‎
Lines changed: 84 additions & 0 deletions
diff --git a/‎articles/api-management/api-management-howto-mutual-certificates.md‎
Lines changed: 5 additions & 9 deletions b/‎articles/api-management/api-management-howto-mutual-certificates.md‎
Lines changed: 5 additions & 9 deletions
diff --git a/‎articles/api-management/azure-ai-foundry-api.md‎
Lines changed: 28 additions & 20 deletions b/‎articles/api-management/azure-ai-foundry-api.md‎
Lines changed: 28 additions & 20 deletions
@@ -4,6 +4,90 @@
       "source_path": "articles/sentinel/datalake/sentinel-mcp-chatgpt-connector.md",
       "redirect_url": "/azure/sentinel/datalake/sentinel-mcp-chatgpt-claude-connector",
       "redirect_document_id": false
+    },
+      "source_path": "articles/data-factory/airflow-configurations.md",
+      "redirect_url": "/previous-versions/azure/data-factory/airflow-configurations",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/data-factory/airflow-get-ip-airflow-cluster.md",
+      "redirect_url": "/previous-versions/azure/data-factory/airflow-get-ip-airflow-cluster",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/data-factory/airflow-import-dags-blob-storage.md",
+      "redirect_url": "/previous-versions/azure/data-factory/airflow-import-dags-blob-storage",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/data-factory/airflow-install-private-package.md",
+      "redirect_url": "/previous-versions/azure/data-factory/airflow-install-private-package",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/data-factory/airflow-pricing.md",
+      "redirect_url": "/previous-versions/azure/data-factory/airflow-pricing",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/data-factory/airflow-sync-github-repository.md",
+      "redirect_url": "/previous-versions/azure/data-factory/airflow-sync-github-repository",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/data-factory/ci-cd-pattern-with-airflow.md",
+      "redirect_url": "/previous-versions/azure/data-factory/ci-cd-pattern-with-airflow",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/data-factory/concepts-workflow-orchestration-manager.md",
+      "redirect_url": "/previous-versions/azure/data-factory/concepts-workflow-orchestration-manager",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/data-factory/create-airflow-environment.md",
+      "redirect_url": "/previous-versions/azure/data-factory/create-airflow-environment",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/data-factory/delete-dags-in-workflow-orchestration-manager.md",
+      "redirect_url": "/previous-versions/azure/data-factory/delete-dags-in-workflow-orchestration-manager",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/data-factory/diagnostic-logs-and-metrics-for-workflow-orchestration-manager.md",
+      "redirect_url": "/previous-versions/azure/data-factory/diagnostic-logs-and-metrics-for-workflow-orchestration-manager",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/data-factory/enable-azure-key-vault.md",
+      "redirect_url": "/previous-versions/azure/data-factory/enable-azure-key-vault",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/data-factory/get-started-with-workflow-orchestration-manager.md",
+      "redirect_url": "/previous-versions/azure/data-factory/get-started-with-workflow-orchestration-manager",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/data-factory/kubernetes-secret-pull-image-from-private-container-registry.md",
+      "redirect_url": "/previous-versions/azure/data-factory/kubernetes-secret-pull-image-from-private-container-registry",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/data-factory/password-change-airflow.md",
+      "redirect_url": "/previous-versions/azure/data-factory/password-change-airflow",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/data-factory/rest-apis-for-airflow-integrated-runtime.md",
+      "redirect_url": "/previous-versions/azure/data-factory/rest-apis-for-airflow-integrated-runtime",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/data-factory/tutorial-run-existing-pipeline-with-airflow.md",
+      "redirect_url": "/previous-versions/azure/data-factory/tutorial-run-existing-pipeline-with-airflow",
+      "redirect_document_id": false
     },
     {
       "source_path": "articles/iot-hub/horizontal-arm-route-messages.md",
 
@@ -7,7 +7,7 @@ author: dlepow
 
 ms.service: azure-api-management
 ms.topic: how-to
-ms.date: 11/14/2025
+ms.date: 03/31/2026
 ms.author: danlep 
 ms.custom:
   - devx-track-azurepowershell
@@ -35,7 +35,6 @@ API Management provides two options for managing certificates that are used to s
 
 [!INCLUDE [api-management-workspace-key-vault-availability](../../includes/api-management-workspace-key-vault-availability.md)]
 
-
 We recommend that you use key vault certificates because doing so improves API Management security:
 
 * Certificates stored in key vaults can be reused across services.
@@ -49,14 +48,11 @@ We recommend that you use key vault certificates because doing so improves API M
 * If you haven't created an API Management instance yet, see [Create an API Management service instance](get-started-create-service-instance.md).
 * Configure your backend service client certificate authentication. For information about configuring certificate authentication in Azure App Service, see [Configure TLS mutual authentication in App Service][to configure certificate authentication in Azure WebSites refer to this article]. 
 * Ensure that you have access to the certificate and the password for management in an Azure key vault, or a certificate to upload to the API Management service. The certificate must be in PFX format. Self-signed certificates are allowed. 
-* If you use a self-signed certificate or other custom CA certificate and your API Management instance is in one of the classic tiers, install the corresponding root and intermediate CA certificates in API Management to enable validation of the backend service certificate. For more information, see [How to add a custom CA certificate in Azure API Management](api-management-howto-ca-certificates.md)
-
-    If you don't install the CA certificates, API Management can't validate the backend service certificate, and requests to the backend service fail unless you disable certificate chain validation. See [Disable certificate chain validation for self-signed certificates](#disable-certificate-chain-validation-for-self-signed-certificates) later in this article.
-
-    [!INCLUDE [api-management-ca-certificate-v2-tiers](../../includes/api-management-ca-certificate-v2-tiers.md)]
+* If you use a self-signed certificate and your API Management instance is in one of the classic tiers, disable certificate chain validation. See [Disable certificate chain validation for self-signed certificates](#disable-certificate-chain-validation-for-self-signed-certificates) later in this article.
 
     > [!NOTE]
-    > CA certificates for certificate validation aren't supported in the Consumption tier.
+    > When a client certificate is used by API Management for **outbound authentication** (for example, when API Management presents the certificate to a backend service), you don't need to upload the root or intermediate CA certificates to the API Management CA store. In this scenario, API Management *presents* the client certificate and doesn't perform certificate chain validation.<br/><br/>
+    > Uploading trusted root or intermediate CA certificates is only required when API Management must *validate* a certificate chain, such as during inbound client certificate authentication.
 
 [!INCLUDE [api-management-client-certificate-key-vault](../../includes/api-management-client-certificate-key-vault.md)]
 
@@ -118,4 +114,4 @@ To delete a certificate, select **Delete** on the ellipsis (**...**) menu:
 [Create an API Management service instance]: get-started-create-service-instance.md
 
 [WebApp-GraphAPI-DotNet]: https://github.com/AzureADSamples/WebApp-GraphAPI-DotNet
-[to configure certificate authentication in Azure WebSites refer to this article]: ../app-service/app-service-web-configure-tls-mutual-auth.md
+[to configure certificate authentication in Azure WebSites refer to this article]: ../app-service/app-service-web-configure-tls-mutual-auth.md
@@ -5,7 +5,7 @@ ms.service: azure-api-management
 author: dlepow
 ms.author: danlep
 ms.topic: how-to
-ms.date: 03/24/2026
+ms.date: 03/30/2026
 ms.update-cycle: 180-days
 ms.collection: ce-skilling-ai-copilot
 ms.custom: template-how-to, build-2024
@@ -17,29 +17,37 @@ ms.custom: template-how-to, build-2024
 
 You can import AI model endpoints deployed in Microsoft Foundry to your API Management instance as APIs. Use AI gateway policies and other capabilities in API Management to simplify integration, improve observability, and enhance control over the model endpoints.
 
-Learn more about managing AI APIs in API Management:
+To learn more about managing AI APIs in API Management, see:
 
 * [AI gateway capabilities in Azure API Management](genai-gateway-capabilities.md)
 
 ## Client compatibility options
 
-API Management supports two client compatibility options for AI APIs from Microsoft Foundry. When you import the API using the wizard, choose the option suitable for your model deployment. The option determines how clients call the API and how the API Management instance routes requests to the Foundry tool.
+API Management supports the following client compatibility options for AI APIs from Microsoft Foundry. When you import the API by using the wizard, choose the option suitable for your model deployment. The option determines how clients call the API and how the API Management instance routes requests to the Foundry tool.
 
 * **Azure OpenAI**: Manage Azure OpenAI in Microsoft Foundry model deployments.
 
-    Clients call the deployment at an `/openai` endpoint such as `/openai/deployments/my-deployment/chat/completions`. Deployment name is passed in the request path. Use this option if your Foundry tool only includes Azure OpenAI model deployments.
+    Clients call the deployment at an `/openai` endpoint such as `/openai/deployments/my-deployment/chat/completions`. The request path includes the deployment name. Use this option if your Foundry tool only includes Azure OpenAI model deployments. 
 
 * **Azure AI**: Manage model endpoints in Microsoft Foundry that are exposed through the [Azure AI Model Inference API](/rest/api/aifoundry/modelinference/).
 
-    Clients call the deployment at a `/models` endpoint such as `/my-model/models/chat/completions`. Deployment name is passed in the request body. Use this option if you want flexibility to switch between models exposed through the Azure AI Model Inference API and those deployed in Azure OpenAI in Foundry Models.
+    Clients call the deployment at a `/models` endpoint such as `/my-model/models/chat/completions`. The request body includes the deployment name. Use this option if you want flexibility to switch between models exposed through the Azure AI Model Inference API and those deployed in Azure OpenAI in Foundry Models.
+
+* **Azure OpenAI v1** - Manage Azure OpenAI in Microsoft Foundry model deployments, using the [Azure OpenAI API version 1 API](/azure/foundry/openai/api-version-lifecycle). 
+
+    Clients call the deployment at an Azure OpenAI v1 model endpoint such as `openai/v1/my-model/chat/completions`. The request body includes the deployment name. 
 
 ## Prerequisites
 
 * An existing API Management instance. [Create one if you haven't already](get-started-create-service-instance.md).
 
 * A Foundry tool in your subscription with one or more models deployed. Examples include models deployed in Microsoft Foundry or Azure OpenAI.
 
-## Import Microsoft Foundry API using the portal
+- If you want to enable semantic caching for the API, see [Enable semantic caching of responses](azure-openai-enable-semantic-caching.md) for prerequisites.
+
+- If you want to enforce content safety checks on the API, see [Enforce content safety checks on LLM requests](llm-content-safety-policy.md) for prerequisites.
+
+## Import Microsoft Foundry API by using the portal
 
 Use the following steps to import an AI API to API Management.
 
@@ -48,28 +56,29 @@ When you import the API, API Management automatically configures:
 * Operations for each of the API's REST API endpoints.
 * A system-assigned identity with the necessary permissions to access the Foundry tool deployment.
 * A [backend](backends.md) resource and a [set-backend-service](set-backend-service-policy.md) policy that direct API requests to the Azure AI Services endpoint.
-* Authentication to the backend using the instance's system-assigned managed identity.
+* Authentication to the backend by using the instance's system-assigned managed identity.
 * (optionally) Policies to help you monitor and manage the API.
 
 To import a Microsoft Foundry API to API Management:
 
-1. In the [Azure portal](https://portal.azure.com), navigate to your API Management instance.
+1. In the [Azure portal](https://portal.azure.com), go to your API Management instance.
 1. In the left menu, under **APIs**, select **APIs** > **+ Add API**.
 1. Under **Create from Azure resource**, select **Microsoft Foundry**.
 
     :::image type="content" source="media/azure-ai-foundry-api/ai-foundry-api.png" alt-text="Screenshot of creating an OpenAI-compatible API in the portal." :::
 1. On the **Select AI Service** tab:
     1. Select the **Subscription** in which to search for Foundry Tools. To get information about the model deployments in a service, select the **deployments** link next to the service name.
-       :::image type="content" source="media/azure-ai-foundry-api/deployments.png" alt-text="Screenshot of deployments for an AI service in the portal.":::
-    1. Select a Foundry tool.
+       :::image type="content" source="media/azure-ai-foundry-api/deployments.png" alt-text="Screenshot of deployments for an AI service in the portal." lightbox="media/azure-ai-foundry-api/deployments.png":::
+    1. Select a Foundry tool. 
     1. Select **Next**.
 1. On the **Configure API** tab:
     1. Enter a **Display name** and optional **Description** for the API.
     1. In **Base path**, enter a path that your API Management instance uses to access the deployment endpoint.
-    1. Optionally, select one or more **Products** to associate with the API.  
-    1. In **Client compatibility**, select either of the following based on the types of client you intend to support. See [Client compatibility options](#client-compatibility-options) for more information.
-        * **Azure OpenAI**: Select this option if your clients only need to access Azure OpenAI in Microsoft Foundry model deployments.
-        * **Azure AI**: Select this option if your clients need to access other models in Microsoft Foundry.
+    1. Optionally select one or more **Products** to associate with the API.  
+    1. In **Client compatibility**, select one of the following options based on the types of client you intend to support. See [Client compatibility options](#client-compatibility-options) for more information.
+        * **Azure OpenAI** - Select this option if your clients only need to access Azure OpenAI in Microsoft Foundry model deployments.
+        * **Azure AI** - Select this option if your clients need to access other models in Microsoft Foundry.
+        * **Azure OpenAI v1** - Select this option if you want to use the Azure OpenAI API version 1 with your Foundry model deployments. 
     1. Select **Next**.
 
         :::image type="content" source="media/azure-ai-foundry-api/client-compatibility.png" alt-text="Screenshot of Microsoft Foundry API configuration in the portal.":::
@@ -79,15 +88,14 @@ To import a Microsoft Foundry API to API Management:
     * [Track token usage](llm-emit-token-metric-policy.md)
 1. On the **Apply semantic caching** tab, optionally enter settings, or accept defaults that define the policies to help optimize performance and reduce latency for the API:
     * [Enable semantic caching of responses](azure-openai-enable-semantic-caching.md)
-1. On the **AI content safety**, optionally enter settings, or accept defaults to configure the Azure AI Content Safety service to block prompts with unsafe content:
+1. On the **AI content safety** tab, optionally enter settings or accept defaults to configure the Azure AI Content Safety service to block prompts with unsafe content:
     * [Enforce content safety checks on LLM requests](llm-content-safety-policy.md)
 1. Select **Review**.
-1. After settings are validated, select **Create**.
+1. After the portal validates the settings, select **Create**. 
 
 ## Test the AI API
 
-To ensure that your AI API is working as expected, test it in the API Management test console.
-
+To make sure your AI API works as expected, test it in the API Management test console. 
 1. Select the API you created in the previous step.
 1. Select the **Test** tab.
 1. Select an operation that's compatible with the model deployment.
@@ -108,9 +116,9 @@ To ensure that your AI API is working as expected, test it in the API Management
     ```
 
     > [!NOTE]
-    > In the test console, API Management automatically populates an **Ocp-Apim-Subscription-Key** header, and configures the subscription key of the built-in [all-access subscription](api-management-subscriptions.md#all-access-subscription). This key enables access to every API in the API Management instance. Optionally display the **Ocp-Apim-Subscription-Key** header by selecting the "eye" icon next to the **HTTP Request**.
+    > In the test console, API Management automatically adds an **Ocp-Apim-Subscription-Key** header and sets the subscription key for the built-in [all-access subscription](api-management-subscriptions.md#all-access-subscription). This key provides access to every API in the API Management instance. To optionally display the **Ocp-Apim-Subscription-Key** header, select the "eye" icon next to the **HTTP Request**.
 1. Select **Send**.
 
-    When the test is successful, the backend responds with a successful HTTP response code and some data. Appended to the response is token usage data to help you monitor and manage your language model token consumption.
+    When the test is successful, the backend responds with a successful HTTP response code and some data. The response includes token usage data to help you monitor and manage your language model token consumption.
 
 [!INCLUDE [api-management-define-api-topics.md](../../includes/api-management-define-api-topics.md)]