Update to use "." as segment separator

Author: Y-Sindo

articles/azure-functions/functions-bindings-web-pubsub.md

@@ -3,7 +3,7 @@ title: Azure Functions Web PubSub bindings
 description: Understand how to use Web PubSub bindings with Azure Functions.
 ms.topic: reference
 ms.custom: devx-track-extended-java, devx-track-js, devx-track-python
-ms.date: 09/02/2024
+ms.date: 01/28/2026
 zone_pivot_groups: programming-languages-set-functions-lang-workers
 ---
 
@@ -70,12 +70,12 @@ Add the extension to your project by installing this [NuGet package].
 By default, an application setting named `WebPubSubConnectionString` is used to store your Web PubSub connection string. When you choose to use a different setting name for your connection, you must explicitly set that as the key name in your binding definitions. During local development, you must also add this setting to the `Values` collection in the the [_local.settings.json_ file](./functions-develop-local.md#local-settings-file).
 
 > [!IMPORTANT]
-> A connection string includes the authorization information required for your application to access Azure Web PubSub service. The access key inside the connection string is similar to a root password for your service. For optimal security, your function app should use managed identities when connecting to the Web PubSub service instead of using a connection string. For more information, see [Authorize a managed identity request by using Microsoft Entra ID](../azure-web-pubsub/howto-authorize-from-managed-identity.md). 
+> A connection string includes the authorization information required for your application to access Azure Web PubSub service. The access key inside the connection string is similar to a root password for your service. For optimal security, your function app should use managed identities when connecting to the Web PubSub service instead of using a connection string. For more information, see [Authorize a managed identity request by using Microsoft Entra ID](../azure-web-pubsub/howto-authorize-from-managed-identity.md).
 
 For details on how to configure and use Web PubSub and Azure Functions together, refer to [Tutorial: Create a serverless notification app with Azure Functions and Azure Web PubSub service](../azure-web-pubsub/tutorial-serverless-notification.md).
 ::: zone pivot="programming-language-csharp"
 > [!NOTE]
-> When running in the isolated worker model, the Azure Web PubSub binding doesn't currently support Microsoft Entra ID authetication using managed identities. In the isolated model, you must continue to use a connection string, which includes a shared secret key.
+> When running in the isolated worker model, the Azure Web PubSub binding doesn't currently support Microsoft Entra ID authentication using managed identities. In the isolated model, you must continue to use a connection string, which includes a shared secret key.
 ::: zone-end
 ## Next steps
 

articles/azure-web-pubsub/concept-client-protocols.md

@@ -5,7 +5,7 @@ author: vicancy
 ms.author: lianwei
 ms.service: azure-web-pubsub
 ms.topic: conceptual
-ms.date: 11/08/2021
+ms.date: 01/28/2026
 ms.custom: sfi-ropc-nochange
 ---
 
@@ -234,7 +234,7 @@ await service.grantPermission("<connection_id>", "joinLeaveGroup", { targetName:
 ```
 
 > [!NOTE]
-> Wildcard roles (e.g., `webpubsub.sendToGroups.<pattern>`) are not supported in REST APIs or server SDKs during runtime yet. This feature will be supported in a future update.
+> Assigning wildcard roles (e.g., `webpubsub.sendToGroups.<pattern>`)  through REST APIs or server SDKs are not supported yet. This feature will be supported in a future update.
 
 
 ## Next steps

articles/azure-web-pubsub/concept-wildcard-group-roles.md

@@ -5,7 +5,7 @@ author: kevinguo-ed
 ms.author: kevinguo
 ms.service: azure-web-pubsub
 ms.topic: conceptual
-ms.date: 10/14/2025
+ms.date: 01/28/2026
 ms.custom:
 ---
 
@@ -36,11 +36,11 @@ Use pattern roles when:
 
 | Symbol | Meaning |
 | ------ | ------- |
-| `?` | Matches exactly one character except `/` |
-| `*` | Matches zero or more characters except `/` |
-| `**` | Matches zero or more characters including `/` (crosses segment boundaries) |
+| `?` | Matches exactly one character except `.` |
+| `*` | Matches zero or more characters except `.` |
+| `**` | Matches zero or more characters including `.` (crosses segment boundaries) |
 | `\` | Escape character for `\`, `*`, `?` |
-| `/` | Acts as a hierarchy separator and is never matched by `?` or `*` (only by `**`). |
+| `.` | Acts as a hierarchy separator and is never matched by `?` or `*` (only by `**`). |
 
 Additional rules:
 - Up to five total `*` characters (including those forming `**`) are allowed in a single pattern.
@@ -49,10 +49,10 @@ Additional rules:
 
 | Pattern | Matches | Does not match |
 | ------- | ------- | -------------- |
-| `chat-*` | `chat-1`, `chat-room` | `chat/1`, `xchat-1` |
-| `clientA/*` | `clientA/alpha`, `clientA/1` | `clientA/alpha/room1`, `clientB/alpha` |
-| `clientA/**` | `clientA/alpha`, `clientA/alpha/room1` | `clientB/anything` |
-| `clientA/rooms/?1` | `clientA/rooms/a1`, `clientA/rooms/11` | `clientA/rooms/1`, `clientA/rooms/a/1` |
+| `chat-*` | `chat-1`, `chat-room` | `chat.1`, `xchat-1` |
+| `clientA.*` | `clientA.alpha`, `clientA.1` | `clientA.alpha.room1`, `clientB.alpha` |
+| `clientA.**` | `clientA.alpha`, `clientA.alpha.room1` | `clientB.anything` |
+| `clientA.rooms.?1` | `clientA.rooms.a1`, `clientA.rooms.11` | `clientA.rooms.1`, `clientA.rooms.a.1` |
 | `literal\*star` | `literal*star` | `literalXstar` |
 
 ### Escaping
@@ -70,10 +70,10 @@ Add the pattern role to the `roles` collection when generating a client access t
 ```js
 const token = await serviceClient.getClientAccessToken({
   roles: [
-    // Can send to all groups under clientA/
-  'webpubsub.sendToGroups.clientA/**',
-    // Can join/leave any direct child group under public/
-  'webpubsub.joinLeaveGroups.public/*'
+    // Can send to all groups under clientA.
+  'webpubsub.sendToGroups.clientA.**',
+    // Can join/leave any direct child group under public.
+  'webpubsub.joinLeaveGroups.public.*'
   ]
 });
 ```
@@ -82,34 +82,34 @@ const token = await serviceClient.getClientAccessToken({
 
 ```csharp
 var url = service.GetClientAccessUri(roles: new [] {
-    // Can send to all groups under clientA/
-  "webpubsub.sendToGroups.clientA/**",
-    // Can join/leave any direct child group under public/
-  "webpubsub.joinLeaveGroups.public/*"
+    // Can send to all groups under clientA.
+  "webpubsub.sendToGroups.clientA.**",
+    // Can join/leave any direct child group under public.
+  "webpubsub.joinLeaveGroups.public.*"
 });
 ```
 
 # [Python](#tab/python)
 
 ```python
 token = service.get_client_access_token(roles=[
-  # Can send to all groups under clientA/
-  "webpubsub.sendToGroups.clientA/**",
+  # Can send to all groups under clientA.
+  "webpubsub.sendToGroups.clientA.**",
 
-  # Can join/leave any direct child group under public/
-  "webpubsub.joinLeaveGroups.public/*"
+  # Can join/leave any direct child group under public.
+  "webpubsub.joinLeaveGroups.public.*"
 ])
 ```
 
 # [Java](#tab/java)
 
 ```java
 GetClientAccessTokenOptions opt = new GetClientAccessTokenOptions();
-// Can send to all groups under clientA/
-opt.addRole("webpubsub.sendToGroups.clientA/**");
+// Can send to all groups under clientA.
+opt.addRole("webpubsub.sendToGroups.clientA.**");
 
-// Can join/leave any direct child group under public/
-opt.addRole("webpubsub.joinLeaveGroups.public/*");
+// Can join/leave any direct child group under public.
+opt.addRole("webpubsub.joinLeaveGroups.public.*");
 WebPubSubClientAccessToken token = service.getClientAccessToken(opt);
 ```
 

articles/azure-web-pubsub/whats-new.md

@@ -5,15 +5,15 @@ author: kevinguo-ed
 ms.author: kevinguo
 ms.service: azure-web-pubsub
 ms.topic: conceptual
-ms.date: 10/14/2025
+ms.date: 01/28/2026
 ms.custom: mode-other
 ---
 
 # What's new with Azure Web PubSub
 
 On this page, you can read about recent updates about Azure Web PubSub. As we make continuous improvements to the capabilities and developer experience of the service, we welcome any feedback and suggestions. Reach out to the service team at **[email protected]**
 
-## Q4 2025
+## Q1 2026
 
 ### Wildcard group role patterns
 
@@ -22,7 +22,7 @@ You can now grant a client permissions to many related groups using a single wil
 - `webpubsub.sendToGroups.{pattern}`
 - `webpubsub.joinLeaveGroups.{pattern}`
 
-Patterns support `?`, `*`, and `**` (where `**` can cross `/` separators) plus escaping. This reduces token size and simplifies hierarchical, path-style group authorization (for example: `clientA/**`). Existing literal roles (`webpubsub.sendToGroup.<group>` and `webpubsub.joinLeaveGroup.<group>`) continue to work unchanged.
+Patterns support `?`, `*`, and `**` (where `**` can cross `.` separators) plus escaping. This reduces token size and simplifies hierarchical, path-style group authorization (for example: `clientA.**`). Existing literal roles (`webpubsub.sendToGroup.<group>` and `webpubsub.joinLeaveGroup.<group>`) continue to work unchanged.
 
 > [!div class="nextstepaction"]
 > [Learn how to use wildcard group role patterns](./concept-wildcard-group-roles.md)