Merge pull request #314116 from MicrosoftDocs/main

Auto Publish – main to live - 2026-04-01 22:00 UTC

Author: learn-build-service-prod[bot]

.openpublishing.publish.config.json

@@ -290,6 +290,24 @@
             "branch": "main",
             "branch_mapping": {}
         },
+        {
+            "path_to_root": "functions-event-hub-azd-dotnet",
+            "url": "https://github.com/Azure-Samples/functions-quickstart-dotnet-azd-eventhub",
+            "branch": "main",
+            "branch_mapping": {}
+        },
+        {
+            "path_to_root": "functions-event-hub-azd-typescript",
+            "url": "https://github.com/Azure-Samples/functions-quickstart-typescript-azd-eventhub",
+            "branch": "main",
+            "branch_mapping": {}
+        },
+        {
+            "path_to_root": "functions-event-hub-azd-python",
+            "url": "https://github.com/Azure-Samples/functions-quickstart-python-azd-eventhub",
+            "branch": "main",
+            "branch_mapping": {}
+        },
         {
             "path_to_root": "azure-functions-templates-v3",
             "url": "https://github.com/Azure/azure-functions-templates",

articles/application-gateway/private-link.md

@@ -33,6 +33,9 @@ You may also choose to block inbound public (Internet) access to Application Gat
 
 All features supported by Application Gateway are supported when accessed through a private endpoint, including support for AGIC.
 
+> [!NOTE]
+> If your client application connects to App Gateway via a private IP, requires an idle timeout greater > than 4 minutes, and the client application does not send TCP keep-alive packets, contact > [email protected] to request initiation of keep‑alive from Application Gateway.
+
 ## Private Link components
 
 Four components are required to implement Private Link with Application Gateway:

articles/azure-functions/TOC.yml

@@ -56,6 +56,9 @@
     - name: Run scheduled tasks
       displayName: timer trigger, schedule
       href: scenario-scheduled-tasks.md
+    - name: Process real-time events
+      displayName: Event Hubs, streaming, events
+      href: scenario-real-time-events-processing.md
   - name: Developer tools
     items:
     - name: Azure Developer CLI

articles/azure-functions/functions-bindings-mcp.md

@@ -2,7 +2,7 @@
 title: Model context protocol bindings for Azure Functions
 description: Learn how you can expose your functions as model context protocol (MCP) tools using bindings in Azure Functions.
 ms.topic: reference
-ms.date: 02/20/2026
+ms.date: 04/01/2026
 ms.update-cycle: 180-days
 ms.custom: 
   - build-2025
@@ -27,7 +27,7 @@ The Azure Functions MCP extension enables you to use Azure Functions to create r
 [!INCLUDE [functions-mcp-extension-powershell-note](../../includes/functions-mcp-extension-powershell-note.md)]
 ## Prerequisites 
 
-+ When you use the SSE transport, the MCP extension relies on Azure Queue storage provided by the [default host storage account](./storage-considerations.md) (`AzureWebJobsStorage`). When using identity-based connections, make sure that your function app has at least the equivalent of these role-based permissions in the host storage account: [Storage Queue Data Reader](/azure/role-based-access-control/built-in-roles#storage-queue-data-reader) and [Storage Queue Data Message Processor](/azure/role-based-access-control/built-in-roles#storage-queue-data-message-processor).
++ When you use the SSE transport, the MCP extension relies on Azure Queue storage provided by the [default host storage account](./storage-considerations.md) (`AzureWebJobsStorage`). When using identity-based connections, make sure that your function app has at least the equivalent of these role-based permissions in the host storage account: [Storage Queue Data Contributor](/azure/role-based-access-control/built-in-roles/storage#storage-queue-data-contributor) and [Storage Queue Data Message Processor](/azure/role-based-access-control/built-in-roles/storage#storage-queue-data-message-processor).
 + When running locally, the MCP extension requires version 4.0.7030 of the [Azure Functions Core Tools](functions-run-local.md), or a later version.
 ::: zone pivot="programming-language-csharp"
 + Requires version 2.1.0 or later of the `Microsoft.Azure.Functions.Worker` package.

articles/azure-functions/functions-mcp-foundry-tools.md

@@ -147,7 +147,9 @@ To get the required credentials from the Azure portal:
     | **Token URL** | `https://login.microsoftonline.com/<TENANT_ID>/oauth2/v2.0/token` |
     | **Refresh URL** | `https://login.microsoftonline.com/<TENANT_ID>/oauth2/v2.0/token` |
 
-    Replace `<TENANT_ID>` with your actual tenant ID value.
+    Replace `<TENANT_ID>` with your actual tenant ID value. Save these values for later. 
+
+1. Select **Manage** > **Certificates & secrets**. Create a new client secret if there's not already one and copy its value for use later. 
 
 1. Select **Manage** > **Expose an API** and copy the existing scope.  
 
@@ -282,13 +284,11 @@ When you use OAuth identity passthrough, the agent prompts the user to sign in a
     | **Remote MCP Server endpoint** | The URL endpoint for your MCP server. | `https://contoso-mcp-tools.azurewebsites.net/runtime/webhooks/mcp` |
     | **Authentication** | The authentication method to use. | `OAuth Identity Passthrough` |
     | **Client ID** | The client ID of your function app Entra registration | `00001111-aaaa-2222-bbbb-3333cccc4444` |
+    | **Client secret** | The client secret of your function app Entra registration | `abcEFGhijkLMNopqRST` |
     | **Token URL** | The endpoint your server app calls to exchange an authorization code or credential for an access token. | `https://login.microsoftonline.com/aaaabbbb-0000-cccc-1111-dddd2222eeee/oauth2/v2.0/token` |
     | **Auth URL** | The endpoint where users are redirected to authenticate and grant authorization to your server app. | `https://login.microsoftonline.com/aaaabbbb-0000-cccc-1111-dddd2222eeee/oauth2/v2.0/authorize` |
     | **Refresh URL** | The endpoint used to obtain a new access token when the current one expires. | `https://login.microsoftonline.com/aaaabbbb-0000-cccc-1111-dddd2222eeee/oauth2/v2.0/token` |
-    | **Scopes** | The specific permissions or resource access levels your server app requests from the authorization server | `api://00001111-aaaa-2222-bbbb-3333cccc4444` |
-
-    >[!NOTE]  
-    >A **Client secret** value isn't needed, so leave this field blank.
+    | **Scopes** | The specific permissions or resource access levels your server app requests from the authorization server | `api://00001111-aaaa-2222-bbbb-3333cccc4444/user_impersonation` |
 
 1. Select **Connect** to create a connection to your MCP server endpoint. 
 
@@ -358,4 +358,4 @@ These additional articles can help you build your agent and function app capabil
 
 - [Register your MCP server in the organizational tool catalog](./register-mcp-server-api-center.md)
 
----
+---

articles/azure-functions/scenario-blob-storage-events.md

@@ -331,27 +331,7 @@ Use the `azd up` command to create the function app in a Flex Consumption plan a
 
 The Event Grid blob trigger processes files within seconds of upload. This speed demonstrates the near real-time capabilities of this approach compared to traditional polling-based blob triggers.
 
-## Redeploy your code
-
-Run the `azd up` command as many times as you need to both provision your Azure resources and deploy code updates to your function app.
-
->[!NOTE]
->Deployed code files are always overwritten by the latest deployment package.
-
-Your initial responses to `azd` prompts and any environment variables generated by `azd` are stored locally in your named environment. Use the `azd env get-values` command to review all of the variables in your environment that were used when creating Azure resources. 
-
-## Clean up resources
-
-When you're done working with your function app and related resources, use this command to delete the function app and its related resources from Azure. This action helps you avoid incurring any further costs:
-
-```console
-azd down --no-prompt
-```
-
->[!NOTE]  
->The `--no-prompt` option instructs `azd` to delete your resource group without a confirmation from you. 
->
->This command doesn't affect your local code project. 
+[!INCLUDE [functions-scenario-redeploy-cleanup](../../includes/functions-scenario-redeploy-cleanup.md)]
 
 ## Related content