HOTSPOT - You need to configure a connector for the driving record verification API. How should you configure the system? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Hot Area:
Suggested Answer:
Box 1: OAuth 2.0 - Use API keys if you expect developers to build internal applications that don't need to access more than a single user's data. Use OAuth access tokens if you want users to easily provide authorization to applications without needing to share private data or dig through developer documentation. Requirements. Driving record verification ג€¢ Driving record verification must only be performed once for each candidate. ג€¢ Information required for driving record verification must be sent to the driving record verification service automatically after the candidate's address is verified. ג€¢ The API must return a value of either Approved or Rejected to indicate whether the candidate has met the company's requirements. Box 2: Pass Credentials as parameters User makes an API call with the authorization header and the token gets validated by using validate-jwt policy in APIM by Azure AD. Note, see step 4 below. In this Diagram we can see the OAUTH flow with API Management in which:
1. The Developer Portal requests a token from Azure AD using app registration client id and client secret. 2. In the second step, the user is challenged to prove their identity by supplying User Credentials. 3. After successful validation, Azure AD issues the access/refresh token. 4. User makes an API call with the authorization header and the token gets validated by using validate-jwt policy in APIM by Azure AD. 5. Based on the validation result, the user will receive the response in the developer portal. Reference: https://zapier.com/engineering/apikey-oauth-jwt/ https://techcommunity.microsoft.com/t5/azure-paas-blog/protect-api-s-using-oauth-2-0-in-apim/ba-p/2309538
Driver record verification: The service uses a username and password for authentication.
I think it should be:
Basic
Authentication section in the connector configuration
1. Basic
2. Authentication section in the connector configuration
The case study clearly says 'The Driving Record verification service uses a username and password for authentication.'
https://learn.microsoft.com/en-us/training/modules/configure-custom-connectors-api/2-authentication
Service Provider section specifically says API key.
How to use API Key:
https://learn.microsoft.com/en-us/connectors/custom-connectors/connection-parameters
So it should be 1-C and 2-B, no?
It is weird to include credentails in the url as parameters (query string). It should be in the body of the http request. Hence it should be configured in the autentication section, so that the credentails will go into the header of the http request.
correction: It should be in the header of the http request (not body). Hence, I choose "authentication section"
upvoted 1 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
northstar88
Highly Voted 2 years, 1 month agoNet_IT
Most Recent 1 year, 2 months agonadien
1 year, 4 months agoFrank208
1 year, 5 months agoFrank208
1 year, 5 months ago