Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam PL-400 All Questions

View all questions & answers for the PL-400 exam
Go to Exam

Exam PL-400 topic 23 question 1 discussion

Actual exam question from Microsoft's PL-400
Question #: 1
Topic #: 23
[All PL-400 Questions]

HOTSPOT -
You need to configure a connector for the driving record verification API.
How should you configure the system? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
Box 1: OAuth 2.0 -
Use API keys if you expect developers to build internal applications that don't need to access more than a single user's data. Use OAuth access tokens if you want users to easily provide authorization to applications without needing to share private data or dig through developer documentation.
Requirements. Driving record verification
ג€¢ Driving record verification must only be performed once for each candidate.
ג€¢ Information required for driving record verification must be sent to the driving record verification service automatically after the candidate's address is verified.
ג€¢ The API must return a value of either Approved or Rejected to indicate whether the candidate has met the company's requirements.
Box 2: Pass Credentials as parameters
User makes an API call with the authorization header and the token gets validated by using validate-jwt policy in APIM by Azure AD.
Note, see step 4 below.
In this Diagram we can see the OAUTH flow with API Management in which:

1. The Developer Portal requests a token from Azure AD using app registration client id and client secret.
2. In the second step, the user is challenged to prove their identity by supplying User Credentials.
3. After successful validation, Azure AD issues the access/refresh token.
4. User makes an API call with the authorization header and the token gets validated by using validate-jwt policy in APIM by Azure AD.
5. Based on the validation result, the user will receive the response in the developer portal.
Reference:
https://zapier.com/engineering/apikey-oauth-jwt/
https://techcommunity.microsoft.com/t5/azure-paas-blog/protect-api-s-using-oauth-2-0-in-apim/ba-p/2309538
by northstar88 at Sept. 15, 2022, 9:41 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
northstar88
Highly Voted 2 years, 1 month ago
Driver record verification: The service uses a username and password for authentication. I think it should be: Basic Authentication section in the connector configuration
upvoted 23 times
...
Net_IT
Most Recent 1 year, 2 months ago
1. Basic 2. Authentication section in the connector configuration The case study clearly says 'The Driving Record verification service uses a username and password for authentication.' https://learn.microsoft.com/en-us/training/modules/configure-custom-connectors-api/2-authentication
upvoted 1 times
...
nadien
1 year, 4 months ago
Service Provider section specifically says API key. How to use API Key: https://learn.microsoft.com/en-us/connectors/custom-connectors/connection-parameters So it should be 1-C and 2-B, no?
upvoted 1 times
...
Frank208
1 year, 5 months ago
It is weird to include credentails in the url as parameters (query string). It should be in the body of the http request. Hence it should be configured in the autentication section, so that the credentails will go into the header of the http request.
upvoted 1 times
Frank208
1 year, 5 months ago
correction: It should be in the header of the http request (not body). Hence, I choose "authentication section"
upvoted 1 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel