Exam AZ-204 topic 4 question 57 discussion

It should be: 1. N In the example written here: https://learn.microsoft.com/en-us/azure/static-web-apps/configuration#example-configuration-file - If you go to the login page, you redirect to Github, just like in the question. - If the request got a 401 error (Unauthorized), it redirects the user to the login route (with 302 response), which then redirects to the GitHub login. But in this question, if you check what happens when the request got a 401 error (Unauthorized), it redirects to the AAD route (with 302 response), not to Github. So this part of the question and the example are different. 2. Y That part of the question seems the same as the example above. A non-existent file in the /images/ folder -> A 404 error. 3. Y That part of the question seems the same as the example above. GET requests from authenticated users in the registeredusers role are sent to the API. Authenticated users not in the registeredusers role and unauthenticated users are served a 401 error. 4. N It overrides the 401 error to the 302 and redirects the user to the AAD URL.

1) Y. login with github 2 ) Y. true because it is excluded from returning index.html in navigation fallback, so the other option is a 404 not found 3) Y. straight forward from first routes object 4) N. from https://learn.microsoft.com/en-us/azure/static-web-apps/configuration 401 is for requesting when unauthenticated but here are you are authenticated and so the error should be 403, because you are authenticated but don't have authorization ( due to not having the registeredusers role)

Answers are in documentation. It's 1 to 1 scenario from docs: 1. Yes (1 to 1 docs) 2. Yes (1 to 1 docs) 3. App allows "registeredusers" to open urls under /api/* but it does not redirect registered users there 4. Yes (1 to 1 docs) https://learn.microsoft.com/en-us/azure/static-web-apps/configuration#example-configuration-file

Unauthenticated users are challenged to authenticate with GitHub: Incorrect A non-existent file in the /images/ folder will generate a 404 response code: Correct HTTP GET method requests from authenticated users in the role named registeredusers are sent to the API folder: Correct Authenticated users that are not in the role named registeredusers and unauthenticated users are served a 401 HTTP error when accessing the API folder: Incorrect

3. N ,Qustion does not specify request to api/, only user request to api/ with GetMethod and in registeredUser role will be set to api request to any other route will not be sent to api even if in registeredUser role

1) NO - redirect to Ada 2) YES - redirect doesn't change response status 3) YES 4) NO - redirected to aad

Original answer seems correct. Remember that unautorized = getting 401. Also remember, that 404 error is not the same as page named 404.html

I don't get why everybody states that the third option should be yes. How I read the statement is that users in that role automaticly get redirected to the API path. But that is not what the configuration states. Only that users in that role have access to it. Not that they are redirected.

Got this on 6/28/2023 and passed with 850. I went with Y,N,Y,N. No idea if that is correct.

https://learn.microsoft.com/en-us/azure/static-web-apps/configuration#example-configuration-file I think based on the above config 1. Y - Unauthenticated users are challenged to authenticate with GitHub. 2. Y: An non-existent file in the /images/ folder results in a 404 error 3. Y: GET requests from authenticated users in the registeredusers role are sent to the API. 4. N: Authenticated users not in the administrator role and unauthenticated users are served a 401 error.

N,Y,Y,N https://learn.microsoft.com/en-us/azure/static-web-apps/configuration#example-configuration-file

N,Y,Y,N IS CORRECT

No - Unauthorized users receive a 401 response code, which subsequently redirects to "/.auth/login/aad" with a status code 302 (see responseOverrides). You will only be redirected to GitHub if the unauthenticated user routes to "/login". Yes - The files in the path "/images/*" with extensions png, jpg and gif are excluded from the fallback which means if the files with the mentioned extensions do not exist in the path, an 404 will be returned. The index.html fallback will be returned only if the file has an extension other than the excluded extensions. For example, if the file with name /images/xyz.svg will return index.html because the .svg extension is not excluded. But if the file is /images/unknown.jpg  and the file is not exist on the path will return 404. Yes -  No - In this case, if the user does not have registeredusers role, the 403 status code will be returned for the authenticated users.

No - Unauthorized users receive a 401 response code, which subsequently redirects to "/.auth/login/aad" with a status code 302 (see responseOverrides). You will only be redirected to GitHub if the unauthenticated user routes to "/login".Yes - The files in the path "/images/*" with extensions png, jpg and gif are excluded from the fallback which means if the files with the mentioned extensions do not exist in the path, an 404 will be returned. The index.html fallback will be returned only if the file has an extension other than the excluded extensions. For example, if the file with name /images/xyz.svg will return index.html because the .svg extension is not excluded. But if the file is /images/unknown.jpg  and the file is not exist on the path will return 404. Yes -  No - In this case, if the user does not have registeredusers role, the 403 status code will be returned for the authenticated users.

I saw the same configuration in this link. All answers are Yes. https://learn.microsoft.com/en-us/azure/static-web-apps/configuration

Haha, really different opinions about this one... really tricky, but I will giv it a try: 1) N . Unauthticated = 401 wich is redirected to .../login/aad (with 302 status). See aboezebal's comment. 2) Y. See rpatsev's comment below. Always returns 404 even though some are rewritten with index.html 3) Y. 4) N. Authenticated users but not in correct role = 403. Unautheticated user, see question.

Not sure 100% the answers, but all the cases are described and covered in https://learn.microsoft.com/en-us/azure/static-web-apps/configuration#example-configuration-file So, the answers with comments from the web-site 1. (Y ) /login : Unauthenticated users are challenged to authenticate with GitHub. 2. (Y) An non-existent file in the /images/ folder : A 404 error. 3. (Y) /api/admin : GET requests from authenticated users in the registeredusers role are sent to the API. 4. (Y) /api/admin : POST, PUT, PATCH, and DELETE requests from authenticated users in the administrator role are sent to the API. Authenticated users not in the administrator role and unauthenticated users are served a 401 error.