Recommended Solution for App1 Access Reviews
Question
Your company purchases an app named App1.
You need to recommend a solution to ensure that App1 can read and modify access reviews.
What should you recommend?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.D
The app must be registered. You can register the application in the Azure Active Directory admin center.
The Azure AD access reviews feature has an API in the Microsoft Graph endpoint.
You can register an Azure AD application and set it up for permissions to call the access reviews API in Graph.
https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-appDesign a Data Platform Solution
The scenario described in the question is that your company has purchased an app named App1 and you need to recommend a solution to ensure that App1 can read and modify access reviews.
To accomplish this, you need to delegate permissions to App1. This means that you will allow App1 to perform certain actions on behalf of your organization.
Option A: From API Management services, publish the API of App1, and then delegate permissions to the Microsoft Graph API.
API Management is a service provided by Azure that allows you to publish, manage, and secure APIs. If you choose this option, you would publish the API of App1 through API Management, and then delegate permissions to the Microsoft Graph API.
However, this option may not be the best choice for this scenario because it assumes that App1 has an API that can be published through API Management. If App1 does not have an API, then this option would not be appropriate.
Option B: From API Management services, publish the API of App1. From the Access control (IAM) blade, delegate permissions.
This option is similar to Option A, but instead of delegating permissions to the Microsoft Graph API, you would delegate permissions from the Access control (IAM) blade. This option assumes that App1 has an API that can be published through API Management, but it does not assume that you need to delegate permissions to the Microsoft Graph API.
Option C: From the Azure Active Directory admin center, register App1, and then delegate permissions to the Microsoft Graph API.
Azure Active Directory (Azure AD) is a cloud-based identity and access management service provided by Azure. If you choose this option, you would register App1 in the Azure AD admin center, and then delegate permissions to the Microsoft Graph API.
This option is appropriate if you need to delegate permissions to the Microsoft Graph API, but it assumes that App1 is not already registered in Azure AD.
Option D: From the Azure Active Directory admin center, register App1. From the Access control (IAM) blade, delegate permissions.
This option is similar to Option C, but instead of delegating permissions to the Microsoft Graph API, you would delegate permissions from the Access control (IAM) blade. This option assumes that App1 is not already registered in Azure AD, but it does not assume that you need to delegate permissions to the Microsoft Graph API.
Therefore, the best answer to this question is Option C: From the Azure Active Directory admin center, register App1, and then delegate permissions to the Microsoft Graph API. This option assumes that App1 is not already registered in Azure AD and that you need to delegate permissions to the Microsoft Graph API.
