Developing Solutions for Microsoft Azure: AZ-204 Exam Answer Explanation

The Implicit Grant Type for Mobile Applications in Azure AD

Question

This question requires that you evaluate the underlined text to determine if it is correct.

Your Azure Active Directory Azure (Azure AD) tenant has an Azure subscription linked to it.

Your developer has created a mobile application that obtains Azure AD access tokens using the OAuth 2 implicit grant type.

The mobile application must be registered in Azure AD.

You require a redirect URI from the developer for registration purposes.

Instructions: Review the underlined text.

If it makes the statement correct, select 'No change is needed.' If the statement is incorrect, select the answer choice that makes the statement correct.

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

A.

For Native Applications you need to provide a Redirect URI, which Azure AD will use to return token responses.

https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code

The underlined text states that "You require a redirect URI from the developer for registration purposes." This statement is correct. Therefore, the correct answer is "No change is needed" (option A).

When a mobile application needs to access Azure AD resources, it must be registered in Azure AD. During the registration process, the developer needs to specify the redirect URI that Azure AD will use to send the authentication response back to the mobile application.

The redirect URI is a critical piece of information that the developer must provide during registration. It identifies the endpoint in the mobile application that Azure AD should redirect the user to after successful authentication. The redirect URI must be unique for each application and domain name.

The OAuth 2 implicit grant type is a flow that is commonly used in mobile applications. It allows the mobile application to obtain an access token without the need for a client secret. Instead, the client ID and redirect URI are used to authenticate the application.

In summary, the underlined text is correct as the developer needs to provide a redirect URI during the registration of the mobile application in Azure AD. Therefore, the correct answer is "No change is needed" (option A).