Question 68 of 179 from exam AZ-204: Developing Solutions for Microsoft Azure

Question 68 of 179 from exam AZ-204: Developing Solutions for Microsoft Azure

Question

DRAG DROP - You are developing an ASP.NET Core website that can be used to manage photographs which are stored in Azure Blob Storage containers.

Users of the website authenticate by using their Azure Active Directory (Azure AD) credentials.

You implement role-based access control (RBAC) role permissions on the containers that store photographs.

You assign users to RBAC roles.

You need to configure the website's Azure AD Application so that user's permissions can be used with the Azure Blob containers.

How should you configure the application? To answer, drag the appropriate setting to the correct location.

Each setting can be used once, more than once, or not at all.

You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Select and Place:

Settings Answer Area

client_id

profile API Permission Type
delegated Azure Storage

application Microsoft Graph —_ User.Read

user_impersonation

Explanations

Settings

client_id

profile

delegated

application

user_impersonation

Answer Area

API
Azure Storage

Microsoft Graph

Permission Type
user_impersonation delegated
User.Read delegated

Box 1: user_impersonation - Box 2: delegated - Example: 1

Select the API permissions section 2

Click the Add a permission button and then: Ensure that the My APIs tab is selected 3

In the list of APIs, select the API TodoListService-aspnetcore.

4

In the Delegated permissions section, ensure that the right permissions are checked: user_impersonation.

5

Select the Add permissions button.

Box 3: delegated - Example - 1

Select the API permissions section 2

Click the Add a permission button and then, Ensure that the Microsoft APIs tab is selected 3

In the Commonly used Microsoft APIs section, click on Microsoft Graph 4

In the Delegated permissions section, ensure that the right permissions are checked: User.Read.

Use the search box if necessary.

5

Select the Add permissions button Reference: https://docs.microsoft.com/en-us/samples/azure-samples/active-directory-dotnet-webapp-webapi-openidconnect-aspnetcore/calling-a-web-api-in-an-aspnet-core- web-application-using-azure-ad/