Question 86 of 179 from exam AZ-204: Developing Solutions for Microsoft Azure
Question
HOTSPOT - You are developing a web application that makes calls to the Microsoft Graph API.
You register the application in the Azure portal and upload a valid X509 certificate.
You create an appsettings.json file containing the certificate name, client identifier for the application, and the tenant identifier of the Azure Active Directory (Azure AD)
You create a method named ReadCertificate to return the X509 certificate by name.
You need to implement code that acquires a token by using the certificate.
How should you complete the code segment? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
![Answer Area
AuthenticationConfig config
xs09Certificate2 certificate
ConfidentialClientApplicationBuilder
GetAccountAsync()
GetAccountsAsync()
ConfidentialClientApplication
.WithCertificate(certificate)
-WithAuthority (new Uri (config.Authority))
-Build();
string[] scopes = new string[] { $"{config.ApiUrl}.default" }5
authenticationResult result = await app.AcquireTokenForClient(
scopes
app
config
Authent icationConfig.ReadFromJsonFile("appsettings. json");
ReadCertificate(config.CertificateName) ;
var app = i -Create(config.ClientId)
)-ExecuteAsync();](https://eaeastus2.blob.core.windows.net/optimizedimages/static/images/Developing-Solutions-for-Microsoft-Azure-(AZ-204)/question/img0029000001.png)
Explanations
![Answer Area
AuthenticationConfig config
xs09Certificate2 certificate
var app =
|ConfidentialClientApplicationBuilder |
GetAccountAsync()
GetAccountsAsync()
ConfidentialClientApplication
.WithCertificate(certificate)
-WithAuthority (new Uri (config.Authority))
-Build();
string[] scopes = new string[] { $"{config.ApiUrl}.default" }5
authenticationResult result = await app.AcquireTokenForClient(
‘scopes
app
config
Authent icationConfig.ReadFrom3sonFile("appsettings. json");
ReadCertificate(config.CertificateName)
-Create(config.ClientId)
)-ExecuteAsync();](https://eaeastus2.blob.core.windows.net/optimizedimages/static/images/Developing-Solutions-for-Microsoft-Azure-(AZ-204)/answer/img0029000002.png)
Box 1: ConfidentialClientApplicationBuilder Here's the code to instantiate the confidential client application with a client secret: app = ConfidentialClientApplicationBuilder.Create(config.ClientId) .WithClientSecret(config.ClientSecret) .WithAuthority(new Uri(config.Authority)) .Build(); Box 2: scopes - After you've constructed a confidential client application, you can acquire a token for the app by calling AcquireTokenForClient, passing the scope, and optionally forcing a refresh of the token.
Sample code: result = await app.AcquireTokenForClient(scopes) .ExecuteAsync(); Reference: https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-daemon-app-configuration https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-daemon-acquire-token.