Question 62 of 115 from exam AZ-304: Microsoft Azure Architect Design

Question 62 of 115 from exam AZ-304: Microsoft Azure Architect Design

Question

HOTSPOT -

You configure OAuth2 authorization in API Management as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.

Hot Area:

Explanations

Box 1: Web applications -

The Authorization Code Grant Type is used by both web apps and native apps to get an access token after a user authorizes an app.

Note: The Authorization Code grant type is used by confidential and public clients to exchange an authorization code for an access token.

After the user returns to the client via the redirect URL, the application will get the authorization code from the URL and use it to request an access token.

Incorrect Answers:

Not Headless device authentication:

A headless system is a computer that operates without a monitor, graphical user interface (GUI) or peripheral devices, such as keyboard and mouse.

Headless computers are usually embedded systems in various devices or servers in multi-server data center environments. Industrial machines, automobiles, medical equipment, cameras, household appliances, airplanes, vending machines and toys are among the myriad possible hosts of embedded systems.

Box 2: Client Credentials -

How to include additional client data

In case you need to store additional details about a client that don't fit into the standard parameter set the custom data parameter comes to help:

POST /c2id/clients HTTP/1.1 -

Host: demo.c2id.com -

Content-Type: application/json -

Authorization: Bearer ztucZS1ZyFKgh0tUEruUtiSTXhnexmd6

{

"redirect_uris" : [ "https://myapp.example.com/callback" ],

"data" : { "reg_type" : "3rd-party",

"approved" : true,

"author_id" : 792440 }

}

The data parameter permits arbitrary content packaged in a JSON object. To set it you will need the master registration token or a one-time access token with a client-reg:data scope.

Incorrect Answers:

Authorization protocols provide a state parameter that allows you to restore the previous state of your application. The state parameter preserves some state object set by the client in the Authorization request and makes it available to the client in the response.

https://developer.okta.com/blog/2018/04/10/oauth-authorization-code-grant-type https://connect2id.com/products/server/docs/guides/client-registration