Question 55 of 88 from exam SC-300: Microsoft Identity and Access Administrator

Question 55 of 88 from exam SC-300: Microsoft Identity and Access Administrator

Prev Question Next Question

Question

DRAG DROP - Your company has an Azure Active Directory (Azure AD) tenant named contoso.com.

The company is developing a web service named App1

You need to ensure that App1 can use Microsoft Graph to read directory data in contoso.com.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange then in the correct order.

Select and Place:

Actions Add a group claim. Create an app registration. Grant admin consent. Add delegated permissions. Add app permissions. Answer Area

Explanations

Actions Answer Area Add a group claim. Create an app registration. Grant admin consent. Add app permissions. Add delegated permissions.

1

Create an app registration: Your app must be registered with the Microsoft identity platform and be authorized by either a user or an administrator for access to the Microsoft Graph resources it needs.

2

Grant admin consent: Higher-privileged permissions require administrator consent.

3

Add app permissions: After the consents to permissions for your app, your app can acquire access tokens that represent the app's permission to access a resource in some capacity.

Encoded inside the access token is every permission that your app has been granted for that resource.

https://docs.microsoft.com/en-us/graph/auth/auth-concepts
Prev Question Next Question