- (Exam Topic 2)
You are developing a single-page application (SPA).
You plan to access user data from Microsoft Graph by using an AJAX call.
You need to obtain an access token by the Microsoft Authentication Library (MSAL). The solution must minimize authentication prompts.
How should you complete the code segment? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Solution:
Box 1: loginPopup
Box 2: acquireTokenSilent
The pattern for acquiring tokens for APIs with MSAL.js is to first attempt a silent token request by using the acquireTokenSilent method. When this method is called, the library first checks the cache in browser storage to see if a valid token exists and returns it. When no valid token is in the cache, it sends a silent token request to Azure Active Directory (Azure AD) from a hidden iframe. This method also allows the library to renew tokens.
Box 3: acquireTokenPopup
//AcquireToken Failure, send an interactive request. Example:
userAgentApplication.loginPopup(applicationConfig.graphScopes).then(function (idToken) {
//Login Success
userAgentApplication.acquireTokenSilent(applicationConfig.graphScopes).then(function (accessToken) {
//AcquireToken Success updateUI();
}, function (error) {
//AcquireToken Failure, send an interactive request. userAgentApplication.acquireTokenPopup(applicationConfig.graphScopes).then(function (accessToken) { updateUI();
}, function (error) { console.log(error);
});
})
}, function (error) { console.log(error);
});
Reference: https://github.com/AzureAD/microsoft-authentication-library-for-js/issues/339
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 1)
You need to configure the initial login request in the access token JavaScript script. Which code segment should you insert at line 01?
Correct Answer:
D
Scenario: ADatum identifies the following technical requirements for the planned E-invoicing capabilities:
Ensure that all operations performed by E-invoicing against Office 365 are initiated by a user. Require that the user authorize E-invoicing to access the Office 365 data the first time the application attempts to
access Office 365 data on the user’s behalf.
Reference: https://docs.microsoft.com/en-us/graph/permissions-reference
- (Exam Topic 1)
Which type of authentication flow should you recommend for the planned integration with Office 365?
Correct Answer:
C
To use Microsoft Graph to read and write resources on behalf of a user, your app must get an access token from the Microsoft identity platform and attach the token to requests that it sends to Microsoft Graph.
One common flow used by native and mobile apps and also by some Web apps is the OAuth 2.0 authorization code grant flow.
Scenario: Email the generated invoices to customers on behalf of the current signed-in user. Any emails generated by the system will contain the invoiced.
Use Azure AD to manage identities, authentication, and authorization. Reference: https://docs.microsoft.com/en-us/graph/auth-v2-user
- (Exam Topic 2)
You are building a server-based web app that will use OAuth2 and will be registered with the Microsoft identity platform.
Which two values does the app require to obtain tokens from the Azure Active Directory (Azure AD) authorization endpoint? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
Correct Answer:
CE
C: The required client_id is the Application (client) ID that the Azure portal – App registrations experience assigned to your app.
E: The authorization code flow begins with the client directing the user to the /authorize endpoint.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
- (Exam Topic 2)
You are developing a Microsoft Teams application.
Which Teams feature provides you with the ability to invoke a model popup by using the minimum amount of custom code?
Correct Answer:
B