Which API Management policy should you implement?

You are a developer for a SaaS company that offers many web services.

All web services for the company must meet the following requirements:

✑ Use API Management to access the services

✑ Use OpenID Connect for authentication

✑ Prevent anonymous usage

A recent security audit found that several web services can be called without any authentication.

Which API Management policy should you implement?
A . jsonp
B. authentication-certificate
C. check-header
D. validate-jwt

Answer: D

Explanation:

Add the validate-jwt policy to validate the OAuth token for every incoming request.

Reference: https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-protect-backend-with-aad

Latest AZ-204 Dumps Valid Version with 254 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments