Exam4Training

Which policy values should you use?

HOTSPOT

You need to configure API Management for authentication.

Which policy values should you use? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Box 1: Validate JWT

The validate-jwt policy enforces existence and validity of a JWT extracted from either a specified HTTP Header or a specified query parameter.

Scenario: User authentication (see step 5 below)

The following steps detail the user authentication process:

✑ The user selects Sign in in the website.

✑ The browser redirects the user to the Azure Active Directory (Azure AD) sign in page.

✑ The user signs in.

✑ Azure AD redirects the user’s session back to the web application. The URL includes an access token.

✑ The web application calls an API and includes the access token in the authentication header. The application ID is sent as the audience (‘aud’) claim in the access token.

✑ The back-end API validates the access token.

Box 2: Outbound

Reference: https://docs.microsoft.com/en-us/azure/api-management/api-management-access-restriction-policies

Latest AZ-204 Dumps Valid Version with 254 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Exit mobile version