Notifications
Clear all
Topic starter
25/06/2022 3:35 pm
You need to authenticate the user to the corporate website as indicated by the architectural diagram.
Which two values should you use? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
- A . ID token signature
- B . ID token claims
- C . HTTP response code
- D . Azure AD endpoint URI
- E . Azure AD tenant ID
Suggested Answer: B,E
Explanation:
Claims in access tokens
JWTs (JSON Web Tokens) are split into three pieces:
✑ Header - Provides information about how to validate the token including information about the type of token and how it was signed.
✑ Payload - Contains all of the important data about the user or app that is attempting to call your service.
✑ Signature - Is the raw material used to validate the token.
Your client can get an access token from either the v1.0 endpoint or the v2.0 endpoint using a variety of protocols.
Scenario: User authentication (see step 5 below)
The following steps detail the user authentication process:
✑ The user selects Sign in in the website.
✑ The browser redirects the user to the Azure Active Directory (Azure AD) sign in page.
✑ The user signs in.
✑ Azure AD redirects the user’s session back to the web application. The URL includes an access token.
✑ The web application calls an API and includes the access token in the authentication header. The application ID is sent as the audience (‘aud’) claim in the access token.
✑ The back-end API validates the access token.
Reference: https://docs.microsoft.com/en-us/azure/api-management/api-management-access-restriction-policies
Explanation:
Claims in access tokens
JWTs (JSON Web Tokens) are split into three pieces:
✑ Header - Provides information about how to validate the token including information about the type of token and how it was signed.
✑ Payload - Contains all of the important data about the user or app that is attempting to call your service.
✑ Signature - Is the raw material used to validate the token.
Your client can get an access token from either the v1.0 endpoint or the v2.0 endpoint using a variety of protocols.
Scenario: User authentication (see step 5 below)
The following steps detail the user authentication process:
✑ The user selects Sign in in the website.
✑ The browser redirects the user to the Azure Active Directory (Azure AD) sign in page.
✑ The user signs in.
✑ Azure AD redirects the user’s session back to the web application. The URL includes an access token.
✑ The web application calls an API and includes the access token in the authentication header. The application ID is sent as the audience (‘aud’) claim in the access token.
✑ The back-end API validates the access token.
Reference: https://docs.microsoft.com/en-us/azure/api-management/api-management-access-restriction-policies