Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location
Mob_nav_barsMENU

Microsoft Exam AZ-204 Topic 10 Question 34 Discussion

Actual exam question for Microsoft's AZ-204 exam
Question #: 34
Topic #: 10
[All AZ-204 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this question, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You are developing a website that will run as an Azure Web App. Users will authenticate by using their Azure Active Directory (Azure AD) credentials.

You plan to assign users one of the following permission levels for the website: admin, normal, and reader. A user's Azure AD group membership must be used to determine the permission level. You need to configure authorization.

Solution:

* Create a new Azure AD application's manifest, set value of the groupMembershipClaims option to All.

* In the website, use the value of the groups claim from the JWI for the user to determine permissions.

Does the solution meet the goal?

Show Suggested Answer Hide Answer
Suggested Answer: A

To configure Manifest to include Group Claims in Auth Token

1. Go to Azure Active Directory to configure the Manifest. Click on Azure Active Directory, and go to App registrations to find your application:

2. Click on your application (or search for it if you have a lot of apps) and edit the Manifest by clicking on it.

3. Locate the ''groupMembershipClaims'' setting. Set its value to either ''SecurityGroup'' or ''All''. To help you decide which:

''SecurityGroup'' - groups claim will contain the identifiers of all security groups of which the user is a member.

''All'' - groups claim will contain the identifiers of all security groups and all distribution lists of which the user is a member

Now your application will include group claims in your manifest and you can use this fact in your code.

References:

https://blogs.msdn.microsoft.com/waws/2017/03/13/azure-app-service-authentication-aad-groups/


by Erick at May 07, 2022, 01:44 AM

Limited Time Offer

25%

Off

Get Premium AZ-204 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Josue
9 days ago
Yes, this is exactly how it should be done!
upvoted 0 times
...
Sherita
14 days ago
Wait, can we really trust the groups claim for permissions?
upvoted 0 times
...
Krystina
20 days ago
Definitely meets the goal! Permissions based on groups are solid.
upvoted 0 times
...
An
25 days ago
I think this will work, but I’m not 100% sure.
upvoted 0 times
...
Rima
30 days ago
Sounds good, using groupMembershipClaims is the way to go!
upvoted 0 times
...
Sherron
1 month ago
I believe this solution should work, but I wonder if there are any additional configurations needed for the permissions to be effective.
upvoted 0 times
...
Marget
1 month ago
I'm a bit confused about whether just using the groups claim is enough. I feel like there might be more steps involved in the authorization process.
upvoted 0 times
...
Cecily
1 month ago
I remember a similar practice question where we had to configure Azure AD permissions, and I feel like using the groups claim is the right approach.
upvoted 0 times
...
Daniela
1 month ago
I think setting the groupMembershipClaims to All is important for getting the right permissions, but I'm not sure if the solution fully meets the goal.
upvoted 0 times
...
Isabelle
1 month ago
Okay, let's see. I know static approval groups can include users and groups, but I'm not sure about the other options. I'll have to read the question closely and eliminate the ones that don't fit.
upvoted 0 times
...
Merlyn
1 month ago
Hmm, I'm a bit confused by the wording here. Are we supposed to choose two answers, or is there more to the question? I'll need to read through it carefully to make sure I understand the requirements.
upvoted 0 times
...
Karina
1 month ago
Based on what I studied, I think it could tie into making sanctions more effective, but I’m not 100% certain if that’s the right angle for this question.
upvoted 0 times
...

Save Cancel