New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft AZ-204 Exam - Topic 5 Question 121 Discussion

Actual exam question for Microsoft's AZ-204 exam
Question #: 121
Topic #: 5
[All AZ-204 Questions]

You are developing a web application that uses the Microsoft identity platform for user and resource authentication. The web application calls several REST APIs.

A REST API call must read the user's calendar. The web application requires permission to send an email as the user.

You need to authorize the web application and the API.

Which parameter should you use?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Cherelle at Aug 01, 2025, 12:11 AM

Limited Time Offer

25%

Off

Get Premium AZ-204 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Bernardo
2 months ago
I thought state was just for CSRF protection, not permissions.
upvoted 0 times
...
Skye
3 months ago
Totally agree, scope is essential here!
upvoted 0 times
...
Julian
3 months ago
You need the scope parameter for permissions.
upvoted 0 times
...
Sarah
3 months ago
Surprised that scope is the answer, I thought it was more complex!
upvoted 0 times
...
Margart
3 months ago
Wait, isn't client_id also important?
upvoted 0 times
...
Leatha
3 months ago
I thought client_id was important for identifying the application, but I don't recall if it’s the right answer for this specific scenario.
upvoted 0 times
...
Ashley
4 months ago
I feel like we covered something similar where we had to specify permissions for APIs. Scope seems like the right choice, but I could be wrong.
upvoted 0 times
...
Remedios
4 months ago
I'm not entirely sure, but I remember something about code_challenge being used for PKCE. Not sure if that's relevant here though.
upvoted 0 times
...
Chanel
4 months ago
I think the parameter we need is related to permissions, so maybe it's scope? That sounds familiar from our practice sessions.
upvoted 0 times
...
Sage
4 months ago
I'm a bit unsure about this one. The options seem a bit tricky, but I think 'scope' is the best choice based on the information provided in the question.
upvoted 0 times
...
Beatriz
4 months ago
I'm pretty confident the answer is 'scope'. The question specifically mentions that the web app requires certain permissions, and the 'scope' parameter is used to request those permissions during the authorization flow.
upvoted 0 times
...
Galen
5 months ago
Okay, let's think this through step-by-step. The web app needs permission to read the user's calendar and send email as the user. That sounds like we need to use the 'scope' parameter to request the necessary permissions.
upvoted 0 times
...
Cortney
5 months ago
Hmm, I'm a bit confused by the different options. I know we need to authorize the app and API, but I'm not sure which parameter would be the right one to use.
upvoted 0 times
...
Salina
5 months ago
This looks like a classic OAuth 2.0 authorization question. I think the key here is to identify the correct parameter to use for authorizing the web app and API.
upvoted 0 times
...
Dominga
5 months ago
I was thinking B) tenant, but C) scope makes more sense. Tenant is for specifying the Azure AD tenant, not the permissions.
upvoted 0 times
...
Reuben
5 months ago
Exactly, scope is the correct parameter to use in this scenario.
upvoted 0 times
...
Afton
5 months ago
No, clientid is used to identify the client application. Scope is what defines the permissions.
upvoted 0 times
...
Andra
6 months ago
I'm not sure. Could it be D) clientid instead?
upvoted 0 times
...
Reuben
7 months ago
I agree with Afton. The scope parameter defines the permissions that the web application needs.
upvoted 0 times
...
Afton
7 months ago
I think the parameter we should use is C) scope.
upvoted 0 times
...
Kathrine
7 months ago
Scope, scope, and more scope! Can't get enough of that scope. It's the secret sauce for all your identity and access needs.
upvoted 0 times
Ettie
6 months ago
A) code_challenge
upvoted 0 times
...
...
Genevieve
7 months ago
Definitely C) scope. That's the parameter you use to specify the permissions the app needs to access user resources like the calendar and email.
upvoted 0 times
Buddy
6 months ago
So, we should make sure to include the necessary scopes for reading the calendar and sending emails.
upvoted 0 times
...
Yolande
6 months ago
Yes, I agree. Scope is used to define the permissions needed for accessing user resources.
upvoted 0 times
...
Aide
7 months ago
I think C) scope is the right parameter to use for specifying permissions.
upvoted 0 times
...
...

Save Cancel