Question 68 of 179 from exam AZ-204: Developing Solutions for Microsoft Azure
Question
DRAG DROP - You are developing an ASP.NET Core website that can be used to manage photographs which are stored in Azure Blob Storage containers.
Users of the website authenticate by using their Azure Active Directory (Azure AD) credentials.
You implement role-based access control (RBAC) role permissions on the containers that store photographs.
You assign users to RBAC roles.
You need to configure the website's Azure AD Application so that user's permissions can be used with the Azure Blob containers.
How should you configure the application? To answer, drag the appropriate setting to the correct location.
Each setting can be used once, more than once, or not at all.
You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
/question/img0024500001.png)
Explanations
/answer/img0024600001.png)
Box 1: user_impersonation - Box 2: delegated - Example: 1
Select the API permissions section 2
Click the Add a permission button and then: Ensure that the My APIs tab is selected 3
In the list of APIs, select the API TodoListService-aspnetcore.
4
In the Delegated permissions section, ensure that the right permissions are checked: user_impersonation.
5
Select the Add permissions button.
Box 3: delegated - Example - 1
Select the API permissions section 2
Click the Add a permission button and then, Ensure that the Microsoft APIs tab is selected 3
In the Commonly used Microsoft APIs section, click on Microsoft Graph 4
In the Delegated permissions section, ensure that the right permissions are checked: User.Read.
Use the search box if necessary.
5
Select the Add permissions button Reference: https://docs.microsoft.com/en-us/samples/azure-samples/active-directory-dotnet-webapp-webapi-openidconnect-aspnetcore/calling-a-web-api-in-an-aspnet-core- web-application-using-azure-ad/