Microsoft Azure Developer Associate AZ-204 Practice Question
A single-page application (SPA) uses the OAuth 2.0 implicit grant with the Microsoft identity platform. After sign-in, it must call Microsoft Graph to read the signed-in user's profile and later renew tokens silently in a hidden iframe (prompt=none). Which scope set should the first authorize request include to meet these requirements with least privilege?
In the implicit grant flow an SPA receives access and ID tokens but never receives refresh tokens, even if it asks for the offline_access scope. Silent renewal is performed by sending another authorization request in a hidden iframe using prompt=none, so no additional scope is required for that purpose. The least-privilege set that satisfies the requirements is:
openid and profile - standard OpenID Connect scopes that return an ID token so the app can identify the user.
User.Read - the Microsoft Graph delegated permission that permits the app to read only the signed-in user's profile. Including offline_access is unnecessary in the implicit flow and provides no benefit. Requesting .default or User.Read.All would ask for broader permissions than required.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the OAuth 2.0 implicit grant flow?
Open an interactive chat with Bash
What does the scope 'openid profile User.Read' provide in this scenario?
Open an interactive chat with Bash
Why isn't 'offline_access' needed in the implicit grant flow?
Open an interactive chat with Bash
Microsoft Azure Developer Associate AZ-204
Implement Azure security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .