Microsoft Azure Developer Associate AZ-204 Practice Question
You are developing a single-page JavaScript application (SPA) that needs to call a custom web API protected by Microsoft Entra ID. The solution must use an OAuth 2.0 flow that never transmits a client secret, returns tokens containing user claims, and works with Conditional Access and modern browser protections. Which grant type should you implement?
The authorization code flow with Proof Key for Code Exchange (PKCE) is the recommended OAuth 2.0 flow for SPAs using the Microsoft identity platform. It does not require a client secret, includes the user's delegated claims in the issued access token, complies with Conditional Access policies, and replaces the older implicit grant. The client-credentials grant is intended for app-only tokens and therefore lacks user claims. Resource-owner-password-credentials transmits user credentials directly and is incompatible with Conditional Access. The implicit grant is deprecated for new solutions because it exposes tokens in the browser address bar and cannot meet modern security requirements.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is PKCE in the authorization code flow?
Open an interactive chat with Bash
Why is the implicit grant deprecated?
Open an interactive chat with Bash
How does Conditional Access work with the authorization code flow?
Open an interactive chat with Bash
Microsoft Azure Developer Associate AZ-204
Implement Azure security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .