Microsoft Azure Developer Associate AZ-204 Practice Question
Your JavaScript single-page application (SPA) must call an Azure Function App that is secured by the Microsoft Identity platform. Both applications are registered in the same Microsoft Entra ID tenant. To ensure the SPA can obtain an access token that the Function App will accept, what should you configure in Azure AD?
Enable the implicit grant flow (ID tokens) on the SPA registration only.
Configure both registrations as public client/native applications.
Expose a custom delegated scope in the Function App registration and grant that scope as an API permission to the SPA.
Assign a system-assigned managed identity to the SPA and give it access to the Function App.
The web API (the Function App) must first expose a scope so that clients can request permission to it. In the Function App's app registration you expose an API by defining a custom delegated scope (for example, api:///user_impersonation). You then add that scope as an "API permission" to the SPA registration and grant consent. When the SPA requests an access token for that scope, Azure AD issues a token whose audience matches the Function App, and the Function App can validate and accept the call.
Enabling implicit grant for ID tokens only supports sign-in, not access to another API. Making the apps public clients or assigning a managed identity to the SPA does not affect interactive token acquisition between a browser client and a protected API.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a delegated scope in Microsoft Entra ID?
Open an interactive chat with Bash
What does 'expose an API' mean in an Azure Function App registration?
Open an interactive chat with Bash
Why doesn't enabling implicit grant for ID tokens support API access?
Open an interactive chat with Bash
Microsoft Azure Developer Associate AZ-204
Implement Azure security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .