Microsoft Azure Developer Associate AZ-204 Practice Question
Your organization is developing a browser-based single-page application (SPA) that must sign in users and call a custom web API protected by the Microsoft identity platform. You will implement authentication with MSAL.js v2. To follow current Microsoft recommendations and avoid exposing tokens in the URL fragment, which OAuth 2.0 flow should you implement?
Authorization code flow with Proof Key for Code Exchange (PKCE)
Microsoft recommends that JavaScript SPAs use the authorization code flow with Proof Key for Code Exchange (PKCE). In this flow MSAL.js v2 first obtains an authorization code, then redeems it for tokens through a back-channel call, so access tokens never appear in the browser's address bar. The implicit grant flow exposes tokens in the URL fragment and is now discouraged; the resource owner password credential flow is intended only for legacy scenarios and cannot satisfy modern browser restrictions; the client credentials flow is for service-to-service applications that do not involve an interactive user.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Proof Key for Code Exchange (PKCE)?
Open an interactive chat with Bash
Why is the Implicit Grant flow discouraged for SPAs?
Open an interactive chat with Bash
How does MSAL.js v2 enable secure authentication in SPAs?
Open an interactive chat with Bash
Microsoft Azure Developer Associate AZ-204
Implement Azure security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .