ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-600 All Questions

View all questions & answers for the MS-600 exam
Go to Exam

Exam MS-600 topic 8 question 1 discussion

Actual exam question from Microsoft's MS-600
Question #: 1
Topic #: 10
[All MS-600 Questions]

Which type of authentication flow should you recommend for the planned integration with Office 365?

  • A. device code
  • B. implicit grant
  • C. authorization code
  • D. client credentials
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
To use Microsoft Graph to read and write resources on behalf of a user, your app must get an access token from the Microsoft identity platform and attach the token to requests that it sends to Microsoft Graph.
One common flow used by native and mobile apps and also by some Web apps is the OAuth 2.0 authorization code grant flow.
Scenario: Email the generated invoices to customers on behalf of the current signed-in user. Any emails generated by the system will contain the invoiced.
Use Azure AD to manage identities, authentication, and authorization.
Reference:
https://docs.microsoft.com/en-us/graph/auth-v2-user
by zackrockz at July 29, 2020, 12:27 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
zackrockz
Highly Voted 1 year, 3 months ago
I think the answer should be implicit grant flow since we're dealing with SPA communicating with a Web API https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-implicit-grant-flow
upvoted 6 times
ETU69
1 year, 1 month ago
For most of the history of OAuth 2.0, the implicit flow was the recommended way to build single-page apps. With the removal of third-party cookies and greater attention paid to security concerns around the implicit flow, Microsoft moved to the authorization code flow for single-page apps. https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-app-types#authorization-code-flow-vs-implicit-flow So, I stick with answer C. authorization code
upvoted 8 times
TRUESON
1 year ago
Actually the question shouls state which msal version is used ... depending on that the answer is implicit or auth grant ... v2 was released july 20, 2020 ... did they update the answer?
upvoted 1 times
...
...
...
bilnurbk
Most Recent 5 months, 1 week ago
Reply to TRUESON and mightyjoebong: from question "ADatum always uses the latest libraries and integration endpoints." It means that msal v2 is used. Answer C.
upvoted 3 times
...
mightyjoebong
6 months, 1 week ago
Agree with TRUESON msal v1: implicit flow msal v2: auth code with pkce (still not just auth code). I'd answer implicit
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago