your link is intersting but I think the answer you provide is FALSE.
As I understood from the link, if you want to access user claims from Azure Function then the C answer is OK but if you want to get it from webapp then the A answer is the good one.
Please, recheck the link above
To quote the link provided:
"For all language frameworks, App Service makes the claims in the incoming token (whether from an authenticated end user or a client application) available to your code by injecting them into the request headers. External requests aren't allowed to set these headers, so they are present only if set by App Service...."
So the first thing that happens in the the Web App is to read the information from the request headers that was inserted by the App Service as part of authenticating the user in order to provide the user's claims.
in Function you can access the user clams from headers, ClaimsPrincipal
For Azure Functions, ClaimsPrincipal.Current is not populated for .NET code, but you can still find the user claims in the request headers, or get the ClaimsPrincipal object from the request context or even through a binding parameter. See working with client identities in Azure Functions for more information.
https://docs.microsoft.com/en-us/azure/app-service/configure-authentication-user-identities
Answer is A.
Check this tutorial related to a web app accessing Microsoft Graph to get signed user's display name and his/her photo from Azure AD. It seems it corresponds to "access data from the user claim object" requirement.
https://docs.microsoft.com/en-us/azure/app-service/scenario-secure-app-access-microsoft-graph-as-user
Note: Reading HTTP headers (the answer C) could give basic information only - but the user claim contains more detailed data.
https://docs.microsoft.com/en-us/azure/app-service/configure-authentication-user-identities
The question does not ask anything but claims and does not say read profile (which has detailed information), in which case you might want to access the graphs API if given access.
Yeah, but to access the GraphAPI you need the information from the token which is sent in the header, so in both ways, the first step is to read the header values.
App Service makes the claims in the incoming token (whether from an authenticated end user or a client application) available to your code by injecting them into the request headers.
So from this point, you just need to read them in your code
"E-commerce application sign-ins must be secured by using Azure App Service authentication and Azure Active Directory (AAD)." so using Microsoft Graph API call is probably what you want to do but the tricky part is the question asks what should you do first. Read the header to get the info you need to make the Graph API call would be my vote.
in Function you can access the user clams from headers, ClaimsPrincipal
For Azure Functions, ClaimsPrincipal.Current is not populated for .NET code, but you can still find the user claims in the request headers, or get the ClaimsPrincipal object from the request context or even through a binding parameter. See working with client identities in Azure Functions for more information.
https://docs.microsoft.com/en-us/azure/app-service/configure-authentication-user-identities
But Azure function will get data from web app and App Service passes user claims to the app by using special request headers. External requests aren’t allowed to set these headers, so they are present only if set by the App Service. then
[FunctionName("ClaimsDemo")]
public static IActionResult Run
([HttpTrigger(AuthorizationLevel.Anonymous, "get", "post", Route = null)]
HttpRequest req, ILogger log)
{
//Extract User ID and Claims from the request headers
var principal_name = req.Headers["X-MS-CLIENT-PRINCIPAL-NAME"].FirstOrDefault();
var principal_Id = req.Headers["X-MS-CLIENT-PRINCIPAL-ID"].FirstOrDefault();
So CCCCCCCCCCCCCCCCCCCCC
I do not know if C is correct, the thing you need is https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-net-migration, you cannot read the http header directly, you need MS library, best thing I can see if graph from A ... But it is not really, the name of the library ...
upvoted 3 times
...
This section is not available anymore. Please use the main Exam Page.AZ-204 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
j888
Highly Voted 3 years, 2 months agoJonas_86
3 years, 1 month agophvogel
3 years agotroy89
2 years, 8 months agohubekpeter
1 year, 11 months agowsellmair
2 years, 8 months agoMiraA
Highly Voted 3 years agogmishra88
2 years agotroy89
2 years, 8 months agopaddy23
Most Recent 9 months, 1 week agokatrang
1 year, 1 month agoJH81
1 year, 4 months agoOPT_001122
1 year, 11 months agowsellmair
2 years, 8 months agowsellmair
2 years, 8 months agosurprise0011
1 year, 6 months agojustyoung17
3 years, 1 month agoensa
3 years agoning
3 years, 2 months ago