AZ-204 · Question #339
AZ-204 Question #339: Real Exam Question with Answer & Explanation
The correct answer is D: validate-jwt. Add the validate-jwt policy to validate the OAuth token for every incoming request. Incorrect Answers: A: The jsonp policy adds JSON with padding (JSONP) support to an operation or an API to allow cross-domain calls from JavaScript browser-based clients. JSONP is a method used in
Question
You are a developer for a SaaS company that offers many web services. All web services for the company must meet the following requirements: - Use API Management to access the services - Use OpenID Connect for authentication - Prevent anonymous usage A recent security audit found that several web services can be called without any authentication. Which API Management policy should you implement?
Options
- Ajsonp
- Bauthentication-certificate
- Ccheck-header
- Dvalidate-jwt
Explanation
Add the validate-jwt policy to validate the OAuth token for every incoming request. Incorrect Answers: A: The jsonp policy adds JSON with padding (JSONP) support to an operation or an API to allow cross-domain calls from JavaScript browser-based clients. JSONP is a method used in JavaScript programs to request data from a server in a different domain. JSONP bypasses the limitation enforced by most web browsers where access to web pages must be in the same domain. JSONP - Adds JSON with padding (JSONP) support to an operation or an API to allow cross- domain calls from JavaScript browser-based clients. https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-protect- backend-with-aad
Community Discussion
No community discussion yet for this question.