PL-400 Question #343: Real Exam Question with Answer & Explanation

Question

A company has a model-driven app that uses Microsoft Dataverse. The company requires a web application that retrieves information from the model-driven app. The requirements for the web application include: - Must be a single-page web application that uses the Web API. - Must display the correct company information. - Must authenticate using OAuth without additional verification. You need to configure the web application. Which two methods should you use? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

Options

• ANTLM authentication
• BKerberos Authentication
• CMicrosoft Azure Active Directory Authentication Libraries (ADAL)
• DMicrosoft Authentication Library (MSAL)
• Emultifactor authentication

Explanation

To configure a single-page web application to authenticate with OAuth for Dataverse Web API access without additional verification, utilize the Microsoft Authentication Library (MSAL) and Microsoft Azure Active Directory Authentication Libraries (ADAL).

Common mistakes.

• A. NTLM authentication is an older, proprietary protocol for Windows challenge/response authentication and is not suitable for modern web applications using OAuth with Azure AD.
• B. Kerberos Authentication is a network authentication protocol primarily used in Active Directory environments for domain-joined machines, not for browser-based web applications connecting to Azure AD via OAuth.
• E. Multifactor authentication (MFA) is a security feature that adds layers of verification, but it is not an authentication method itself and the requirement specifically states 'without additional verification' from the app's perspective.

Concept tested. Azure AD OAuth authentication libraries for web apps

Reference. https://learn.microsoft.com/en-us/azure/active-directory/develop/msal-overview

No community discussion yet for this question.