How should you configure the manifest?

HOTSPOT

You are building a website to access project data related to terms within your organization. The website does not allow anonymous access. Authentication performed using an Azure

Active Directory (Azure AD) app named internal.

The website has the following authentication requirements:

• Azure AD users must be able to login to the website.

• Personalization of the website must be based on membership in Active Directory groups.

You need to configure the application’s manifest to meet the authentication requirements.

How should you configure the manifest? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

View Answer

Answer:

Explanation:

Box 1: groupMembershipClaims

Scenario: Personalization of the website must be based on membership in Active Directory groups.

Group claims can also be configured in the Optional Claims section of the Application Manifest. Enable group membership claims by changing the groupMembershipClaim

The valid values are:

"All"

"SecurityGroup"

"DistributionList"

"DirectoryRole"

Box 2: oauth2Permissions

Scenario: Azure AD users must be able to login to the website.

oauth2Permissions specifies the collection of OAuth 2.0 permission scopes that the web API (resource) app exposes to client apps. These permission scopes may be granted to client apps during consent.