Which values should you use?

Posted by: Pdfprep Category: AZ-204 Tags: , , Post Date: May 10, 2021

HOTSPOT

ASP.NET Core API app by using C#. The API app will allow users to authenticate by using Twitter and Azure Active Directory (Azure AD).

Users must be authenticated before calling API methods. You must log the user’s name for each method call.

You need to configure the API method calls.

Which values should you use? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Box 1: Authorize

Box 2: X-MS-CLIENT-PRINCIPAL-NAME

App Service passes user claims to your application by using special headers. External requests aren’t allowed to set these headers, so they are present only if set by App Service.

Some example headers include:

X-MS-CLIENT-PRINCIPAL-NAME

X-MS-CLIENT-PRINCIPAL-ID

Here’s the set of headers you get from Easy Auth for a Twitter authenticated user:

{

"cookie": "AppServiceAuthSession=Lx43…xHDTA==",

"x-ms-client-principal-name": "evilSnobu",

"x-ms-client-principal-id": "35….",

"x-ms-client-principal-idp": "twitter", "x-ms-token-twitter-access-token": "35…Dj", "x-ms-token-twitter-access-token-secret": "OK3…Jx", }

References: https://docs.microsoft.com/en-us/azure/app-service/app-service-authentication-how-to

Author

Leave a Reply

Your email address will not be published.