Which API Management policy should you implement?

adminApril 13, 2020

You are a developer for a SaaS company that offers many web services.

All web services for the company must meet the following requirements:

⦁ Use API Management to access the services
⦁ Use OpenID Connect for authentication
⦁ Prevent anonymous usage

A recent security audit found that several web services can be called without any authentication.

Which API Management policy should you implement?

A. jsonp
B. authentication-certificate
C. check-header

D. validate-jwt

Explanation:
Add the validate-jwt policy to validate the OAuth token for every incoming request.

Incorrect Answers:
A: The jsonp policy adds JSON with padding (JSONP) support to an operation or an API to allow cross-domain calls from JavaScript browser-based clients. JSONP is a method used in JavaScript programs to request data from a server in a different domain. JSONP bypasses the limitation enforced by most web browsers where access to web pages must be in the same domain.

JSONP – Adds JSON with padding (JSONP) support to an operation or an API to allow cross-domain calls from JavaScript browser-based clients.

Reference:
https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-protect-backend-with-aad

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

Microsoft Exam Questions

Free Microsoft Study Guide

Which API Management policy should you implement?

Leave a Reply Cancel reply