Topic: PL-400 topic 5 question 10

You are developing an app that uses Common Data Service.
You must integrate Common Data Service with a new web application. You must allow the new web application to display data from Common Data Service.
You build a single-page web application using the Web API.
You need to authenticate your app using OAuth.
What should you use?

A.
Windows Communication Foundation (WCF)
B.
Cross-Origin Resource Sharing (CORS)
C.
Microsoft Authentication Library (MSAL)
D.
Kerberos authentication

Re: PL-400 topic 5 question 10

https://docs.microsoft.com/en-us/powerapps/developer/data-platform/authenticate-oauth

Re: PL-400 topic 5 question 10

Answer is C

Re: PL-400 topic 5 question 10

Solution: Microsoft Authentication Library (MSAL)

To authenticate your web application with OAuth and access data from Common Data Service, you should use the Microsoft Authentication Library (MSAL). MSAL provides authentication and authorization capabilities for various Microsoft services, including Common Data Service. It allows you to obtain access tokens that can be used to make authorized requests to the Common Data Service Web API.

Cross-Origin Resource Sharing (CORS) is a security feature that enables web applications to make requests to a different domain than the one from which the web page originated. While CORS might be relevant in enabling your web application to access resources from different domains, it's not directly related to OAuth-based authentication and accessing data from Common Data Service.

Re: PL-400 topic 5 question 10

The suggested answer is correct CORS since the question ask for web application accessibility and not the users. " CORS provides a way to gain access to resources on another domain. "

Re: PL-400 topic 5 question 10

"Use OAuth with Cross-Origin Resource Sharing to connect a Single-Page Application"
https://learn.microsoft.com/en-us/power-apps/developer/data-platform/oauth-cross-origin-resource-sharing-connect-single-page-application?source=recommendations

  • V05
  • New member
  • Offline

Re: PL-400 topic 5 question 10

CORS is just enabled, but to authenticate, need to use MSAL as provided in the same link you provided :- Since Dataverse users are authenticated using Azure Active Directory, MSAL.js is the supported way to authenticate SPA users.

  • V05
  • New member
  • Offline

Re: PL-400 topic 5 question 10

Also, Instead you can use the Microsoft Authentication Library for JavaScript (MSAL.js) 2.0 for Browser-Based Single-Page Applications and it will take care of much of the CORS complexity for you.

Re: PL-400 topic 5 question 10

B
https://learn.microsoft.com/en-us/power-apps/developer/data-platform/oauth-cross-origin-resource-sharing-connect-single-page-application?source=recommendations

Re: PL-400 topic 5 question 10

After, I read your reference, i agree with you. The artible explain "Use OAuth with Cross-Origin Resource Sharing to connect a Single-Page Application"

Re: PL-400 topic 5 question 10

OAuth requires an identity provider for authentication. For Dataverse, the identity provider is Azure Active Directory (AAD). To authenticate with AAD using a Microsoft work or school account, use the Azure Active Directory Authentication Libraries (ADAL) or Microsoft Authentication Library (MSAL).

Re: PL-400 topic 5 question 10

corrct

Re: PL-400 topic 5 question 10

OAuth requires an identity provider for authentication. For Dataverse, the identity provider is Azure Active Directory (AAD). To authenticate with AAD using a Microsoft work or school account, use the Azure Active Directory Authentication Libraries (ADAL) or Microsoft Authentication Library (MSAL).

Re: PL-400 topic 5 question 10

correct.

Re: PL-400 topic 5 question 10

sorry,the correct answer is C:MSAL

  • fady1
  • New member
  • Offline

Re: PL-400 topic 5 question 10

Kerberos is OAuth

Re: PL-400 topic 5 question 10

Yes answer is C

Re: PL-400 topic 5 question 10

Yes answer is C

Re: PL-400 topic 5 question 10

Answer should be C
https://docs.microsoft.com/en-us/powerapps/developer/data-platform/authenticate-oauth