Practice free →
HomeAzure AZ-204cloudcomputingaz204security › Which type of Microsoft Identity token does a cl…

Which type of Microsoft Identity token does a client present to a downstream API to prove the SIGNED-IN USER's identity and scopes?

AA static API key shared across all users
BThe user's plain-text password
CAn SSL certificate from the user's browser
DAn access token (typically a JWT) issued by Entra ID with the user's claims and granted scopes
Answer & Solution
Correct answer: D. An access token (typically a JWT) issued by Entra ID with the user's claims and granted scopes
Access tokens (JWTs) carry user/app identity + scopes and are validated by the downstream API. The other options are insecure or invalid.
Solve this in the app — Azure AZ-204 practice & 24k+ MCQs →
Related questions