AZ-204 Quiz

Entra ID

Question:

You are developing an application that uses Microsoft Entra ID for authentication. The application needs to authorize users based on their group membership in the organization. The application should receive this information in the user's token when they authenticate. How would you configure your application in Microsoft Entra ID to achieve this?

Set the requiredResourceAccess attribute in the application manifest to include the group IDs.
Enable the OAuth2AllowImplicitFlow attribute in the application manifest.
Configure the groupMembershipClaims attribute in the application manifest.
Add the group IDs to the knownClientApplications attribute in the application manifest.

Answer:

groupMembershipClaims is used to emit group claims in the token that the application receives when a user authenticates. The other options do not directly influence the emission of group claims in the token.

Report a problem

Exam revision: April 11, 2025