You have an application that is used by 6,000 users to validate their vacation requests. The application manages its own credential store. Users must enter a us...
Microsoft AZ-305 Exam
Questions Number: 29 out of 268 Questions
10.82%
Question 29
You have an application that is used by 6,000 users to validate their vacation requests. The application manages its own credential store. Users must enter a username and password to access the application. The application does NOT support identity providers. You plan to upgrade the application to use single sign-on (SSO) authentication by using an Azure Active Directory (Azure AD) application registration. Which SSO method should you use?
Password - On-premises applications can use a password-based method for SSO. This choice works when applications are configured for Application Proxy. With password-based SSO, users sign in to the application with a username and password the first time they access it. After the first sign-on, Azure AD provides the username and password to the application. Password-based SSO enables secure application password storage and replay using a web browser extension or mobile app. This option uses the existing sign-in process provided by the application, enables an administrator to manage the passwords, and doesn't require the user to know the password. Incorrect: Choosing an SSO method depends on how the application is configured for authentication. Cloud applications can use federation-based options, such as OpenID Connect, OAuth, and SAML. Federation - When you set up SSO to work between multiple identity providers, it's called federation. Reference: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/what-is-single-sign-on
