HOTSPOT
You are developing an Azure App Service hosted ASP.NET Core API app by using C#. The API app will allow users to authenticate by using Twitter and Azure Active Directory (Azure AD). Users must be authenticated before calling API methods. You must log the user’s name for each method call.
You need to configure the API method calls.
Which values should you use? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Box 1: Authorize
Box 2: X-MS-CLIENT-PRINCIPAL-NAME
App Service passes user claims to your application by using special headers. External requests aren’t allowed to set these headers, so they are present only if set by App Service. Some example headers include:
X-MS-CLIENT-PRINCIPAL-NAME
X-MS-CLIENT-PRINCIPAL-ID
Here’s the set of headers you get from Easy Auth for a Twitter authenticated user:
{
"cookie": "AppServiceAuthSession=Lx43…xHDTA==",
…
"x-ms-client-principal-name": "evilSnobu",
"x-ms-client-principal-id": "35….",
"x-ms-client-principal-idp": "twitter",
"x-ms-token-twitter-access-token": "35…Dj",
"x-ms-token-twitter-access-token-secret": "OK3…Jx",
}
References: https://docs.microsoft.com/en-us/azure/app-service/app-service-authentication-how-to