PL-400 Exam QuestionsBrowse all questions from this exam
Go to Exam

PL-400 Exam - Question 223

DRAG DROP -

You are creating a PowerApps connector between Dynamics 365 Sales and Slack.

You must generate a Slack notification whenever a new product is added to Dynamics 365 Sales. You must not be required to sign in directly into Dynamics 365

Sales to generate notifications. You created a Power Apps connector between Dynamics 365 Sales in Slack to enable this to happen.

You need to configure the appropriate security for each scenario.

Which security components should you configure?

NOTE: Each correct selection is worth one point.

Select and Place:

Show Answer
Correct Answer:

Box 1: Security roles -

A security role defines how different users, such as salespeople, access different types of records. To control access to data, you can modify existing security roles, create new security roles, or change which security roles are assigned to each user. Each user can have multiple security roles.

Security role privileges are cumulative: having more than one security role gives a user every privilege available in every role.

Each security role consists of record-level privileges and task-based privileges.

Box 2: OAuth -

Oauth 2.0 is the most frequently used type, which uses the Oauth 2 authentication framework to authenticate with the service. Before using this authentication type, you'll need to register your application with the service so that it can receive access tokens for the users.

For example, Register the application in Azure AD shows how to register an application with the Azure Active Directory service.

During the connection creation process, the user will be asked to enter the credentials for login to the service. These credentials will be used by the application to get an authorization token. For every request, this authorization token will be sent to your service through the Authorization header.

Box 3: Basic Authentication -

Basic Authentication is the simplest type of authentication, where the user just has to provide the username and password to create the connection.

Note: Before using any connector in Azure Logic Apps, Microsoft Power Automate, or Microsoft Power Apps, the user needs to create a connection by authenticating to the backend service.

Authentication types -

The different types of authentication that are currently supported are:

No authentication -

Basic authentication -

Api Key based authentication -

Oauth 2.0 -

Reference:

https://docs.microsoft.com/en-us/dynamics365/customerengagement/on-premises/admin/security-roles-privileges https://docs.microsoft.com/en-us/connectors/custom-connectors/connection-parameters

Discussion

12 comments
Sign in to comment
Ezekielibe
Aug 29, 2021

Security roles API Key Basic Authentication

dfretyhg
Jun 28, 2022

That's what I went with

CE_Team_Gold
Jul 10, 2022

You are correct. Basic Authentication: The information is encoded with base64 but it does not(!) use any encryption. Any password sent using basic authentication can easily be decoded. Basic authentication is vulnerable to replay attacks. So, OAuth authentication is recommended instead as which provides time based tokens and can have restricted access.

SashM
Jan 11, 2023

Why API key for 2nd?

DimpleG
Jan 27, 2023

An API key can be used to capture application usage from a public site in PowerApps. An API key is a unique string of characters that is used to authenticate and identify the calling application or user. It can be passed as a parameter in an API call, and the API will only respond if the key is valid. The API key can be used to track usage and usage patterns and monitor the performance of the application.

S41
Jul 22, 2021

I will go with OAuth API Key Basic Authentication

BillWwww
Jun 7, 2022

Basic authentication would need encryption, Oauth would not need encryption. Therefore I would go for: security roles api key oauth

Bukhari
Nov 8, 2021

OAuth API Key Basic Authentication

MarlyB
Jan 9, 2022

Why security roles or OAuth for answer 1?

Big_PP
Jul 17, 2021

Is it correct?

Ezekielibe
Aug 29, 2021

No its not

ThePickOne
Dec 22, 2021

Security roles API Key Basic Authentication

BlueP
Jun 26, 2022

Basic authentication would require encryption as it's unencrypted by defualt

BlueP
Jun 26, 2022

I take that back, going with given answers

jkaur
Aug 16, 2023

-OAuth -API key -Basic authentication

MikeAWS
Aug 28, 2023

Correct answers are: OAuth, API Key, Basic authentication. Explanation: - To ensure Dynamics 365 security is in place while connecting it to other systems like Slack, you would generally configure security using OAuth. OAuth is an industry-standard protocol for authorization that allows secure access to protected resources on behalf of a user, without exposing their credentials. - For capturing application usage from a public site, you would typically use an API key for security. API keys are a common method of authentication and authorization for accessing APIs or services without requiring direct user authentication. - For configuring a website login that does not need encryption, you would typically use Basic authentication. Basic authentication is a simple authentication mechanism where the user's credentials (username and password) are sent over the network in an encoded format, but not encrypted.

At09
Oct 4, 2023

Oauth API key BA

LSgeek
Jul 17, 2024

Security roles API Key Basic Authentication