Mike Hansford

Microsoft Identity (MS-600)

Summary of what I think matters so far

OK, so Microsoft Identity is a large component of MS-600: Building Applications and Solutions with Microsoft 365 Core Services. It’s the exam you need for the Microsoft 365 Certified: Developer Associate certification.

Identity is a large and complex domain of knowledge, so I want to unpack it a bit here. Importantly, what is the required knowledge and what are the constraints for the exam?

This was going to be a single page, but it long quickly. So, refer to the Table of Contents below.

Contents

1. Register an application
2. Implement Authentication
3. Configure Permissions to Consume an API
4. Implement Authorisation to Consume an API
5. Implement Authorisation in an API
6. Create a Service to Access Microsoft Graph

Glossary

• Account type
• Delegated permissions
• Consent
• OpenID Connect
• OAuth 2.0
• Home tenant
• Appliction object
• Service principal object
• Guest account
• Authentication
  • Identifies who you are
• Authorisation
  • Determines what you can do
  • Occurs only after authentication
• Topology
  • relates to whether the application is a SPA, web app, web API, mobile or desktop app, or daemon app

Resources

The Microsoft Learn path for Identity is a good starting point. The Azure Active Directory documentation is also really important.