How can you validate that the JSON notification message is sent from the Microsoft Graph service?
The ClientState must match the value provided when subscribing.
The user_guid must map to a user ID in the Azure AD tenant of the customer.
The tenant ID must match the tenant ID of the customer’s Office 365 tenant.
The subscription ID must match the Azure subscription used by ADatum.
Correct answer: A
Explanation:
clientState specifies the value of the clientState property sent by the service in each notification. The maximum length is 128 characters. The client can check that the notification came from the service by comparing the value of the clientState property sent with the subscription with the value of the clientState property received with each notification. Note: A subscription allows a client app to receive notifications about changes to data in Microsoft Graph. Reference: https://docs.microsoft.com/en-us/graph/api/resources/subscription
clientState specifies the value of the clientState property sent by the service in each notification. The maximum length is 128 characters. The client can check that the notification came from the service by comparing the value of the clientState property sent with the subscription with the value of the clientState property received with each notification.
Note: A subscription allows a client app to receive notifications about changes to data in Microsoft Graph.
Scenario: ADatum identifies the following technical requirements for the planned E-invoicing capabilities: Ensure that all operations performed by E-invoicing against Office 365 are initiated by a user. Require that the user authorize E-invoicing to access the Office 365 data the first time the application attempts to access Office 365 data on the user’s behalf. Reference: https://docs.microsoft.com/en-us/graph/permissions-reference
Scenario: ADatum identifies the following technical requirements for the planned E-invoicing capabilities:
Ensure that all operations performed by E-invoicing against Office 365 are initiated by a user. Require that the user authorize E-invoicing to access the Office 365 data the first time the application attempts to access Office 365 data on the user’s behalf.