 Hello, everybody. Oh, I'm going to pull this down. Hello, everybody. It is good to see everybody joining us today for the first of my six-part series on getting certified as a Microsoft 365 certified Developer Associate. In this series, I plan on going over in each one of the different sessions that we're going to go through. I plan on covering multiple topics, each one of the different workloads that we have in the certification. This first one that we're going to do is going to be mostly about or really all about Microsoft's identity, or really it's Azure AD. So a couple of things before we get started. I want to take a minute here and first cover a little bit of housekeeping things and what you can expect. A couple of things first. So we've got a QA panel here that you can submit questions. I'm going to have plenty of time to go over questions and answer any questions that you have about Microsoft's identity or about the identity specific to the exam and to the certification. We're going to have time to also talk about the cert itself just in general if you have any questions. Specific workload questions, I'd like to hold those off to different webinars that we're doing. I'm going to show you a list of all those in just a minute. And I got a few polls that I want to ask you a couple of questions about. You may have already answered these on our website. Maybe you haven't. We'll see. But yeah. There is also a chat that I've got set up here. I'm not going to be watching the chat as closely as I am the question. So I do see a couple of people saying hello and everything. And it's good to. I'm assuming that you're posting that because you can see me and you can hear me at least. Actually, let's do this first just to make sure. Can I get some people to raise their hands and let me know that you can hear me? Ah, sweet. Those guys. I got some of my existing customers. Whenever we do our office hours, we see people raise their. I get people to raise their hand. Holy moly, my entire screen is now filled up with these little superimpose. This person raised their hand. So it's great. You can put all your hands down now. That's your developer calisthenics for the day. All right. So we've got about an hour. And I got a lot of stuff that I want to cover. And I want to answer all of your questions and help you with this. So let's go ahead and get started. Very briefly, my name is Andrew Connell. I've been I'm the founder and the main person behind Voitanus. I'm also was was quite involved in helping Microsoft develop the Microsoft 365 certification for developers, as well as building a lot of the self-paced content. I'm going to give you a little bit more about my background with this in just a minute. I'm also an MVP for office development. I've been doing specifically SharePoint development for, I see, 17 years now, since 2003. But I do a lot of stuff with identity and graph, more stuff with Microsoft Teams these days, and even familiar also with office add-in-based development. I have a podcast that co-hosts with weekly episodes that come out every week about the Microsoft Cloud. And then we've been covering almost seven years into it now. And I also am the founder of Voitanus. And Voitanus is primarily in the past has been focused on SharePoint framework-based education. You're going to see that expand a little bit over the rest of this year. And but yeah, I'll just tease that out. How's that? So we're going to see expanded a bunch of other stuff throughout the year. All right. So let's talk a little bit about the exam and the certification. I want to start off first, though. And I want to ask everybody a question here. How many of you are planning on taking the certification, taking the exam, the MS600 exam, to pass the certification? And while you guys are answering this, for those of you who don't know, there is one prerequisite to get certified. And that is to pass the MS600. Pass the MS600 exam. That's the only thing you have to do. That's what I want to make you aware of in this webinar series. We've got six webinars we're going to do over the course of three weeks, two a week. All of them are at 1 o'clock Eastern, except for today, because yours truly completely screwed up and did not look at my calendar. Somehow, when I scheduled these, I was looking at my wife's calendar. Don't ask me how I did that. Complete user error thing. At least I'm a developer. I'm not much of an end user. And I double-booked myself. So we'd already put the invites out, so I screwed that up. But this session is at 11 o'clock, or sorry, at 1 o'clock today. I look at that. We got one person who's already passed it and you're already certified. I wonder why you've joined us. All right, sweet. So I'm going to go ahead and end this poll in about 10 seconds. Eight seconds, seven, six, five, four, three, two, one. And we will end the poll. Oh, where's my mouse? End the poll. Sweet. All right, so what I see here is about 70% of you are interested in becoming, are planning on taking the exam. And another 30% of you are like, maybe, maybe not. We'll see. Well, hopefully, I'm going to convince you to get to be interested in doing this. All right, so we will look at that a little bit later. I'll have another poll for you a little bit later. So what are you going to be tested on in the Microsoft 365 certification during our webinar today? If you have any questions, post them in the QA panel. Post them in the QA panel so that you can, and I'm more than happy to answer those as we go along. What is the certification all about? What do you have to know? Well, there are five different workloads that you have to know and that you're going to be tested on in the MS-600 exam to become certified. You're going to need to pass the exam with at least a 70% among all of the workloads collectively together. 70% or better to be able to pass. So what that means is that you can have known nothing about one of these specific workloads. And if you know all the other ones, you're in great shape. So for me, for example, my weakest area, if I had to pick, and I'm going to ask you guys this in a minute, my weakest area is easily Office Add-ins because it's the least customization or extensibility stuff that I do when it comes to Microsoft 365. So what things are covered? Microsoft Identity and Azure AD. So that is the one we're going to cover today. But then we have other webinars we're going to do related to Microsoft Graph, related to SharePoint, specifically SharePoint Online, Microsoft Teams, and Office Add-ins. And then I've got a bonus one at the very end. So just a little bit of proof here. Do I know what I'm talking about? Well, here's my results of the SharePoint, of the Microsoft 365 exam, the MS-600 exam. I took the exam at the beginning of the year when it was still in beta. And now it's no longer in beta. Anybody can take it. I just took it because I couldn't wait. I wanted to take it as early as I could. And I'm showing you what my results were. So this is a screen. And you can trust me that these are definitely my results because you can see I wasn't too thrilled about taking an exam at the time that I took it based on my picture. So here it shows you the different areas, the different workloads. And so the first one here on Microsoft Identity, I scored at about a 98, 90% somewhere around there. Amusing enough, I actually did best in Graph and then SharePoint. So I thought that SharePoint would be my top one, but Graph was my top one, which is interesting. At least it's interesting to me. But you can see that, you know, backing up what I said, that extending office, you know, I got a 78% on that one compared to all of them. Yes, the graphic is a little pixelated. It's a screenshot from a website. So it's okay, it won't be, not all of them are like that. Let's see, so let's go through some of this. Another thing here, I see a question here from Michael is asking what part of SharePoint will be covered in the test. We're gonna focus on this. I'm not sure what you're asking with that. If you wanna go through and give me a little bit more specifically, what are you looking for? Like SharePoint Online, SharePoint on-prem. But this is, we're gonna focus on identity today. SharePoint, let's focus on that when we get to the SharePoint webinar. When you register for this webinar, you've only registered for this, oh, we'll come back to that, sorry, I got ahead of myself. Let's talk a little bit about this certification itself. Right? So, and I'll talk a little about the certification itself and the exam and my experience in taking it and some things that you're gonna wanna end up probably paying attention to here. So, specifically, the exam that you get to take is called the MS-600. I have a link to it that you see right there on the slide, you can copy that out and just go to that URL. It's a case-sensitive URL, just it's a little redirect so you don't have to remember the whole long one. The MS-600 exam, that's gonna be, you should set aside about two to three hours to take the exam. I think it took me about an hour and 45 minutes, hour and a half, something like that, to take the entire exam and it covers everything. You have to take it all at one time and it covers everything. You can take it at a testing center and there's also the ability to take it at home. I took it at home and it's an interesting experience. They make you go through a really rigorous setup thing to make sure that everything has to be done, that you don't cheat, right? So, somebody had a question here, Jose, or sorry, not Jose, Mr. Menendez, I'm sorry, I can't pronounce your first name. I'm gonna mess that up. Is asking, can the exam be taken online? Yes, that's how I took it. I took it online at home and man, they make you go through a lot of requirements that you have to clear everything off your desk, you have to take your phone, you have to go put that out of reach. If you have two monitors set up, you have to take one of them off and go set it way out of reach. They make you take your phone and your webcam and take a video, a live video of your desk, of like the view from the left side, the view from the right side, the view above you, the view below you. You can gotta walk around with your phone and take a picture coming back at your desk to make sure there's nobody, maybe from what you can see at your desk. They are very, very particular about making sure that nobody has any extra help when you're taking the exam. So much so that I even had during, when we were at the start, the proctor made me hold my hands up like I had nothing on my hands or written on my hands and they saw my watch and I had to take my watch off and go move it way out of reach and sitting at the desk. They listened to you during the entire thing. You gotta have your mic turned on and your webcam turned on and at one point like one question was kind of confusing to me so I had to read it out to myself and they even came on and said you can't talk because they don't want you copying the answers down or copying the questions down and selling them later. It's pretty intense. So much so that if you have the option to go to a testing center, then that might be preferred but again in these days and times might make more sense to do it, the staying remote. Somebody asked a question there. Can you have a pen and paper to take your own notes? Nope, can't have anything on the desk. Absolutely nothing. I had to take everything off my desk and move it away. The only thing that was on my desk was my laptop and my dock, my hub, my docking station. All right, so that's, back up, that's the exam that we're gonna go through a lot of that stuff today. For the certification itself, once you pass the exam, you are officially certified. Now, what does it mean that you're certified? So what Microsoft does, what Microsoft Learning does when they are testing your competency level. They're looking at three different stages or three different points. The top level or I guess the bottom level, let's call that because usually we're working up to a higher level of an expert. The lowest level is a foundational level and a foundational level is someone who has knowledge about the technology, maybe can't implement a solution but they can speak intelligently about it. And the way I like, the way I like to do it is or the way I like to explain it is I like to think about someone who is going into a meeting with a customer and they say their business problem and then that person can explain, here's what we're gonna build and here's how it's gonna work. They don't know the APIs, they don't know all the requirements for each individual thing but they generally know how all this stuff works. And so they can at least explain it and they can talk the talk. Somebody at the associate level is someone who has, and I know this is gonna sound a little weird but just bear with me. Someone who at the associate level is someone who has four years of experience with the technology and they can do it on their own. And the reason I said, bear with me it sounds a little weird is that clearly SharePoint framework and Microsoft Teams hasn't been around for four years. So, but you're looking at someone with that kind of experience. So someone who can sit there and they can actually do all this stuff without having to always look at the documentation every single time. They can get building and be productive. Someone at the expert level is the way I like to look at it is that somebody who can teach. That's somebody who can teach all this stuff and they can teach a class to someone to get them at the associate level. This certification is testing people at the associate level. It's not testing at the foundational level. It's not testing at the expert level. Now, Microsoft is the way it's designed is it supposed to be Teams, SharePoint and Office add-ins are at the associate level whereas Graph and Identity are at the, sorry, let me say that again, I messed that up. Teams, SharePoint and add-ins are at the foundational level. Whereas Graph and Identity are at the associate level. But when I took the exam, I saw questions on there about SharePoint and Teams that to me were definitely not at the foundational level. They were definitely at the associate level. And we've had some feedback going back and forth with them when I gave them feedback on the exam. I don't know if it was taken into account, but I mean, it was what it was what it was. The, yeah, so that's what you're looking at in terms of how things are gonna be tested. So a couple of questions here. What components of SharePoint, like which part of SharePoint will the test focus on? It's mostly going, so I think it's SharePoint framework. So it's not things like add-ins. It's not things like very specific endpoints with the REST API with SharePoint. Really not PowerShell. Let's see, what else would I say? It's not like column formatting and list formatting type stuff. It's really SharePoint framework is the main focus for everything. Is what you're gonna be tested on when it comes to SharePoint, okay? All right, correct. No admin questions. This is not an IT Pro exam. This is a developer exam. All right, now what I want to show you here is if you weren't aware of this, we are doing, I'm doing six of these webinars over the course of the next three weeks. So they're always on Tuesdays and Thursdays, generally at 11 a.m. East Coast Eastern Time, US Eastern Time, which is a UTC minus four or five. Oh, I just forgot. Oh, and of course the chat window is gonna cover it up. So is it UTC five? So let's say four. All right, so my bad. So they're generally gonna be all at 11 o'clock. And to be honest, the reason why I chose that, the reason why they're at 11 o'clock is that's whenever I'm doing presentations for Microsoft and we have to hit the biggest audience, they require them to be at 8 a.m. Pacific, which is 11 a.m. East Coast Time and it hits the majority of Europe and Asia. Clearly, it's gonna be a problem. It's always gonna be a problem when you're trying to hit people in Australia or in the APAC region. It is what it is. These are all being recorded and I will publish all of these on the Voitano site. They won't be published like right away when they're done. I'm gonna kind of batch them together and pull them together at a close together. I'm not sure if it's gonna be on a weekly basis, like the two from this week are published or whatnot, but I will publish them as soon as they are available. So just stay tuned to the blog and we'll send out emails when these have been published if you end up missing one. I'm gonna do a fun one at the very end, which is the behind the scenes, the making of the exam. So if you wanna learn a bit more about what Microsoft's process is for doing this, I did an overview webinar similar to this with another gentleman named Waldeck MasterCars from Rencore late in April. And this was a section that we like, let's just put this in at the end for like five, 10 minutes and we got a ton of questions about this. So I figured let's do a whole session on it. So if you're interested in see how Microsoft goes through this, I can give you the entire experience. I will tell you my background with the certification is I was involved at the very beginning to help identify what topics should be candidates for an associate level certification and a foundational level certification in each one of these five different workloads. I was involved in the whittling down of the topics and prioritizing what should be there and that involved sitting down with a bunch of people from the community and people from each one of the different product groups and subject matter experts as well as people from Microsoft Learning and Microsoft 365 development marketing. And we identified all the stuff that needed to be done. That generated what's called a spreadsheet. That is effectively it says all of the objective domain. These are all the things that you could be tested on. And then that main spreadsheet was provided to the exam question writers, the people who are writing a course, an instructor led course for the, to take the, if you wanna go buy a course and sit in an instructor teach you and I'll be get certified from that. And then also was handed to the person who built all of the self-paced training. So I was not involved in writing questions. Technically that was a conflict of interest. I went back and forth Microsoft Legal and I wasn't allowed to do that. I was allowed to do it, but I wouldn't be allowed to continue doing what I'm doing with Voigtanas because I wouldn't be allowed to sell training related to the same thing if I knew it was on the exam. So I wasn't allowed to do that. And I also, and I did not write the course because they're frank to be completely frank. Their requirements for the timeline on how fast the course had to be written were completely unachievable and what they wanted. Not only that, I thought the course was gonna be outdated really quick and I just wasn't gonna be involved in it. I didn't think they were making the right decision and I just, I walked away from that part of the project. I was involved though in building a lot of the self-paced content. I will tell you that like I do have plans with Voigtanas, we will be working, I will be doing a course when I finish my existing SharePoint framework course, there will be something that I will have from Voigtanas that's gonna, that will cover the MS-600 and the topics in the MS-600. And for those of you who are current customers of Voigtanas, I can tell you, it is not gonna be anywhere near as expensive as what the course that we have right now. It's not gonna be nearly as gigantic and all that because I'm gonna leverage a lot of the stuff that I did for Microsoft already that is freely available. It doesn't cover everything, but I'm gonna help you use the, make the best use of your time and your money to be able to take advantage of what's already available out there and give you the tips and the tricks on which you need to be able to pass it. If you're interested in any of these other, any of these other modules or these other webinars that we're gonna do over the next few weeks, tune in and subscribe to the Voigtanas mailing list, go to our site, we have a link on our, one of our recent blog posts that has a link to each one of these that you can register for. Just because you registered for this webinar today does not mean you got registered for all of them. Each one is individual, okay? So just making sure that point, I spelled that out. All right, so let me do this. So let me ask, before we dive into the identity section, I wanna ask you another question. Actually, is it two questions? Yeah, it's gonna show up as two questions. So I wanna ask you two questions here. What would be your strongest and your weakest areas of the exam of these different workloads? What do you feel, what technology are you strongest at and which one are you weakest at when it comes to these different topics? All right, so while you're answering that, I'll give you about a minute to do that. Let me look at these questions that we've got and let me see if I can, and I can respond to any of these A's questions. So we've got, let's see, what components of SharePoint? I answered that one from Michael. Praveen, how is SharePoint Framework connected Azure AD with respect to the Graph API? So that's gonna be more of a technical question specific to SharePoint Framework. I'm not gonna try and go into that too, I don't wanna do that too much, okay? I don't wanna go into that much detail here. So Praveen, if I have time, I'll come back to the end of the session here, but that really is more of a SharePoint Framework. You're asking a technical question on how do I do something? And we're not gonna do that in these webinars, okay? This is more about what is the exam that's a different, that'd be a different kind of a topic here. Are there any practice tests? Jim's asking any practice tests for the certification. Not from Microsoft, there's a bunch of like third party stuff. And these are people, these are companies that generally have hired someone to go in and take the exam, do what they can to steal the questions, or to remember them and then come out and do a brain dump and then write them all down. Your mileage may vary on those. I don't really recommend doing that. I'd rather, I think if you try and memorize the questions from those different practice exams, I don't, I've never had great success with that. I will tell you that the exam you take is gonna be different from the exam I take. And if you took it again, it's gonna be yet even different because there's a whole pool of questions that the exam is gonna be derived on as it's going through. For SharePoint No Having Questions, I answered that one. I'm not sure what that was about. Yes, we are recording it. So I answered that one. Do we know if there'll be a foundational level exam for technical sales and business analysts? We do not know that. We do not know that. That was discussed when we were building it. That was discussed when we were building the exam. We just, but we don't know if that's what, if they're gonna do that. They didn't have the budget for it this year, this fiscal year, but they're fiscal years up in June. So we'll see if they do it next year. Today you're gonna talk about MSAL, a little bit. A little bit, yes, Lewis. I'm gonna talk a little bit about MSAL. My work experience is only on-prem. How far am I behind? It depends. I mean, the different workloads are all over the place. I mean, with teams and you've only done on-prem, then you're gonna be deficient on the entire team section. Microsoft Graph is only online. So you're gonna be deficient there. SharePoint Framework is gonna cover, it's gonna cover stuff that goes all the way up to what's in SharePoint online and not on-prem. So you'll be some deficient there. So this is, remember, this is Microsoft 365 certification, which is about, Microsoft 365 is online experience. It's not on-prem. Let's see, beta exam is free. No, so the beta exam, first of all, Christopher is asking is, are the beta exam is free? So no, they're not. They were deeply discounted. But, and we didn't know, we took it like in January, but we didn't find out until late March, if we passed or not, and they were not free. And they're no longer available now. The beta exams are over, so it doesn't really matter. And then a dumb question, oh wait, sorry, no. You said the dumb question. What's the difference between the exam types, exam and certification types? So Arun, the difference is that you have to take an exam and pass it to achieve a certification. So think of the certification as like the trophy for passing the exam. So you don't do both, you only do one, and the result of passing the exam is the certification. Do I have enough time during the exam where you have to hurry? I thought they gave you more than enough time. You don't have to hurry. So I thought you have more than enough time, Ronald. Praveen is asking a question about our module today. That's a good question. So Azure Identity Module, does it include Azure ADSync, ADFS? No, that is all stuff that is not developer stuff. That's infrastructure, that's IT Pro stuff. We're gonna be talking about creating, well, you know what, you're gonna see it. But no, if it's IT Pro stuff, we don't do it. All right, so let me go ahead and end that poll. Let's see what we said. The vast majority, I'll come back and do more questions in a little bit later. The vast majority is saying that the strongest tech that you're associated, that you have, is SharePoint. That's where you're strongest. Less than, and we're talking like, all the other ones are less than 10%. The weakest, what are people weakest at? Ah, you're my people. About 60% of you said the weakest is Office Add-ins. Well guess what, don't feel scared about it, because I am too and you see that I passed. And I even got through the Office Add-in piece with a 60 some percent or the 70 some percent. So no big deal. The next one was identity and graph. I find that so interesting. I've asked this question to a bunch of people already and graph is way up there. That's really interesting to me. I thought more people knew it. Okay, we're halfway into this. I wanted to give you a bit of an update on, what is the exam, what things are covered in it? I'm gonna be doing the same type thing for the other webinars, for people who don't join every single one. But now, let's dive into identity and what do we have to do with identity? The identity section of the module or of the exam is gonna account for about 20 to 25% of the questions on the exam, okay? I found that to be on the higher side. In my experience, there were more than 20%. I found it to be a lot closer to 25%. In addition, Microsoft identity is an all-encompassing term that covers both Azure AD and Microsoft accounts, MSAs. So work in school and this other type. I do not, the certification is all about Microsoft 365 development, which does not include the Microsoft accounts and consumer services. So this exam, when you go to do this exam, you will only have to know things related to Azure AD. You will not have to know things related to Microsoft accounts. So even though it says Microsoft identity, just that's a marketing term. This is really only about Azure AD, all right? Now there's a bunch of content that you can go take a look at for self-paced exam or for self, not self-paced exams. For self-paced study, there are lectures that are involved with this, there are also labs. I've written all of this content, okay? You can get to it from this learning path that I have listed here on the slide. So docs.microsoft.com slash learn slash pass slash M365 dash identity dash associate. That points to about five or so modules that cover lots of different topics. And a lot of topics I'm gonna go through in just a minute. So like what? Well, let's go through some of these topics. So what things do you have to know? What things do you have to know about Microsoft identity? And this is where you wanna take notes. You need to understand how to register an application. And what I mean by that is by going to the Azure AD admin center and being able to not only register an app, but be able to manage all the different settings on that app. And when I say all the settings, just think like the critical path of all the settings. Don't think like I gotta know every nook and cranny of everything inside that UI. You need to understand the different kinds of accounts that you can create, right? Does it support single tenant or multi-tenant or personal accounts? What does that mean, right? Even though it's not about Microsoft, this exam is not about Microsoft accounts, you do need to understand what that means. So you understand what single tenants are, what multi-tenants are, and what personal accounts are. You understand what that is. You need to understand when you go to register an app, you need to understand things about what the different kinds of authentication flows are available to you. And when you would choose one over the other one. It's, and when I say authentication flows, we're talking about what are called OAuth flows, things like the authorization code flow, the implicit grant, the client credentials flow, the resource password owner flow, those different ones. You should understand what those are. How are they different? How are they unique? How are they different? And what scenarios do I wanna use each one of those? It's nice when you sit down, you actually go to build something because I think that each one of these flows are gonna, you're gonna get self-selected into each one. You're not gonna have a hard time picking one because whatever you're building is gonna effectively tell you, this is what you're gonna have to use. If you're building a single-page app, you've only got one choice. And that's the implicit flow, at least today. And I know someone's gonna raise their hand and say, yeah, but it's been deprecated and that we're supposed, today we're still using the implicit flow when it comes to Azure AD, okay? Yes, Azure is talking about doing some changes there and they're in different degrees of how much stuff has been done. But as far as the certification goes, I can tell you that none of that's there. Wink, wink, none of that stuff is there. Implicit flow is how you use single-page apps. You also wanna know about building, about defining roles for your apps. So how can I go into the app manifest in the admin center? And how can I define things like product owners or product administrators or product readers, viewers? And then how do I assign users to those different roles in these different apps? And then how can I actually write an app that's gonna consume data from, or that's gonna be able to make sure that I only show certain functionality or enable certain functionality in my app to people that are in specific app roles? So that's one thing that you're gonna need to pay attention to. Another thing that you're gonna need to know, how do you implement authentication on your custom apps? You're gonna need to, while I'm using, I have, it says MSAL.js, it's not just the MSAL.js, it's also the .NET provider. So here's what you need to know. You should understand the difference between the two main libraries with Azure AD. ADAL, which is the Azure AD authentication library, and MSAL, the Microsoft authentication library. ADAL goes to the V1 endpoints for Azure AD. Those are still available and they still work. They're not the preferred way of doing things, but they're still available and they still work. You need to understand what those are and how they differ from the big points, not in detail, but you have to understand the big points of how they differ from MSAL and the V2 endpoints. The biggest things that I think are the takeaways for MSAL and the V2 is number one, the V2 endpoints, it's a converged auth, which means that I use one authentication endpoint, set of endpoints to authenticate if I'm using a Microsoft account or a work in school account, Azure AD, right? That's one thing you need to know. Another thing you need to know is that the V2 endpoints are, oh, what was I just about to say? I just forgot it. I just completely blanked on it. What was I gonna say? The V2 endpoints are, oh, they support dynamic consent, whereas the V1 only support static consent. You should know what the difference is between dynamic consent and static consent. Now, when it comes to working with the different authentication libraries, for the most part, the exam is gonna push you or at least you should be more familiar with MSAL than you are ADAL. And you should understand how to configure a single page app using MSAL.js with a registered app that you created that we talked about in the past slide. And you should also know how to configure a web API or a, let's see, a web API or a, what do you call it? Like a web form, a web app, a web-based app, like a .NET Core web app, NBC app or API. You should understand how to configure that. You should understand the code, for the most part, focus on the .NET Core implementation, not the .NET framework. Focus on the .NET Core implementation of MSAL. There are gonna be questions on there that show you code snippets and ask you what is this doing? It doesn't ask you to write me code, but it asks you more to look at the code and determine what it's doing or pick the right code option to do something when it comes to authentication. So just be familiar with those two things. Two things being how do I configure an .NET Core app, ASP.NET Core, a web API, a console app? How do I configure it to work with MSAL and a registered Azure AD app? And then how do I configure a single page app with MSAL JS to handle authentication that way? You also need to understand the concepts, as I mentioned a minute ago, between dynamic and static consent and dynamic permissions and static permissions. You should understand what the differences are between both of those, okay? Now, you should also need to understand about permissions and how you deal with those permissions when you're consuming an API. Like if I built an ASP.NET web app and I wanted to connect and communicate with a, say Microsoft Graph, all right? You need to understand how to configure delegated permissions for your app. You also need to understand what the differences in how to configure application permissions. How are delegated permissions and application permissions? How are they different? And not only that, you also need to understand how do you identify admin consent requirements? So how do I identify when I need to go through admin consent and then how do I actually trigger it and consent to things for application permissions that require administrative consent? All right, those are some of the other things you need to be able to focus on. I'm going through all these topics first. I know I don't see anybody asking any questions. I can, we don't have a ton of slides here. I've only got I think like four or five more and we got 20 minutes. So if you have questions, if you're holding on to them, that's perfectly fine but we have plenty of time for questions at the end on the different topics that you need to know, okay? Another thing that you need to know here is how do you implement authorization to consume an API, right? So what does that mean? Kind of going back what I mentioned earlier, you need to understand how to configure your application to not only support logging in to Azure AD and support users logging in to your web app with Azure AD but you also need to know how to configure the app to be able to obtain an access token for an endpoint that your app is going to support. For example, if I built a web app and that web app is gonna show me data from somebody's calendar using the Microsoft Graph, then I need to know how to not only support someone logging in but then how to log in and authenticate to my web app but I also need to show how to support obtaining an access token from Azure AD that I can use to go call graph. So part authenticating with Azure AD for my user which is gonna give me not an access token it's gonna give me an ID token open ID connect ID token. And then it also needs to see how I get an access token to show that as well. Let's see, you also need to know, oh man, I was supposed to be in a code format there. The arrow on the right, okay. There's a couple of things I want you to also that I think you should also know. Sorry, not that you should also know you do need to know, there's questions about this. What is the difference between acquire token silent and acquire token? Now, in this slide, it says, how do you use MSAL JS and call acquire token silent and acquire token? I don't like the way that that's phrased. That's from one of the notes that I have from the exam but you should really take JS out of that because it really is anything MSAL. What is the difference between acquire token and acquire token silent? You need to know the differences between those two methods and why you would use one over the other or why you should fall back to one when one of them fails and when that would happen. The arrow on the right side, or sorry, the left side, my other right, the one that says configure an incremental consent scopes. You need to understand what dynamic consent is. I said this already, but you need to understand what happens and how you can go about obtaining incremental consent in your app and why you would want to do that. Why is that a good idea? Why is that a good idea to build your app using dynamic consent? When does it not make sense to use dynamic consent or incremental consent? When does it make sense to do static consent for some things and incremental for others? You should understand the differences there. A lot of this stuff's in the docs but a lot of it's kind of hard to pull out. Now, now's where it gets kind of fun. Well, let's just put fun in quotes. There's a whole section about things you need to know about what if I wanted to build my own API, my own web API, my own rest endpoint and I wanted to secure it with Azure AD. So I want to make sure that you have to submit a access token, a valid access token and your app must have gotten that access token by being granted permissions that my API requires. You need to understand how to do that. How do I go through and create an API? How I register it with Azure AD? How do I then configure it with MSAL? In order to be able to have it secured with Azure AD and be able to receive access tokens and how do I make sure that I validate those tokens to ensure that those tokens are, they came from Azure AD. Now, you don't need to know the code on how to go through and validate the access token. You need to understand the process and how MSAL makes it easier for you. Like under the covers, how do I do this? Think about it like baking a cake. I can't do it. I've never done it. Well, I might be able to do it, but I've never done it. It would probably come out really bad. But I know what the process is. I know you got to get some ingredients and then you got to put some stuff together. I know you or I know that certain things are important. I know certain kind of flour is important. I know certain kind, you got to make sure you put sugar in there. Be a terrible cake without sugar. Well, I should maybe not, it depends on the cake. But there's a lot of things that I know you got to put all this stuff together and then you got to put it in the oven. I don't know how long. I don't know how you have to mix stuff. I don't know if there's a special kind of, I know you got to do beat eggs, but I don't know how much you have to beat them. Those kind of details, you don't need to know that kind of stuff about accessing a token. But you do got to know that here's why it's important to cook the eggs. Here's why it's important for me to do things in this order, all right? That's the kind of stuff that I mean when you say validate the access token, all right? Now, here's another one. What about if I take that REST API that I've created and I want that REST API to call another API on my users behalf. So I've built a web app and that web app is going to show the user's calendar and maybe some other stuff. Well, maybe I don't want that web app to go direct to Microsoft Graph. Instead, I want it to go to my own API because my own API is gonna have its own business logic wrapped up around it to be able to do things like, let's say we're going to create a webinar, right? Well, that creating a webinar is gonna do a couple of things. It needs to use the Graph API to go create a new entry in somebody's calendar. It might need to use Microsoft Teams API or the Microsoft Teams endpoint in the Microsoft Graph to be able to create a brand new team and invite the users that register for that webinar into that team so that they can communicate and stuff during the webinar. So I have my own domain API that my apps want to talk to. Maybe it's a web app, maybe it's a mobile app, whatever, that's gonna talk to those and then that API talks to Graph. What are the things I need to pay attention to there? How should I handle my authentication? Is the API going to impersonate the user or not? Is the API going to, is the API going to connect to Azure or connect to Microsoft Graph as using application permissions? So it's gonna use a different kind of authentication flow like client credentials flow, right? There's a bunch of, all these different things we need to pay attention to. How do I get things like getting the access token using a client ID and a client secret? Should I be using a client secret? Should I be using a client certificate instead? Why would you wanna do that? Those are things that you should definitely know, okay? Seen a bunch of questions come in. I understand why some questions are coming in that are specific to SharePoint. Remember, we're not doing SharePoint today, guys. We're doing Microsoft Identity. I understand why the SharePoint questions are coming in because I'm a SharePoint guy, but I wanna focus on just the Azure AD stuff today and the Microsoft Identity stuff today. We have another webinar. We're gonna focus on SharePoint stuff, but I don't want this to turn into like the SharePoint webinar, okay? I do see some questions all about that. Ah, so we're done. There we go. So we got about 10 minutes for questions here. So I got a couple of questions I'm gonna run through. If you have a question, I would recommend, let's do this. I recommend that you go ahead and raise your hand to let me know you've got a question that you're typing in so I don't miss you, but make sure you put your question, you raise your hand and let me know that you're typing, okay? Put your question in the question panel and I will go through the questions that are being submitted, okay? So this is a link to the, to the, or not a link. This is a slide that talks about all the other webinars that we're gonna be doing in this series and we'll be going into each one of the different workloads. So Christopher had a question. Some of the times for these webinars are shown, for these questions being submitted are kind of weird. I'm jumping around for different times. It might be your time zone and not my time zone, which would be a strange way of doing it, but, okay, so let me go ahead and answer these. So Christopher has a question. Do these exams have an expiry date, like the old SharePoint ones, you need to renew them every three years? That's a great question. I don't believe so. I don't believe they do have an expiration date. I will look into that. That's a, let me write it up for that expiry. Great question. I will find out. Christopher, another question. So the.NET Core stuff for, for like configure authentication is based upon 2.1 LTS style code, or can this be 30 or 31 LTS? Every, that's a really good question. I don't know what the exam questions are, but what I do know is that all of the self-paced learning stuff is all based on 3.1, the.NET Core 3.1. It's all tested against that. It all works against that. I would be surprised if it's using the older stuff, if the exam questions are based off the older stuff. But then again, I, if, let me say it this way, I don't know the difference between 2.1 and 3.0 and 3.1 on the.NET Core authentication stuff. And I did just fine on the identity stuff. So think about that in terms of the depth of knowledge that you have to have in terms of the APIs. There were not any gotcha type questions. So I think if you know one of them, you're gonna be in good shape. If you had to focus on one, I'd go with the 3.1 version because that's the one that's currently supported. So hopefully that answers your question. Christopher has a question about, we have two Christopher's. Can you get an authorization token and not an access token or vice versa? So an access token is used for authorization. There is no authorization token. If I said authorization token, I meant access token. So I use an access token for authorization. There's only two, there's only three types of tokens. There's an access token, there's a refresh token and there's an ID token. You should know what the difference is between each one of those and how you get them. Is all, Michael, is all this information in the docs? Which docs? All of this information is supposed to be in the Azure AD and Microsoft identity documentation. In my humble opinion, their docs are not fantastic. They're good, but they're not fantastic. You will be able to answer every question on the exams based on what's in the docs, if that answers your question. So Jay has, I saw Jay just post something in the chat but right after I said that, he said from his experience, the Microsoft docs are getting really, really good. It all depends on the team. It all depends on the workload that you're talking about. It all depends on the workload. Some of them are and some of them are less, are not as good as others because it's not one team writing the docs. Each individual workload, each product group has their own. Yeah, so Jay followed up Graf in particular. Yes, Graf has done a very good job. SharePoint has done a very good job. I think SharePoint has done a really good job because their stuff is done a lot by the community. Like I know, I write, well, I'm partial to it because I write a lot of the docs for, I write a lot of the docs for the SharePoint team. But in my opinion, the docs for identity are one of the weaker of the five workloads. In particular, MSAL. Personally, I get incredibly frustrated with the MSAL docs partially because they're not in the docs. They're in Wikis buried inside of GitHub Repos and once you get into the Wikis, it's impossible. I've got more bookmarks in one folder in Chrome just keeping track of MSAL docs. See, somebody in the chat just basically said the same thing. Lewis said that MSAL, not so good. Let's see, Gory, is Microsoft Learn enough or any other resources available to explore? You can get by with just the resources that are available from Microsoft Learn. You can, you know what, I can't say that because it really depends on your experience level. Remember, if you're coming in this cold and you're saying I'm just gonna study the self-paced content that Microsoft has given us, I'm gonna have enough to be able to pass the exams, I don't know about that. So it really depends on what your experience level is and it's not something you can answer very easily because based on the workload, you're gonna have different, everybody's gonna have a different response. Christopher, our SharePoint groups connected the access token. I don't know what you mean by that, but that's not really, I think that's kind of, well, I don't know what you mean by that, I'm sorry. Let's see, do questions have sample code or how do you implement it? So as I said earlier, it really depends, the questions will not ask you to write any code, it's all multiple choice. You will either be given code and ask what it does or you will be asked a question and then some of the questions will have code options, you have to choose the right one or the wrong one because there may be multiple ways to do it. And again, if you go take an exam, you're gonna be like, wait a minute, I didn't get a question like that, Andrew was lying to me. Remember, there's a bank of questions and you may not get the same questions that I got or that somebody else gets. You may get lucky, you may miss one. Like when I took the exam, I took it at the same time that somebody else took it, my co-host for my podcast, Chris Johnson. And immediately after exam, after I took it, he took it and then I took it and then I called him and we kind of, we commiserated on some of the questions and some of the ones he got, I didn't get. Some of the ones I got, I had no idea what, he had no idea what I was talking about. Let's see, what languages do you need to understand? So I saw somebody else ask this, I can't remember who asked it, but somebody else asked a question about like what languages do you need to know? Dot net core and TypeScript. Yes, JavaScript, but dot net core and TypeScript and JavaScript and TypeScript. That's all you really need to know. Are those three things? Now let's see. Ah, good question. So this was not in the skills assessment that I was reviewing before I did the slides here. So Praveen's asking about, does it gonna ask me anything about Azure AD Groups, B to C, external users, or are they only focused on development stuff? You do need to know about B to B, B to C. So business to business, business to cuss, well, the world sees it as business to consumer, but Microsoft is trying to change the name to business to customer, whatever. You do need to understand about security groups and application roles. I've done a lot with ADLJS, how much is different from MSAL is so much to learn new. It's new, but I mean, if you understand the concept, it's not that much different, especially with the implicit flow. Let's see, so we did that, we did that. Do you know if MSDN will give me the ability to practice? Currently we're on AWS and all my Office 365 experience will be self-paced, but I do have an MSDN, I hope you want 365. So here's a good question with this. You don't need to buy anything to be able to test this stuff, to be able to get to practice, including MSDN, because you can go sign up for an Office 365 developer account, and with that, you get a free Microsoft 365 tenant with, I think it's five or 25 E3 or E5 licenses. You can do everything and test everything with that with one small exception. And that is, if you get into doing it when we start talking about bots, when I get to the bots workload, I think it's just bots. Yeah, I believe it's just bots. You have to create an Azure bot framework. You have to register a bot using the bot framework. And for that, you need to have a real Office 365, a real Azure subscription with a credit card tied to it. You won't spend hardly anything, but that is a resource that is not free without a paid Azure subscription. So I guess what I'm saying is, is max, you can get by with doing everything with just the internet connection in maybe five or 10 bucks. And that would be for five or $10, US dollars. And that would maybe be for just the Azure resources for doing bots. Oh, and yeah, that's right. And Azure gives you $200 credit in the very first month. You'll be more than fine. I'll put it to you this way. I was able to build all the self-paced content for like less than $5 on my Azure bill. I didn't even expense it to Microsoft. It was that low. Is there, are there already hands-on labs set up for us to use? Are there hands-on labs in Microsoft learning? Yes, are they set up? No, it is all 100% stuff that you do on your own, but you don't need an environment. It's very easy. It's done very much where you can just sit down. There's very little bit of prerequisites you would have to install and just use an Office 365 tenant. Let's see, I have just a few more questions. Let's see. So I got, we are one minute left. Let me do three more. Let's see, two more questions. And then I have one more poll question for you. Ron says, can you answer if this is covered in SharePoint section regarding SharePoint frameworks or JavaScript language or TypeScript specific questions? So this is even really a SharePoint question. I know, Ron, you said that this is, you asked if it was for a SharePoint section, but this really applies to everything across the entire certification, every single workload. The only thing, you do have to know some, you have to know TypeScript and JavaScript. If you know, but the, you don't really have to know it like at a low level. You just have to be comfortable with it. You don't have to write it because you're not gonna be asked to write any code. You just have to know how to read it and understand it. Same with that.net core, right? You don't have to know how to go write any of this stuff because everything is on multiple choice. So when it comes to like SharePoint stuff, you're only gonna work with TypeScript. When it comes to, let me see if I can get this right. So for all of the different workloads, for identity, you have to know JavaScript and.net core. Most of the identity stuff is all about.net core. For graph, it's all.net core. For the only JavaScript thing you had to know from identity was how to do MSAL JS. Let's see, what else do we have? We have office add-ins, that is all JavaScript and TypeScript. SharePoint framework or SharePoint is all TypeScript. And what's the last one? Teams, teams is all, it's all TypeScript. It's a mix of node and client side stuff as well. We don't use Visual Studio in anything. Everything is done using VS Code and everything is done using the free editors. Yeah, JavaScript, TypeScript.net core. Okay, so last question here. Oh, that was about the poll. Oh, Jim's got a good question here. Do you have to know React? The answer is no. It is, for somebody else, that's the same thing. No, you do not have to know React. React is a supporting technology. It is, you are not gonna be tested on React. You don't, like, for example, if you're doing SharePoint framework or Teams-based Dev, you don't have to use React. Therefore, Microsoft isn't gonna test you on it. But in order to build stuff, you do have to know some languages. You don't have to use any frameworks. The only framework-y kind of stuff that you have to know throughout the entire certification is SDKs, so like MSALJS or MSAL, or the Teams SDK, OfficeJS for Office Add-ins, SharePoint, Microsoft Graph SDKs, okay? That's all you end up really having, only SDKs you would have to know. Okay, now I got a question for you guys. I've had three questions so far. This is my last question I have for you. First selfish reason, one of the reasons I'm doing these webinars is not only to give you guys some info, but I'm also doing it because I do have plans to build a course that is going to help people get up to speed on the course, or get the speed on the exam certification. Now, I saw a comment that just came in and says, trick question, because what's it gonna cost? The answer is, I don't know off top of my head. Here's what I do know. It is not gonna be a very long course in terms of it is not going to be a, Mike, today I have a course on the SharePoint framework that is pushing 30, 35, 40 hours, right? And it's expensive. It's like 750 bucks today. And the price will go up when it's completely finished. So people who've already registered for it, they're in good shape, they don't have to pay any extra. But when the course is finished, when the final four chapters are added, we will be raising the price. For this course, my goal is not to reinvent the wheel. My goal is to get this course out as fast as I can. And that means I don't wanna reteach stuff that stuff is already out there. Here's the way I look at it. Microsoft hired me to write a bunch of content for the self-paced content for that's published on Microsoft Learning, right? You guys can go get that for free right now. You don't have to wait for me to teach to sell you a course to do that or to build a course that I may wanna sell you. So I'm gonna be completely transparent. I'm not gonna try and sell you something that's already out there. Instead, what I wanna do is I wanna be able to say, look, here's all the stuff that you need to know. Here's the things you need to focus on. Here's the certain things that are not in the self-paced content that they tell you that you don't need to know, but that you are gonna be tested on. And the price point that we're looking at for that is I can't commit to it, but I can tell you that if it's more than $200 or $250, then that's beyond the goal of what we're targeting right now, okay? So it should be something very manageable, especially for what you're going for. Oh, significantly less than the ultimate bundle, Kathleen. Significantly less. The goal is to get this out there. For people who are currently Voigtano's customers, I have to finish my course first. And then I have to finish the SharePoint framework course first, and then I can work on this next course. But yes, it will be much less. But it will be much less than that. I would love to make it closer to like 150 bucks because I want this to be a good resource that people can use and don't think twice about going to go to get it. So okay, sweet. I'm getting some great feedback here in the chat and I really appreciate it. There will be an email sent out for people who are interested in it eventually, and there's parts where you may get surveys and stuff. Just respond to it. There'll be a whole like early release option for it and a discounted price and all that, but let's focus on the content here today. I definitely appreciate that. Oh, Christopher, thank you very much for the comment about this being the best webinar. But guess what? This is just the first out of six. And someone had a great question there and said, well, where are the links for the other webinars? And that should have been on the slide. That was a dumb move by me. So I'm pulling up a link here and let's take this and let me in the poll and let me, give me, bear with me for just a second. Let me, come on PowerPoint. Let me get to my, oh, hold on. Zoom, where's PowerPoint? And let me make one update to that slide. Let me put a link to where you can find all of them. There, same changes, reshare. There we go. Okay, and let me share my screen again. Come on Zoom, where are you? Zoom. Ah, can't see. Share screen. Where's my slide? There, share, share. Okay, there we go. There you go. Now I got a link. So if you look, all it is is if you go to the top blog post on the Voitanos blog. So just go to Voitanos.io slash blog. That link is going to, that page has a link to every single webinar where you can go sign up for each one of these different webinars that we're gonna be doing. The next one, I know I went seven minutes over and I apologize for that. We'll be wrapping it up in the next three minutes. I will be respectful of your time. The link is not active in the slide. Yeah, it's not, it's just, it's a slide. It's not, I'm just sharing my screen there. There we go. Thanks, Roon. So yeah, if you go there, you will, if you go there, you'll get where you can go sign up for all the different, for all the webinars, for each one of the different webinars. And again, they will all be recorded and made available. I think I've answered every question. I have one more question from one person who's an existing customer of the SharePoint Framework course. And they're saying, should I go through that the SharePoint Framework course first before doing the exam specific training or does the order really matter? The more that you, the more the SharePoint Framework course you go through, the better shape that you're in because that's a lot more detail in it than what I would cover in the certification course. But then again, there's a lot more detail there that you're not going to be tested on. There's stuff you would do in your day job. But like for example, that course goes into things like how do you do DevOps and continuous integration and continuous deployment? Okay, it doesn't do it yet. I recorded the content this week and I'm going to publish it soon. But you won't be tested on topics like that. You won't be tested on React. You won't be tested on Angular. But the course covers all that kind of stuff. So there's a little bit of a difference there, okay? The more you do it, the better, okay? Awesome. Hey, everyone, thank you very much for attending this webinar today. I hope you got a lot out of this. I will publish the recording of this and let you all know via email when this has been published. I hope to see everybody on Thursday when we do our next one related to the Microsoft Graph. And with that, take care, stay safe, stay healthy and I will see everybody in a couple of days.