# AZ-305 — Question 603

**Type:** multiple_choice
**Topics:** topic_1

## Question

Your company, named Contoso, Ltd., implements several Azure logic apps that have HTTP triggers. The logic apps provide access to an on-premises web service.
Contoso establishes a partnership with another company named Fabrikam, Inc.
Fabrikam does not have an existing Azure Active Directory (Azure AD) tenant and uses third-party OAuth 2.0 identity management to authenticate its users.
Developers at Fabrikam plan to use a subset of the logic apps to build applications that will integrate with the on-premises web service of Contoso.
You need to design a solution to provide the Fabrikam developers with access to the logic apps. The solution must meet the following requirements:
✑ Requests to the logic apps from the developers must be limited to lower rates than the requests from the users at Contoso.
✑ The developers must be able to rely on their existing OAuth 2.0 provider to gain access to the logic apps.
✑ The solution must NOT require changes to the logic apps.
✑ The solution must NOT use Azure AD guest accounts.
What should you include in the solution?

## Correct Answer

_See scenario._

## Explanation

The given answer is correct. API management can use Oauth2 for authorization:
https://docs.microsoft.com/en-us/azure/api-management/authorizations-overview

**Reference:** examtopics_top_comment

---
Source: https://hiexam.net/q/microsoft/AZ-305/603  
Practice (tracked): https://hiexam.net/study/AZ-305/practice