You host an on-premises ASP.NET Web API at the company headquarters. The Web API is consumed by applications running at the company’s branch offices using the Azure Relay service. All the users of the applications are on the same Azure Active Directory (Azure AD).
You need to ensure that the applications can consume the Web API.
What should you do?
A. Create separate AD groups named Senders and Receivers. In Access Control (IAM) for the relay namespace, assign Senders the Reader role and assign Receivers the Reader role.
B. Create a Shared Access policy for send permissions and another for Receive permissions.
C. Create dedicated Azure AD identities named Sender and Receiver. Assign Sender the Azure AD Identity Reader role. Assign Receiver the Azure AD Identity reader role. Configure applications to use the respective identities.
D. Create a Shared Access policy for the namespace. Use a connection string in the Web API and use a different connection string in consumer applications.
