Microsoft · AZ-204
Validates your ability to design, build, test, and maintain cloud applications and services on Microsoft Azure, including compute solutions, storage, security, monitoring, and service integration.
Questions
640
Duration
100 minutes
Passing Score
700/1000
Difficulty
AssociateLast Updated
Jun 2026
Microsoft is retiring Exam AZ-204 and the Azure Developer Associate certification on July 31, 2026. If you plan to earn this credential, you need to pass before that cutoff, so focused practice now matters more than ever. This AZ-204 practice exam helps you move quickly through the topics that carry the most weight while there is still time to certify.
The questions mirror what AZ-204 actually tests: developing Azure compute solutions (25-30%), working with Azure storage (15-20%), implementing security (15-20%), monitoring and optimizing solutions (5-10%), and connecting to Azure and third-party services (20-25%). Because it is an intermediate, code-heavy exam that expects hands-on work with the Azure SDKs, CLI, and PowerShell, the explanations focus on why an approach is correct rather than on memorizing service names.
Start with the free preview to find weak areas, then drill the full bank in short timed sessions. You have 100 minutes on test day and need a scaled score of 700 out of 1000. If you are close to ready, schedule your exam before the July 31, 2026 retirement date.
The Microsoft Certified: Azure Developer Associate certification, earned by passing Exam AZ-204: Developing Solutions for Microsoft Azure, validates a developer's ability to participate in all phases of cloud application development on Azure—from requirements gathering and design through deployment, security, performance tuning, and monitoring. The exam covers the full spectrum of Azure development skills, including compute solutions (App Service, Azure Functions, Container Apps, Container Instances), storage (Blob Storage, Azure Cosmos DB), security (Microsoft Entra ID, Key Vault, Managed Identities), observability (Application Insights), and service integration (API Management, Event Grid, Event Hubs, Service Bus, Queue Storage).
Last updated on January 14, 2026, the certification reflects current Azure SDK usage patterns and modern cloud-native development practices. Candidates are expected to work proficiently with Azure SDKs, Azure CLI, Azure PowerShell, and directly with Azure REST APIs. The certification is positioned at the intermediate (associate) level and is widely recognized across industries as a credible signal of hands-on Azure development capability.
This certification targets software developers with at least two years of professional programming experience who are actively building or planning to build cloud-native applications on Azure. Relevant job titles include Azure Developer, Cloud Application Developer, Cloud Solutions Engineer, and Full-Stack Developer with Azure specialization. Candidates typically collaborate with cloud solution architects, DBAs, DevOps engineers, and infrastructure administrators to deliver end-to-end solutions.
The AZ-204 is also a direct stepping stone for developers pursuing the AZ-400: DevOps Engineer Expert certification or adjacent paths such as Azure AI Engineer Associate. It is well-suited for developers transitioning from on-premises .NET, Java, Python, or Node.js backgrounds into cloud-first roles, as well as those already working in Azure environments who want a formal credential to validate their expertise.
Microsoft does not enforce formal prerequisites to register for AZ-204, but the official audience profile specifies that candidates should have at least two years of professional programming experience and proficiency working with Azure SDKs, Azure CLI, and Azure PowerShell. Familiarity with at least one Azure-supported programming language (C#/.NET, Python, Java, or JavaScript/Node.js) is effectively required, as exam questions are grounded in SDK-level implementation details.
Candidates with no prior Azure exposure are strongly advised to first complete the AZ-900: Microsoft Azure Fundamentals exam and accumulate hands-on experience deploying and managing Azure resources. Practical experience with compute services (App Service, Azure Functions), data storage (Blob Storage, Cosmos DB), identity (Microsoft Entra ID), and networking basics will significantly reduce preparation time and improve exam performance.
Exam AZ-204 is a proctored assessment with a 100-minute time limit, delivered through Pearson VUE either at a testing center or via online proctoring. The exam may include interactive lab components in addition to traditional question types such as multiple choice, drag-and-drop, case studies, and short-answer scenarios. Microsoft does not publicly disclose a fixed question count; candidates typically report encountering 40–60 scored items, but this varies.
Scoring is on a scale of 1–1000, with a passing score of 700 required. The exam is available in English, Japanese, Chinese (Simplified and Traditional), Korean, French, German, Spanish, Portuguese (Brazil), and Italian. Candidates who test in a non-English language may request an additional 30 minutes. The certification expires after 12 months but can be renewed at no cost by passing a free online renewal assessment on Microsoft Learn, available starting six months before expiration.
The AZ-204 certification opens access to high-demand roles such as Azure Developer, Cloud Application Developer, Cloud Solutions Engineer, and Senior Azure DevOps Engineer. Azure developer roles in the United States command salaries broadly ranging from $97,000 to $183,000 depending on seniority, specialization, and location, with median figures for certified professionals typically falling in the $130,000–$160,000 range. The U.S. market currently lists tens of thousands of open cloud engineering roles requiring exactly the skills AZ-204 validates, driven by enterprise cloud migration, distributed-team infrastructure needs, and data-intensive application development.
Beyond immediate salary impact, AZ-204 serves as a prerequisite stepping stone to the AZ-400: DevOps Engineer Expert certification and creates pathways into specialized areas including Azure AI engineering and IoT solution development. Microsoft's annual free renewal model means the credential stays current without additional exam fees, and pairing it with deployed GitHub portfolio projects and Microsoft Applied Skills credentials significantly strengthens a candidate's profile for senior roles and technical interviews.
5 sample questions with answers and explanations. Start a practice session to test yourself across all 640 questions.
Preview — answers shown1. A mobile application sends processing requests to a backend service. The solution must support FIFO ordering and store up to 70 GB of messages. A developer proposes using an Azure Storage Queue and a custom background service running on an Azure VM to process the messages. Does this solution meet all the requirements?
Explanation
No, this solution does not meet the FIFO ordering requirement. Here's why: This proposal fails for the same fundamental reason as using an Azure Function: the choice of queueing technology is wrong. Azure Storage Queues do not provide a First-In, First-Out (FIFO) guarantee. Messages can be delivered out of the order they were sent. The consumer (in this case, the VM) has no way of enforcing order if the queue service itself doesn't guarantee it. To meet the FIFO requirement, the solution must use Azure Service Bus, likely with the Sessions feature enabled. Why other approaches are incorrect: The storage capacity concern is unfounded; a storage queue can hold up to the storage account limit of 500 TB. The assumption that the VM can enforce message ordering is false; the VM cannot enforce an order that the queue doesn't provide. The claim that VMs cannot access storage queues is also false; VMs can easily access storage queues.
2. A developer writes code that uses the Cosmos DB .NET SDK. The code calls database.CreateContainerIfNotExistsAsync("Container1") and then successfully calls container1.CreateItemAsync() twice. Subsequently, the code calls database.CreateContainerIfNotExistsAsync("Container2"). Will Container1 contain two items after this code block executes?
Explanation
Yes, Container1 will contain two items. Here's why: Each call to the Azure Cosmos DB service using the SDK, such as CreateItemAsync, is an independent, atomic transaction. When the CreateItemAsync method completes successfully, the item is durably persisted in the database. The subsequent creation of another container, Container2, is a completely separate operation and has no effect on the state of Container1. There is no concept of a multi-container transaction that could be rolled back in this scenario. Why the other is incorrect: Cosmos DB does not have a transactional model that spans across multiple container or database creation operations like this. Each API call is its own transaction against the service.
3. Database developers need to connect to an Azure SQL database using SQL Server Management Studio (SSMS). They must authenticate using their on-premises Active Directory accounts, which are synced to Azure AD. To improve the user experience, the authentication process should be seamless and not require them to re-enter their password. Which authentication mode in SSMS should they select?
Explanation
The correct mode is 'Azure Active Directory - Integrated'. Here's why: Azure Active Directory - Integrated authentication is designed for this exact scenario. It uses Windows Integrated Authentication to seamlessly authenticate a user who is signed into a domain-joined Windows machine with their federated Active Directory credentials. When the developer, already logged into their work PC, tries to connect to the Azure SQL database from SSMS, this mode uses their existing Windows login token to acquire an Azure AD token without prompting them for a password. This provides the required single sign-on (SSO) experience. Why the others are incorrect: Azure Active Directory - Password would require them to type their password again. Azure Active Directory - Universal with MFA is for enforcing MFA, which is not the primary goal here. SQL Server Authentication uses a SQL username and password, not their AD account.
4. A secure web application for a financial institution is being built on Azure App Service. The security team has mandated TLS mutual authentication, where the web app must verify the certificate presented by the client. As a developer, you need to access and validate this client certificate within your application code. How is the client certificate made available to your web app?
Explanation
The correct answer is that the certificate is passed as a Base64 encoded string in the 'X-ARR-ClientCert' HTTP request header. Here's why: When you enable client certificate authentication (TLS mutual authentication) on an Azure App Service, the front-end load balancer terminates the TLS connection. It then forwards the client certificate information to your application's code via a special request header. This header is named X-ARR-ClientCert. The certificate itself is not passed as a file but is encoded into a Base64 string for safe transmission over HTTP. Your application code must then read this header and decode the Base64 string to reconstruct and validate the certificate. Why the other approaches are incorrect: Using cookies is incorrect because cookies are not used for this purpose; headers are the standard mechanism for passing certificate information in Azure App Service. Sending the certificate in the HTTP POST request body is incorrect because the certificate information is metadata about the request, not part of the request body or payload. Using the 'X-Client-Cert' header with plain text encoding is incorrect because the actual header name is X-ARR-ClientCert, and the value is Base64 encoded, not plain text, to prevent issues with special characters during transmission.
5. An application running on an Azure App Service needs to securely access several different Azure resources, including an Azure SQL Database and an Azure Storage Account, using its Managed Identity. To simplify permissions management, the administrator wants to assign a single built-in role to the App Service's managed identity that grants it the necessary permissions for both services. Which of the following is the best approach?
Explanation
The best and correct approach is to assign service-specific roles. The principle of least privilege dictates that you should only grant the exact permissions needed. There is no single built-in role that provides appropriate data-plane access to both SQL and Storage. The correct approach is to go to the access control (IAM) blade of the Azure SQL server and assign a role like 'SQL DB Contributor' to the managed identity, AND go to the access control blade of the Storage Account and assign a role like 'Storage Blob Data Contributor'. You must assign permissions on a per-resource, per-service basis. Assigning broad roles like 'Contributor' or 'Owner' at a resource group or subscription level is a major security risk as it grants far too many permissions, including the ability to delete resources.
Yes. Microsoft retires Exam AZ-204 and the Azure Developer Associate certification on July 31, 2026. After that date you can no longer take or renew it, so schedule before the cutoff if you are close to ready.
As of mid-2026, Microsoft has not published a direct successor exam for the Azure Developer Associate path. Watch the official Microsoft Learn certifications page for the updated developer credential.
AZ-204 costs USD $165 in the United States. The price varies by the country or region where you take the exam.
You need 700 on a scale of 100 to 1000. It is a scaled score, not a straight percentage.
You get 100 minutes. Microsoft does not publish a fixed question count, but it is typically 40 to 60 items, including multiple choice, drag and drop, and sometimes case studies.
It is an intermediate, code-heavy exam that expects real hands-on Azure development experience with the SDKs, CLI, and PowerShell. Most candidates find it harder than the AZ-900 fundamentals exam.
There are no formal prerequisites. Microsoft recommends about two years of programming experience plus familiarity with the Azure SDKs and tooling.
Developing Azure compute solutions (25-30%), Azure storage (15-20%), Azure security (15-20%), monitoring and optimization (5-10%), and connecting to and consuming Azure and third-party services (20-25%).
Microsoft Dynamics 365 Supply Chain Management Functional Consultant Expert (MB-335)
MB-335 · 2039 questions
Microsoft Dynamics 365 Business Central Functional Consultant (MB-800)
MB-800 · 1899 questions
Microsoft Certified: Azure AI Engineer Associate (AI-102)
AI-102 · 1392 questions
Microsoft Certified: Windows Server Hybrid Administrator Associate (AZ-801)
AZ-801 · 1376 questions
Microsoft Dynamics 365 Finance Functional Consultant (MB-310)
MB-310 · 1299 questions
Microsoft 365 Certified: Fundamentals (MS-900)
MS-900 · 1201 questions
$17.99
One-time access to this exam