PL-400: Power Platform Developer Practice Exam

What the PL-400 exam covers

• Application Lifecycle Management123 questions
• Extend the User Experience108 questions
• Extend the Platform118 questions
• Develop Integrations108 questions
• Extend the User Experience and Platform88 questions

Free PL-400 sample questions

A sample of 10 questions with answers and explanations. Sign up free to practice all 545.

1. Question 1Application Lifecycle Management

   When should a developer extend Power Platform with PRO-code (e.g., plug-ins) versus low-code?

   • AOnly to assign IPs
   • BAlways, even for simple needs
   • Cnever; code is not allowed
   • DWhen requirements exceed low-code capabilities (complex server-side logic, integrations, performance needs)Correct
   ✓ Correct answer: D

   Power Platform is designed to maximize productivity through low-code development, which provides faster time-to-market, easier maintenance, and better supportability. PRO-code extensions with plug-ins should only be used when low-code capabilities cannot satisfy specific requirements, such as implementing complex server-side business logic, integrating with external systems that require custom authentication or transformation, or addressing performance challenges that demand code-level optimization.

   Why the other options are wrong

   • AOnly to assign IPs is incorrect because assigning IP addresses is an infrastructure concern unrelated to the decision between low-code and PRO-code development paradigms.
   • BAlways, even for simple needs is incorrect because overusing code introduces unnecessary maintenance burden, slows development, and contradicts the platform's design principle of using low-code where it suffices.
   • CNever; code is not allowed is incorrect because Power Platform explicitly supports and encourages PRO-code extensions as a necessary part of the application development strategy when needed.
2. Question 2Develop Integrations

   When should you choose an asynchronous (vs synchronous) Dataverse operation/plug-in?

   • AAlways, even when immediate consistency is required
   • BNever
   • COnly for DNS lookups
   • DFor longer-running or non-blocking work that shouldn't delay the user's transactionCorrect
   ✓ Correct answer: D

   Asynchronous Dataverse operations and plug-ins execute in a background queue after the primary transaction completes, making them ideal for work that doesn't need to block the user (sending notifications, updating related records after a delay, calling external APIs that might be slow, running batch processing, or generating reports). Asynchronous operations improve perceived performance and user experience by returning control immediately, while synchronous operations must complete within 2 minutes and directly block the user's action. Choose async when consistency-delaying work is acceptable, and sync when immediate results are mandatory.

   Why the other options are wrong

   • AAlways, even when immediate consistency is required is incorrect because asynchronous operations introduce latency that violates immediate consistency requirements.
   • BNever is incorrect because asynchronous operations are essential for scalable, responsive applications.
   • COnly for DNS lookups is incorrect because asynchronous work applies to any long-running or non-critical-path operation, not just DNS.
3. Question 3Develop Integrations

   To reduce cost for an event-driven integration with infrequent, bursty load, which Azure compute option is most cost-effective?

   • AA high-throughput Service Bus Premium namespace for a few messages/day
   • BA large App Service Premium plan reserved continuously
   • CAn always-on dedicated VM running 24/7
   • DAzure Functions on the Consumption plan (pay-per-execution)Correct
   ✓ Correct answer: D

   The Consumption plan for Azure Functions charges only for the compute time used during execution. For infrequent, bursty event-driven workloads with few messages per day, you pay only for the milliseconds of execution when events arrive, making it the most cost-effective option. There is no cost for idle time when no events are processing.

   Why the other options are wrong

   • AA high-throughput Service Bus Premium namespace for a few messages/day is incorrect because Premium namespaces have a flat monthly cost regardless of message volume; for a few messages per day, this is wasteful.
   • BA large App Service Premium plan reserved continuously is incorrect because reserved capacity incurs a fixed hourly cost whether the plan is used or not, resulting in high cost for infrequent traffic.
   • Can always-on dedicated VM running 24/7 is incorrect because VMs incur continuous compute charges even during idle periods, making them very expensive for bursty workloads.
4. Question 4Application Lifecycle ManagementSelect all that apply

   You are choosing between a synchronous plug-in and an asynchronous Power Automate flow for post-create processing. Which TWO factors push the design toward the asynchronous flow? (Choose TWO)

   • AThe work calls a slow external API and must not block the user's saveCorrect
   • BThe validation must complete before the row is committed
   • CThe result is not needed within the same transactionCorrect
   • DThe logic must roll back the record if it fails
   ✓ Correct answer: A, C

   Asynchronous Power Automate flows execute after the primary operation completes, so they do not block the user's save and do not participate in the Dataverse transaction. When external API calls introduce latency (especially slow third-party services), running them asynchronously prevents transaction timeouts and unresponsive UI. Additionally, when the result is not required to be available before the user continues work (i.e., not part of the same atomic transaction), asynchronous execution is more efficient and resilient than synchronous plug-ins.

   Why the other options are wrong

   • BThe validation must complete before the row is committed is incorrect because synchronous plug-ins are required when validation must happen before commit; asynchronous flows cannot enforce pre-commit constraints.
   • DThe logic must roll back the record if it fails is incorrect because asynchronous flows have no transactional relationship with the primary record update; they cannot automatically roll back the parent operation if they fail.
5. Question 5Extend the User Experience

   You want a model-driven OnLoad script to run only when a record is being created, not edited. How do you reliably detect this in client script?

   • AInspect window.parent.isCreateForm, a documented Client API global
   • Bcheck formContext.ui.getFormType() === 1 (Create)Correct
   • Ccompare the URL query string for 'mode=new'
   • Dcheck whether formContext.data.entity.getId() returns an empty string only after save
   ✓ Correct answer: B

   The formContext.ui.getFormType() method returns a numeric code: 1 for Create, 2 for Update, and 3 for Read. Comparing the return value to 1 is the documented, reliable way to detect whether the user is creating a new record or editing an existing one. This approach is more robust than parsing URLs or checking global variables.

   Why the other options are wrong

   • AInspect window.parent.isCreateForm, a documented Client API global is incorrect because window.parent.isCreateForm is not a documented part of the Dataverse Client API and is not reliable.
   • Ccompare the URL query string for 'mode=new' is incorrect because URL query parameters can be modified or are not always present in all forms—they are not a reliable detection method.
   • Dcheck whether formContext.data.entity.getId() returns an empty string only after save is incorrect because during Create mode, getId() typically returns an empty GUID or null, but this approach is indirect and less reliable than getFormType().
6. Question 6Extend the User Experience

   Which built-in canvas app capability helps you monitor and replay errors users encountered at runtime?

   • AA BIOS log
   • BA DHCP scope report
   • CApp monitoring with Monitor (and the App.OnError handler for capturing errors)Correct
   • DA DNS resolver trace
   ✓ Correct answer: C

   Canvas apps provide built-in monitoring capabilities through the Monitor feature, which displays detailed logs of app execution, formula evaluation, and network calls in real-time. Additionally, the App.OnError handler allows developers to capture and log unhandled errors that occur during app runtime. Together, these features enable you to replay user sessions, understand exactly what actions led to errors, and diagnose issues that users encountered in production environments without requiring direct reproduction.

   Why the other options are wrong

   • AA BIOS log is incorrect because BIOS logs are system-level firmware logs that have no relationship to canvas app error monitoring.
   • BA DHCP scope report is incorrect because DHCP scope reports display network IP address assignments and are unrelated to application error monitoring or runtime diagnostics.
   • DA DNS resolver trace is incorrect because DNS resolver traces show domain name resolution activity and are unrelated to canvas app error logging or user session monitoring.
7. Question 7Extend the Platform

   A plug-in works when run by an interactive user but throws a privilege/security error when triggered by a scheduled flow running as an application user. What is the most likely cause?

   • AThe plug-in assembly must be re-signed for service accounts
   • BScheduled flows always run as System and bypass plug-ins
   • CApplication users cannot trigger plug-ins at all
   • DThe application user lacks the security role privileges the plug-in's operations requireCorrect
   ✓ Correct answer: D

   When a plug-in runs synchronously during a user interaction, it executes in the context of the interactive user. However, when triggered by a scheduled flow (or asynchronously), it runs as the application user whose security role was assigned to the flow. If the plug-in performs operations such as reading, creating, or updating records, those operations are subject to the application user's security role privileges. A privilege/security error indicates the application user's role does not grant the necessary table-level read, create, write, or other permissions needed for the plug-in's logic to succeed.

   Why the other options are wrong

   • AThe plug-in assembly must be re-signed for service accounts is incorrect because plug-in signing is not role-dependent; all users run the same compiled assembly.
   • BScheduled flows always run as System and bypass plug-ins is incorrect because scheduled flows run as the designated application user, not System, and they do trigger plug-in steps.
   • CApplication users cannot trigger plug-ins at all is incorrect because application users can trigger plug-ins; the issue is a lack of security privileges, not a prohibition.
8. Question 8Develop IntegrationsSelect all that apply

   Which TWO settings reduce the risk of a Power Automate cloud flow exposing data inappropriately? (Choose TWO)

   • AShare the flow with the entire organization as co-owners
   • BApply DLP policies that block disallowed connectors in the flow's environmentCorrect
   • CStore credentials in plain-text compose actions
   • DRun the flow under a connection with least-privilege scopesCorrect
   ✓ Correct answer: B, D

   Data loss prevention policies prevent flows from using connectors that would cause data leakage, such as mixing business and personal cloud storage connectors. This is enforced at the environment level and blocks non-compliant flows from running. Additionally, when flows connect to external services, using connections with least-privilege scopes ensures the flow only requests the minimum permissions needed. For example, a flow should only request read access if it doesn't need to write, and should target specific resources rather than broad permissions. Together, these settings prevent both intentional and unintentional data exfiltration.

   Why the other options are wrong

   • AShare the flow with the entire organization as co-owners is incorrect because sharing flows broadly as co-owners grants edit permissions to many users, increasing the risk of malicious or accidental modifications that could expose data.
   • CStore credentials in plain-text compose actions is incorrect because storing credentials in compose actions within flows exposes them to anyone with flow edit access and violates all credential management security practices.
9. Question 9Extend the User ExperienceSelect all that apply

   A consultant is reviewing the React-based controls configuration at Litware Inc. Which two actions should be performed to optimize the implementation? (Choose two.)

   • Aform context
   • Bnavigation APICorrect
   • CPCF controls developmentCorrect
   • DDisable React-based controls monitoring
   • Ecomponent libraries
   ✓ Correct answer: B, C

   Navigation API is used to programmatically control app navigation and URL handling, which optimizes user flow within React-based controls. PCF controls development provides the framework for building custom controls with React or other technologies, enabling optimized rendering and performance. Together, these allow React-based implementations to handle navigation elegantly and ensure controls are built with proper framework integration. Navigation API manages the user journey while PCF controls development ensures the controls themselves are properly constructed and performant.

   Why the other options are wrong

   • AForm context is incorrect because it provides form metadata and methods, not a React-specific optimization technique.
   • DDisable React-based controls monitoring is incorrect as disabling monitoring degrades observability rather than optimizing implementation.
   • EComponent libraries is incorrect because it focuses on reusable components, not React-specific control optimization.
10. Question 10Develop IntegrationsSelect all that apply

    A consultant is reviewing the change tracking configuration at Proseware Inc. Which two actions should be performed to optimize the implementation? (Choose two.)

    • Aerror handling for integrationsCorrect
    • BPower Automate custom connectorsCorrect
    • Cupsert operations
    • DOpenAPI definition
    • EDisable change tracking monitoring
    ✓ Correct answer: A, B

    Optimizing change tracking implementations requires establishing robust error management and flexible integration capabilities. Error handling for integrations ensures that change tracking operations that fail due to network issues, timeouts, or invalid data transformations are properly logged and retried, preventing data loss and maintaining synchronization integrity. Power Automate custom connectors enable organizations to encapsulate change tracking logic with built-in error handling, making change detection and processing more reliable and maintainable across different data models.

    Why the other options are wrong

    • Cupsert operations is incorrect because upsert operations are a data processing technique, not an optimization action specific to change tracking.
    • DOpenAPI definition is incorrect because while OpenAPI can document APIs, it is not an optimization action for change tracking configurations.
    • EDisable change tracking monitoring is incorrect because monitoring is essential for detecting and troubleshooting change tracking issues.

PL-400 practice exam FAQ