Answer: Azure Active Directory (Azure AD)

The correct answer is B (Azure Active Directory) because Azure AD is the identity provider that issues security tokens for authentication and authorization. Security tokens (like access tokens, ID tokens) are dynamically generated by Azure AD during authentication flows, not stored as static secrets. While Azure Key Vault (option D) is used to securely store static secrets like API keys, passwords, and certificates, it does not issue security tokens. The community discussion shows strong consensus for Azure AD, with key points including: security tokens are generated per request and have short lifetimes (making storage in Key Vault impractical), applications connect to Azure AD to obtain tokens via OAuth 2.0/OIDC flows, and Microsoft documentation confirms Azure AD as the token issuer. Options A (Azure Storage account) and C (certificate store) are unrelated to token retrieval.

Author: LeetQuiz Editorial Team