AZ-204 is a developer exam, and it assumes you already write code. Where AZ-104 administers Azure and AZ-305 architects it, AZ-204 is about building, securing, integrating and monitoring applications on Azure with the SDKs. Microsoft’s audience profile is blunt about the bar: it expects participation in all phases of development and at least two years of programming experience, plus proficiency with Azure SDKs and tools. So the fastest route to passing is not memorising service descriptions but writing code against each service. This guide is a full self-study course built around the five skill areas Microsoft measures, explaining each one, why it matters to a developer, where people go wrong, and how to pace it. It is original teaching material and study guidance only, with no real or simulated exam questions. Confirm the current skills and weights against Microsoft’s own AZ-204 study guide before you book.
Chapter 1: Exam overview, retirement notice, and how to use this guide
Important: this exam is being retired
Before you plan anything, note that Microsoft has announced AZ-204 will retire on 31 July 2026, at 11:59 PM Central Standard Time. After that date you can no longer take it. If you have already started studying, this changes the calculus: you need a study timeline that lands your exam date safely before the retirement, and you should check the AZ-204 page on Microsoft Learn for the exact deadline and for any successor exam, so you choose the right credential rather than preparing for one that will soon be unavailable. Throughout this guide, treat the retirement as the hard outer boundary on your plan: if you cannot comfortably finish and sit the exam before late July 2026, look at the replacement path instead.
What AZ-204 actually measures
AZ-204 measures whether you can develop on Azure across five skill areas, with published weight ranges: Develop Azure compute solutions at 25 to 30 percent, Connect to and consume Azure services and third-party services at 20 to 25 percent, Develop for Azure storage at 15 to 20 percent, Implement Azure security at 15 to 20 percent, and Monitor, troubleshoot and optimize Azure solutions at 5 to 10 percent. Those weights are the most useful planning fact in this guide. Compute is the single largest area and deserves the deepest study and the most hands-on time, followed by integration (the messaging services), which is large and easy to under-prepare. Storage and security carry similar, smaller weights, but security in particular rewards precise knowledge, so do not skim it. Monitoring is the smallest area.
Format and pass mark
You get around 40 to 60 questions in about two hours, including case studies and other formats, and you need a scaled score of 700 out of 1000 to pass. The questions assume development experience, so they test practical use of the SDKs and services rather than definitions: expect to reason about which trigger to use, which consistency level fits, or how an app should authenticate, rather than to recite what a service is. As a role-based certification, AZ-204 is valid for one year and renews free through a short online assessment, though the retirement above means renewal is only relevant if you pass before the cutoff.
How to use this course
Read the five content chapters in order. Compute comes first because it is the heaviest area and because the other areas build on knowing where your code runs; storage, security, integration and monitoring then layer on. Treat every bold term as something you can both explain and use in code. The final chapters turn the content into a plan (anchored to the retirement date), a final-review routine, and a description of exam day. Short teaching examples appear where a concept is easy to misread; none are exam questions.
Chapter 2: Develop Azure compute solutions (25 to 30 percent)
This is the heaviest area, so give it the most time and the most code. Microsoft’s skills list breaks it into three: containerised solutions, App Service web apps, and Azure Functions. The unifying developer question across all three is “where should this code run, and how does it scale?”.
Implement containerised solutions
Containers package an application with its dependencies so it runs the same everywhere. The named developer skills include creating and managing container images, publishing an image to Azure Container Registry (a private store for your images), running containers with Azure Container Instances for simple or short-lived workloads, and building solutions with Azure Container Apps, a managed, serverless platform for running containerised microservices that scale. As a developer you care about the build-and-publish flow (turning your code into an image and pushing it to the registry) and about choosing between a quick single container and a scalable microservices platform. Practise the full loop: build an image, push it to a registry, and run it.
Implement Azure App Service web apps
Azure App Service is the managed platform for hosting web apps and APIs, and it is a workhorse for Azure developers because it removes server management. The named skills are practical and worth doing by hand: create a web app, configure and implement diagnostics and logging, deploy both code and containerised solutions, configure settings including Transport Layer Security (TLS), API settings and service connections, implement autoscaling, and configure deployment slots. Deployment slots deserve special attention because they capture a real release practice: a slot is a live staging environment where you deploy and test, then swap into production with no downtime, and the swap is also a fast way to roll back if something is wrong. Knowing how slots work, and that configuration can be slot-specific or swapped, is a recurring theme.
Implement Azure Functions
Azure Functions are the serverless option: small pieces of code that run in response to an event, scaling automatically, with no servers to manage. Two concepts are central and frequently tested. A trigger is the event that causes a function to run, and the named skills include implementing triggers using data operations, timers and webhooks (for example, a function that runs on a schedule, or when an HTTP request arrives, or when data changes). A binding is a declarative connection between a function and another service that passes data in or out without you writing connection code, and the skills cover implementing input and output bindings. As a teaching example of the difference: a queue trigger starts a function when a message arrives, an input binding might hand that function a related record automatically, and an output binding might write the result to storage, all declared rather than coded by hand. Getting triggers and bindings straight is one of the highest-value things you can do for the compute area, because they appear throughout the exam.
Common traps in this area
The most common slip is confusing App Service with Functions, so anchor the choice in the workload: a continuously running web app leans App Service, while short, event-driven pieces of work lean Functions. The second is treating triggers and bindings as interchangeable; remember a trigger starts the function, while bindings move data in and out.
Chapter 3: Develop for Azure storage (15 to 20 percent)
This area is about working with data from code, and Microsoft’s skills list focuses on two services: Cosmos DB and Blob Storage. The emphasis is on operations performed through the SDK, not on administering storage, which is the AZ-104 perspective.
Develop solutions that use Azure Cosmos DB
Azure Cosmos DB is a globally distributed, multi-model NoSQL database with low latency and tunable behaviour, and the developer skills are specific. You should be able to perform operations on containers and items using the SDK (creating, reading, updating and deleting data in code), set the appropriate consistency level for an operation, and implement change feed notifications. The consistency level is the concept most worth understanding deeply, because it is a genuine engineering trade-off: Cosmos DB offers a spectrum from strong consistency (every read sees the latest write, at higher latency and cost) to eventual consistency (reads may briefly see stale data, with the best performance and availability), with several useful options in between. The change feed is a stream of the changes made to a container, which lets you trigger downstream processing whenever data changes. A related design concern that underpins performance is the partition key, the property Cosmos DB uses to distribute data, and choosing it well is what keeps a Cosmos DB solution fast and scalable. As a teaching example of the consistency trade-off: an application showing a running total that must always be exact leans toward stronger consistency, while a social feed that can tolerate a brief lag can use a weaker level for better performance.
Develop solutions that use Azure Blob Storage
Azure Blob Storage is object storage for unstructured data such as files, images and backups, and the developer skills are about manipulating it in code: set and retrieve properties and metadata on blobs, perform operations on data using the appropriate SDK, and implement storage policies and data lifecycle management. Lifecycle management lets you define rules that automatically move blobs between access tiers or delete them over time, which controls cost without manual intervention. The thread connecting both storage services is that the exam wants you to write the operation, choose the right setting (a consistency level, a tier, a lifecycle rule), and understand the consequence, rather than to describe the service in the abstract.
Chapter 4: Implement Azure security (15 to 20 percent)
Security carries a smaller weight but rewards precise knowledge, so do not skim it. Microsoft’s skills list has two strands: authenticating and authorising users, and securing the application’s own secrets and access. Both are about identity, the backbone of secure Azure development.
Implement user authentication and authorization
This strand is about letting the right people and applications into your app. The named skills include authenticating and authorising users with the Microsoft identity platform, authenticating users and apps with Microsoft Entra ID, creating and implementing shared access signatures (SAS), and building solutions that interact with Microsoft Graph (the API for accessing data across Microsoft 365 and Entra). The concept worth holding firmly is the access token: after a user or app authenticates, it receives a token that it presents to access a protected API or resource, and the modern protocols behind this, OAuth 2.0 for authorisation and OpenID Connect for authentication, are what the identity platform implements. A shared access signature is a different tool for a different job: a time-limited, scoped token that grants access to a specific storage resource without sharing the account key. Knowing when you need a user signed in via the identity platform versus when you need a SAS for delegated storage access is exactly the kind of distinction the exam tests.
Implement secure Azure solutions
The second strand is about protecting the application’s own credentials and configuration, and it contains one of the most important ideas on the exam. The named skills are: secure app configuration data with Azure App Configuration or Azure Key Vault, develop code that uses keys, secrets and certificates stored in Azure Key Vault, and implement Managed Identities for Azure resources. Key Vault is the secure store for secrets, keys and certificates, so that sensitive values never sit in code or config files. Managed Identities are the crucial partner concept: a Managed Identity lets an Azure resource, such as a function or web app, authenticate to other services without storing any credentials at all, because Azure manages the identity for it. As a teaching example of the pattern the exam rewards: rather than putting a database connection string in your app’s configuration, you store it in Key Vault and give the app a Managed Identity that is allowed to read that secret, so there is no credential to leak. The combination of Key Vault plus Managed Identities is the canonical secure pattern, and recognising it is high-value.
Chapter 5: Connect to and consume Azure services and third-party services (20 to 25 percent)
This is the second-largest area, and it is easy to under-prepare because it covers several services that look similar at a glance. Microsoft’s skills list has three parts: API Management, event-based solutions, and message-based solutions. The developer skill is choosing the right integration mechanism and implementing it.
Implement Azure API Management
Azure API Management lets you publish, secure and govern APIs behind a single gateway. The named skills include creating an API Management instance, creating and documenting APIs, configuring access to APIs, and implementing policies for APIs. Policies are the powerful part: they let you transform, throttle, authenticate and otherwise control requests and responses without changing the underlying service, for example by adding rate limiting or rewriting headers at the gateway. Understanding that the gateway sits in front of your APIs and applies cross-cutting controls is the key idea here.
Develop event-based solutions
Event-based integration is about reacting to things that happen, and the named skills cover Azure Event Grid and Azure Event Hubs. These are often confused, so distinguish them clearly. Event Grid routes discrete events, such as “a file was uploaded” or “a resource was created”, to handlers in an event-driven architecture; it is about reacting to individual notifications. Event Hubs is built for high-throughput ingestion of large streams of telemetry or event data, such as logs or sensor readings, where huge volumes flow continuously. As a teaching example of the distinction: notifying a system that a single blob was created fits Event Grid, while ingesting millions of telemetry messages per minute from devices fits Event Hubs.
Develop message-based solutions
Message-based integration is about reliably passing work between components so they can be decoupled, and the named skills cover Azure Service Bus and Azure Queue Storage. Service Bus is the enterprise messaging service, offering queues and topics with richer features for reliable, ordered and transactional messaging between components. Queue Storage is a simpler, durable queue for basic decoupling of application parts. Completing the picture of this whole area means being able to separate four similar-sounding services: Event Grid for discrete events, Event Hubs for high-throughput streams, Service Bus for enterprise messaging, and Queue Storage for simple queues. The exam frequently hands you a scenario and asks which one fits, so reason from the shape of the traffic: discrete notifications, massive streams, rich enterprise messaging, or simple decoupling.
Chapter 6: Monitor, troubleshoot and optimize Azure solutions (5 to 10 percent)
This is the smallest area, but it is straightforward to learn and centres on a single service. Microsoft’s skills list covers monitoring and troubleshooting solutions using Azure Monitor Application Insights, with three named skills: monitor and analyze metrics, logs and traces; implement availability tests and alerts; and instrument an app or service to use Application Insights.
The concept to understand is observability from the developer’s side. Application Insights is the Application Performance Monitoring feature of Azure Monitor, and to use it you instrument your application, meaning you add the SDK so the app emits telemetry, after which you can analyse its metrics (numeric measures such as response times), logs and traces (detailed records that help you follow a request through the system and diagnose failures). Availability tests periodically check that your application is reachable and responding, and alerts notify you when something crosses a threshold. As a teaching example of why instrumentation matters: a function that occasionally fails is hard to diagnose from the outside, but with Application Insights capturing traces you can follow exactly where and why a request broke. Because this area is small, the goal is competence rather than depth: know how to add Application Insights to an app and what each kind of telemetry tells you.
Chapter 7: Study plan and timeline
With the content understood, the work is pacing it, and for AZ-204 the pacing has a hard constraint: the 31 July 2026 retirement. Build your plan backward from a target exam date that sits comfortably before the cutoff, and if that is not realistic, switch to the successor path now rather than preparing for an exam you cannot take.
Allocate time by weight
Spend your hours roughly in proportion to the weights. The most time goes to compute (25 to 30 percent) and integration (20 to 25 percent), a solid block on storage (15 to 20 percent) and security (15 to 20 percent), and a smaller, focused pass on monitoring (5 to 10 percent). Within those, weight your hands-on coding toward compute and toward the four messaging services in the integration area, since those are where developers most often lose marks.
Choose a timeline
A balanced plan for someone who already writes code and has some Azure exposure runs about eight weeks at roughly eight hours a week: weeks one to three on compute (Functions, App Service, containers), deploying each yourself; weeks four to five on storage and security, doing real read-and-write operations and reading a secret from Key Vault in code; weeks six to seven on integration and monitoring, publishing and consuming an event and instrumenting an app with Application Insights; and week eight on full-length, timed practice and weak-area review. Experienced Azure developers can compress to a six-week intensive at twelve hours a week, while those newer to Azure should stretch to a twelve-week steady plan at five hours a week, building AZ-900-level basics and Azure development experience first, always keeping the retirement date in view. To turn whichever timeline you pick into dated weeks for your own start date, use the free study-plan generator.
Build, do not just read
The exam assumes development experience, so the most reliable preparation is to build small solutions in a free Azure account rather than only reading: deploy an HTTP-triggered function, store and query data in Cosmos DB, read a secret from Key Vault using a Managed Identity, and publish and consume an event. Keep a running list of services and when to choose each, because the exam tests selection as much as syntax. Avoid unauthorized question-sharing sites that claim to reproduce the test; they breach Microsoft policy and copyright, and they teach you nothing about the SDKs.
Chapter 8: Final preparation, exam day, and format
Final preparation
In the final week or two, shift from learning to full-length, timed practice. Start with Microsoft Learn’s free practice assessment to calibrate, then sit several full-length tests, reviewing the reasoning behind every miss rather than only your score, and revisiting your weakest skill area. Aim to be scoring comfortably above the pass mark of 700 on fresh questions before you book. Confirm the current skills-measured list on Microsoft Learn close to your date, and confirm the retirement deadline so your booking lands before the exam is withdrawn.
Exam day and format
On the day, AZ-204 is delivered through Pearson VUE, either online with a proctor or at a test centre, with government-issued identification, and runs around 40 to 60 questions in about two hours, including case studies. You need 700 out of 1000 on a scaled score. Pace yourself so the case studies, which take longer to read, do not eat your time, and apply the developer reasoning you practised: identify what the scenario actually needs, then choose the service or setting that fits, which trigger, which consistency level, which messaging service, which authentication mechanism. Having actually written code against these services is the advantage that makes the practical questions feel familiar. Because the certification expires after a year but the exam itself retires on 31 July 2026, treat passing it as time-sensitive, and look to the successor exam and the AZ-400 DevOps path for where to go next.