Exam4Training

If your client’s ‘token_endpoint_auth_method’ is ‘either client_secret_basic’ or ‘client_secret_post’ you need to include the client secret in outgoing requests.

If your client’s ‘token_endpoint_auth_method’ is ‘either client_secret_basic’ or ‘client_secret_post’ you need to include the client secret in outgoing requests.
A . Statement is False in its entirety
B. For ‘client_secret_basic’: Provide the ‘client_id’ and ‘client_secret’ values in the Authorization header as a Basic auth base64-encoded string within the POST request, as in: Authorization: Basic ${Base64(<client_id>:<client_secret>)}
C. For ‘client_secret_post’: Provide the ‘client_id’ and ‘client_secret’ as additional parameters in the POST request body
D. For ‘client_secret_basic’: Provide the ‘client_id’ and ‘client_secret’ values as additional parameters in the GET request body
E. For ‘client_secret_basic’: Provide the ‘client_id’ and ‘client_secret’ values in the Authorization header as a Basic auth non-base64-encoded string within the POST request, as in: Authorization: Basic
${<client_id>:<client_secret>}

Answer: B,C

Exit mobile version