Okta requires the OAuth 2.0 ‘state’ parameter on all requests to the ‘/authorize’ endpoint, in order to:

Okta requires the OAuth 2.0 ‘state’ parameter on all requests to the ‘/authorize’ endpoint, in order to:
A . Prevent XSS (Cross Site Scripting) attacks
B. Prevent MITM (Man-in-the-middle) attacks
C. Prevent CSRF (Cross-site Request Forgery) attacks
D. Statement is False in its entirety as Okta does not have a requirement for that

Answer: C

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments