- All Exams Instant Download
If your client's 'token_endpoint_auth_method' is 'either client_secret_basic' or 'client_secret_post' you need to include the client secret in outgoing requests.
If your client's 'token_endpoint_auth_method' is 'either client_secret_basic' or 'client_secret_post' you need to include the client secret in outgoing requests.A . Statement is False in its entirety B. For 'client_secret_basic': Provide the 'client_id' and 'client_secret' values in the Authorization header as a Basic auth base64-encoded string within the POST request, as...
Use these method(s) when the client has a client secret. Okta supports the following authentication methods:
Use these method(s) when the client has a client secret. Okta supports the following authentication methods:A . 'client_secret_basic' B. 'client_secret_jwt' C. 'client_secret_post'View AnswerAnswer: A,B,C
When you are using the Okta Authorization Server, the lifetime of the JWT token is hard-coded to the following values:
When you are using the Okta Authorization Server, the lifetime of the JWT token is hard-coded to the following values:A . ID token: 60 minutes. Access token 30 minutes. Refresh token 60 minutes B. ID token: 60 minutes. Access token 60 minutes. Refresh token 90 days C. ID token: 30...
If you request a scope which requires consent while using the 'client_credentials' flow:
If you request a scope which requires consent while using the 'client_credentials' flow:A . The scope asked for is returned B. A user auth prompt is returned. Because the user is not authenticated C. An error is returned. Because as there is no user - no consent can be givenView...
'scope' is required only if 'password' is:
'scope' is required only if 'password' is:A . The 'grant_type' B. The 'claim' C. The 'password'View AnswerAnswer: A
When you want higher security in the flow, use:
When you want higher security in the flow, use:A . 'consent_method' set to 'REQUIRED' B. 'consent' set to 'REQUIRED' C. 'private_key_jwt' D. 'none' as the client secretView AnswerAnswer: C
'offline_access' can only be requested in combination with a 'response_type' that contains 'code'.
'offline_access' can only be requested in combination with a 'response_type' that contains 'code'.A . The statement is False is its entirety B. The statement is True, with the exception that instead of 'code'. there should be 'REQUIRED' C. The statement is True, as if the 'response_type' doesn't contain 'code', 'offline_access'...
'redirect_uri' is only required if 'grant_type' is:
'redirect_uri' is only required if 'grant_type' is:A . 'client_credentials' B. 'authorization_code' C. 'refresh_token'View AnswerAnswer: B
If no prompt parameter is specified, the behavior(s) that occur(s) is / are:
If no prompt parameter is specified, the behavior(s) that occur(s) is / are:A . If there is already and Okta session active, the user is silently authenticated B. If there is not an Okta session active already, the user is prompted to authenticate C. If scopes are requested that require...
'invalid_grant' error is thrown when:
'invalid_grant' error is thrown when:A . The 'code', 'refresh_token', or 'username' and 'password' combination is invalid B. The 'redirect_uri' doesn't match the one used in the authentication request C. The 'redirect_uri' doesn't match the one used in the authorization requestView AnswerAnswer: A,C
