When speaking about Scopes we have a 'prompt' value, a 'consent_method' and the 'consent'. If the 'prompt' value is set to 'NONE', but the 'consent_method' and the 'consent' values to 'REQUIRED', the
When speaking about Scopes we have a 'prompt' value, a 'consent_method' and the 'consent'. If the 'prompt' value is set to 'NONE', but the 'consent_method' and the 'consent' values to 'REQUIRED', theA . You will have an error telling you that the 'prompt' value can never be 'NONE' B. You...
'invalid_request' error is thrown when:
'invalid_request' error is thrown when:A . The request structure was invalid B. The basic authentication header is malformed C. Both header and form parameters were used for authentication D. No authentication information was providedView AnswerAnswer: A,B,C,D
Apps created on '/api/v1/apps' endpoint default to:
Apps created on '/api/v1/apps' endpoint default to:A . 'consent_method=REQUIRED', while those created on '/api/v1/clients' default to 'consent_method=TRUSTED' B. 'consent_method=REQUIRED', while those created on '/api/v1/clients' default to 'consent_method=REQUIRED' C. 'consent_method=TRUSTED', while those created on '/api/v1/clients' default to 'consent_method=TRUSTED' D. 'consent_method=TRUSTED', while those created on '/api/v1/clients' default to 'consent_method=REQUIRED'View AnswerAnswer: D
In regards to Authorization Server's Key Rotation:
In regards to Authorization Server's Key Rotation:A . You cannot rotate the keys manually, as it will surely cause permanent sync issues between authorization and resource servers B. You can rotate the keys manually C. Keys are rotated automatically by defaultView AnswerAnswer: B,C
Okta requires the OAuth 2.0 'state' parameter on all requests to the '/authorize' endpoint, in order to:
Okta requires the OAuth 2.0 'state' parameter on all requests to the '/authorize' endpoint, in order to:A . Prevent XSS (Cross Site Scripting) attacks B. Prevent MITM (Man-in-the-middle) attacks C. Prevent CSRF (Cross-site Request Forgery) attacks D. Statement is False in its entirety as Okta does not have a requirement...
When you are using a Custom Authorization Server, you can configure the lifetime of the JWT tokens, for example the lifetime of ID tokens.
When you are using a Custom Authorization Server, you can configure the lifetime of the JWT tokens, for example the lifetime of ID tokens.A . TRUE B. False, with the exception of the fact that some tokens' lifetime can indeed be customized in this situation, just not the ID tokens'...
The scope name must only contain printable ASCII, except for:
The scope name must only contain printable ASCII, except for:A . Spaces B. Double quotes C. Backslashes D. CommasView AnswerAnswer: A,B,C
The scope name must:
The scope name must:A . Start with 'okta' B. Not start with 'okta' C. Start with 'okta:' D. Not start with 'okta:' E. Not be only 'okta' or '*' F. Only be 'okta' or '*'View AnswerAnswer: B,D,E
If 'consent' value is set for 'prompt', then:
If 'consent' value is set for 'prompt', then:A . Okta consent dialog will be displayed only if the user hasn't already given consent B. Okta consent dialog might still be displayed, even if the user has already given consent C. Statement is False, as 'consent' is not a value for...
If you use a JWT for client authentication ('client_secret_jwt' or 'private_key_jwt'), you can use the following token claims:
If you use a JWT for client authentication ('client_secret_jwt' or 'private_key_jwt'), you can use the following token claims:A . The 'jti' token claim. The 'jti' claim fails the request if the expiration time is more than one hour in the future or has already expired B. The 'exp' token claim....