What two actions should you take?

Your APIs are configured as a relying party on an OpenID Connect platform. You need to inspect and verify the OpenID Connect identity.

What two actions should you take? Choose 2 answers
A . Verify the signature of the JWT using a shared secret.
B . Parse the JWT to extract the exp: nbf and iat properties to determine if the token is still valid
C . Pass the JWT to a preconfigured 3rd party for verification of the signature, exp, nbf and iat properties
D . Use the OpenID Connect URL to locate a trusted 3rd party for verification the signature, exp, nbf and iat properties
E . Using the JKWS URL in the OpenID Connect configuration, fetch the signing key to verify the JWT signature and parameters

Answer: B,E

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments