Exam 1z0-1084-23 Topic 9 Question 21 Discussion
Actual exam question for Oracle's 1z0-1084-23 exam
Question #: 21
Topic #: 9
Question #: 21
Topic #: 9
Which of these is NOT a valid authentication method for accessing an OCI API Gateway deployment?
Suggested Answer: A Vote an answer
Explanation
OCI API Gateway supports the following authentication methods for accessing an API deployment3:
* HTTP Basic: The client sends a username and password with each request. The credentials are validated against a user database in Oracle Identity Cloud Service (IDCS).
* API Key: The client sends an API key with each request. The API key is validated against a list of keys stored in IDCS or OCI Vault.
* OAuth: The client obtains an access token from an authorization server (such as IDCS) and sends it with each request. The access token is validated against the authorization server and optionally checked for required scopes.
* JWT Token: The client obtains a JSON Web Token (JWT) from an identity provider (such as IDCS or OCI IAM) and sends it with each request. The JWT is validated against the identity provider's public key and optionally checked for required claims. SAML Token is not a valid authentication method for accessing an OCI API Gateway deployment. SAML is an XML-based standard for exchanging
* authentication and authorization data between different parties, such as a service provider and an identity provider4. SAML tokens are typically used for web browser single sign-on (SSO) scenarios, not for API access4.
OCI API Gateway supports the following authentication methods for accessing an API deployment3:
* HTTP Basic: The client sends a username and password with each request. The credentials are validated against a user database in Oracle Identity Cloud Service (IDCS).
* API Key: The client sends an API key with each request. The API key is validated against a list of keys stored in IDCS or OCI Vault.
* OAuth: The client obtains an access token from an authorization server (such as IDCS) and sends it with each request. The access token is validated against the authorization server and optionally checked for required scopes.
* JWT Token: The client obtains a JSON Web Token (JWT) from an identity provider (such as IDCS or OCI IAM) and sends it with each request. The JWT is validated against the identity provider's public key and optionally checked for required claims. SAML Token is not a valid authentication method for accessing an OCI API Gateway deployment. SAML is an XML-based standard for exchanging
* authentication and authorization data between different parties, such as a service provider and an identity provider4. SAML tokens are typically used for web browser single sign-on (SSO) scenarios, not for API access4.
by Joseph at Dec 05, 2023, 04:25 PM
Contact Us
If you have any question please leave me your email address, we will reply and send email to you in 12 hours.
Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday
Support: Contact now
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).