If your client's 'token_endpoint_auth_method' is 'either client_secret_basic' or 'client_secret_post' you need to include the client secret in outgoing requests.

If your client's 'token_endpoint_auth_method' is 'either client_secret_basic' or 'client_secret_post' you need to include the client secret in outgoing requests.A . Statement is False in its entirety B. For 'client_secret_basic': Provide the 'client_id' and 'client_secret' values in the Authorization header as a Basic auth base64-encoded string within the POST request, as...

February 12, 2023 No Comments READ MORE +

Use these method(s) when the client has a client secret. Okta supports the following authentication methods:

Use these method(s) when the client has a client secret. Okta supports the following authentication methods:A . 'client_secret_basic' B. 'client_secret_jwt' C. 'client_secret_post'View AnswerAnswer: A,B,C

February 12, 2023 No Comments READ MORE +

When you are using the Okta Authorization Server, the lifetime of the JWT token is hard-coded to the following values:

When you are using the Okta Authorization Server, the lifetime of the JWT token is hard-coded to the following values:A . ID token: 60 minutes. Access token 30 minutes. Refresh token 60 minutes B. ID token: 60 minutes. Access token 60 minutes. Refresh token 90 days C. ID token: 30...

February 12, 2023 No Comments READ MORE +

If you request a scope which requires consent while using the 'client_credentials' flow:

If you request a scope which requires consent while using the 'client_credentials' flow:A . The scope asked for is returned B. A user auth prompt is returned. Because the user is not authenticated C. An error is returned. Because as there is no user - no consent can be givenView...

February 12, 2023 No Comments READ MORE +

'scope' is required only if 'password' is:

'scope' is required only if 'password' is:A . The 'grant_type' B. The 'claim' C. The 'password'View AnswerAnswer: A

February 11, 2023 No Comments READ MORE +

When you want higher security in the flow, use:

When you want higher security in the flow, use:A . 'consent_method' set to 'REQUIRED' B. 'consent' set to 'REQUIRED' C. 'private_key_jwt' D. 'none' as the client secretView AnswerAnswer: C

February 10, 2023 No Comments READ MORE +

'offline_access' can only be requested in combination with a 'response_type' that contains 'code'.

'offline_access' can only be requested in combination with a 'response_type' that contains 'code'.A . The statement is False is its entirety B. The statement is True, with the exception that instead of 'code'. there should be 'REQUIRED' C. The statement is True, as if the 'response_type' doesn't contain 'code', 'offline_access'...

February 10, 2023 No Comments READ MORE +

'redirect_uri' is only required if 'grant_type' is:

'redirect_uri' is only required if 'grant_type' is:A . 'client_credentials' B. 'authorization_code' C. 'refresh_token'View AnswerAnswer: B

February 10, 2023 No Comments READ MORE +

If no prompt parameter is specified, the behavior(s) that occur(s) is / are:

If no prompt parameter is specified, the behavior(s) that occur(s) is / are:A . If there is already and Okta session active, the user is silently authenticated B. If there is not an Okta session active already, the user is prompted to authenticate C. If scopes are requested that require...

February 10, 2023 No Comments READ MORE +

'invalid_grant' error is thrown when:

'invalid_grant' error is thrown when:A . The 'code', 'refresh_token', or 'username' and 'password' combination is invalid B. The 'redirect_uri' doesn't match the one used in the authentication request C. The 'redirect_uri' doesn't match the one used in the authorization requestView AnswerAnswer: A,C

February 10, 2023 No Comments READ MORE +