ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-901 All Questions

View all questions & answers for the 350-901 exam
Go to Exam

Exam 350-901 topic 1 question 137 discussion

Actual exam question from Cisco's 350-901
Question #: 137
Topic #: 1
[All 350-901 Questions]

An application has initiated an OAuth authorization code grant flow to get access to an API resource on behalf of an end user.
Which two parameters are specified in the HTTP request coming back to the application as the end user grants access? (Choose two.)

  • A. access token and a refresh token with respective expiration times to access the API resource
  • B. access token and expiration time to access the API resource
  • C. redirect URI a panel that shows the list of permissions to grant
  • D. code that can be exchanged for an access token
  • E. state can be used for correlation and security checks
Show Suggested Answer Hide Answer
Suggested Answer: DE 🗳️
by FR99 at Aug. 18, 2020, 5:33 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
FR99
Highly Voted 3 years, 11 months ago
Answer is 'D & E' D. code that can be exchanged for an access token E. state can be used for correlation and security checks "If the user approves the request, the authorization server will redirect the browser back to the redirect_uri specified by the application, adding a code and state to the query string." https://developer.okta.com/blog/2018/04/10/oauth-authorization-code-grant-type "Assuming the resource owner grants access, the authorization server redirects the user-agent back to the client using the redirection URI provided earlier (in the request or during client registration). The redirection URI includes an authorization code and any local state provided by the client earlier." https://tools.ietf.org/html/rfc6749
upvoted 37 times
...
Bloody_sausage
Highly Voted 3 years, 9 months ago
I agree with FR99. There's only the auth code and state: HTTP/1.1 302 Found Location: {Redirect URI} ?code={Authorization Code} // - Always included &state={Arbitrary String} // - Included if the authorization // request included 'state'. reference: https://darutk.medium.com/diagrams-and-movies-of-all-the-oauth-2-0-flows-194f3c3ade85
upvoted 6 times
...
johntermlen
Most Recent 1 year ago
Selected Answer: DE
The correct answers are D. code that can be exchanged for an access token and E. state can be used for correlation and security checks.
upvoted 1 times
...
Teringzooi
1 year, 10 months ago
Selected Answer: DE
Agree with FR99 Correct answer: D & E D. code that can be exchanged for an access token E. state can be used for correlation and security checks "If the user approves the request, the authorization server will redirect the browser back to the redirect_uri specified by the application, adding a code and state to the query string." https://developer.okta.com/blog/2018/04/10/oauth-authorization-code-grant-type "Assuming the resource owner grants access, the authorization server redirects the user-agent back to the client using the redirection URI provided earlier (in the request or during client registration). The redirection URI includes an authorization code and any local state provided by the client earlier." https://tools.ietf.org/html/rfc6749
upvoted 1 times
...
cubic
2 years, 2 months ago
Selected Answer: DE
D and E
upvoted 2 times
...
kakonyib
2 years, 10 months ago
ANSWER IS "D" and "E" From cisco devcor elearning 6.7 OAuth 2.0 Three-Legged Authorization Flow : Once the user has granted permission, the authorization server will then redirect the user to the redirect URI . This redirect will also include the authorization code and the state parameter.
upvoted 4 times
...
5pik3
3 years, 4 months ago
I agree with FR99 as well.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel