nerdexam
Cisco

300-835 · Question #45

Refer to the exhibit. An engineer needs to retrieve a list of devices that are xAPI enabled using Webex devices xAPIs with access-token 11111111AAAAaaaaaaaa1111aaA. To complete the python request, whi

The correct answer is C. 'Authorization': Bearer 11111111AAAAaaaaaaaa1111aaA'. Option C is correct because the HTTP Authorization header for OAuth 2.0 bearer tokens - which is what Webex access tokens are - requires the exact prefix Bearer followed by a space and the token value. This is defined in RFC 6750, the standard for OAuth 2.0 Bearer Token usage, an

Cisco Webex API

Question

Refer to the exhibit. An engineer needs to retrieve a list of devices that are xAPI enabled using Webex devices xAPIs with access-token 11111111AAAAaaaaaaaa1111aaA. To complete the python request, which line of code must be added to the box where the code is missing?

Options

  • A'Authorization': Token 11111111AAAAaaaaaaaa1111aaA'
  • B'Authorization': OAuth Token 11111111AAAAaaaaaaaa1111aaA'
  • C'Authorization': Bearer 11111111AAAAaaaaaaaa1111aaA'
  • D'Authorization': AccessToken 11111111AAAAaaaaaaaa1111aaA'

How the community answered

(53 responses)
  • A
    17% (9)
  • B
    4% (2)
  • C
    72% (38)
  • D
    8% (4)

Explanation

Option C is correct because the HTTP Authorization header for OAuth 2.0 bearer tokens - which is what Webex access tokens are - requires the exact prefix Bearer followed by a space and the token value. This is defined in RFC 6750, the standard for OAuth 2.0 Bearer Token usage, and Webex APIs strictly follow this standard.

Why the distractors are wrong:

  • A (Token) is used by some Django/DRF APIs, not Webex or OAuth 2.0 bearer token flows.
  • B (OAuth Token) is not a valid HTTP authorization scheme at all - it's a made-up distractor combining two unrelated words.
  • D (AccessToken) is also not a recognized scheme; it conflates the concept of an access token with the scheme name, which is simply Bearer.

Memory tip: Think "Bearer = Big standard" - Bearer is the RFC 6750 OAuth 2.0 standard used by virtually every major API (Webex, Microsoft, Google), so when you see an OAuth access token in an exam, Bearer is almost always the answer.

Topics

#Webex xAPI#Bearer token#HTTP Authorization#OAuth 2.0

Community Discussion

No community discussion yet for this question.

Full 300-835 Practice