350-401 · Question #1123
Which mechanism does OAuth use to strengthen REST API security when compared to BasicAuth?
The correct answer is A. Token. OAuth strengthens REST API security over BasicAuth by utilizing tokens, which allow clients to access resources without directly exposing user credentials to the API.
Question
Which mechanism does OAuth use to strengthen REST API security when compared to BasicAuth?
Options
- AToken
- BSSL
- CAuthentication
- DTLS
How the community answered
(39 responses)- A90% (35)
- B3% (1)
- C5% (2)
- D3% (1)
Why each option
OAuth strengthens REST API security over BasicAuth by utilizing tokens, which allow clients to access resources without directly exposing user credentials to the API.
OAuth employs tokens (e.g., access tokens) as a credential mechanism, allowing client applications to access resources on behalf of a user without the user's actual username and password being directly shared with or stored by the client, significantly reducing credential exposure compared to BasicAuth.
SSL (Secure Sockets Layer) is a deprecated cryptographic protocol for securing communication; it is a transport-layer security mechanism, not an authentication mechanism specific to OAuth's design advantage over BasicAuth.
Authentication is the general process of verifying identity, which both OAuth and BasicAuth perform; it is not the specific mechanism OAuth uses to strengthen security in comparison.
TLS (Transport Layer Security) is a cryptographic protocol used to secure communication over a network; while essential for securing token exchange, it is a transport-layer security protocol, not the core token-based authentication mechanism that differentiates OAuth from BasicAuth.
Concept tested: OAuth token-based authentication vs. BasicAuth
Source: https://oauth.net/2/
Topics
Community Discussion
No community discussion yet for this question.