nerdexam
Cisco

350-401 · Question #665

What is the API keys option for REST API authentication?

The correct answer is A. a predetermined string that is passed from client to server. API keys are a common authentication method for REST APIs, involving a secret string shared between the client and server to verify requests.

Submitted by katya_ua· Mar 6, 2026

Question

What is the API keys option for REST API authentication?

Options

  • Aa predetermined string that is passed from client to server
  • Ba one-time encrypted token
  • Ca username that is stored in the local router database
  • Da credential that is transmitted unencrypted

How the community answered

(63 responses)
  • A
    87% (55)
  • B
    6% (4)
  • C
    5% (3)
  • D
    2% (1)

Why each option

API keys are a common authentication method for REST APIs, involving a secret string shared between the client and server to verify requests.

Aa predetermined string that is passed from client to serverCorrect

API keys are typically long, unique, predetermined strings (like a secret token) that a client includes with each request to an API, allowing the server to identify and authenticate the client and grant access based on predefined permissions. This string acts as a credential to authorize the client's API calls.

Ba one-time encrypted token

While some tokens are one-time, API keys are generally reusable and are passed as a secret string, which may or may not be explicitly 'encrypted tokens' in their raw form, although they should always be transmitted over encrypted channels like HTTPS.

Ca username that is stored in the local router database

API keys are client-side credentials used for authenticating with an API service, not usernames stored in a local router database.

Da credential that is transmitted unencrypted

Although API keys *can* be transmitted unencrypted if using HTTP, best security practices mandate transmitting them over encrypted channels (e.g., HTTPS) to protect their confidentiality, so 'transmitted unencrypted' is not a defining characteristic of an API key itself.

Concept tested: REST API key authentication mechanism

Source: https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-add-subscriptions#generate-an-api-key

Topics

#REST API authentication#API keys

Community Discussion

No community discussion yet for this question.

Full 350-401 Practice