nerdexam
(ISC)2

CISSP · Question #517

Which of the following authorization standards is built to handle Application programming Interface (API) access for federated Identity management (FIM)?

The correct answer is C. Open Authentication (OAuth). OAuth is an authorization standard that is built to handle API access for federated identity management. OAuth allows a user to grant a third-party application limited access to their resources on another service provider, without revealing their credentials or identity. For exam

Submitted by brentm· Mar 5, 2026Identity and Access Management

Question

Which of the following authorization standards is built to handle Application programming Interface (API) access for federated Identity management (FIM)?

Options

  • ARemote Authentication Dial-In User Service (RADIUS)
  • BTerminal Access Controller Access Control System Plus (TACACS+)
  • COpen Authentication (OAuth)
  • DSecurity Assertion Markup Language (SAML)

How the community answered

(23 responses)
  • A
    13% (3)
  • B
    4% (1)
  • C
    74% (17)
  • D
    9% (2)

Explanation

OAuth is an authorization standard that is built to handle API access for federated identity management. OAuth allows a user to grant a third-party application limited access to their resources on another service provider, without revealing their credentials or identity. For example, a user can use OAuth to allow a social media app to access their photos on a cloud storage service, without giving the app their username and password for the cloud service. OAuth uses tokens to represent the user's authorization and identity, which can be revoked at any time by the

Topics

#OAuth#API security#federated identity#authorization standards

Community Discussion

No community discussion yet for this question.

Full CISSP Practice