nerdexam
Google

PROFESSIONAL-CLOUD-DEVELOPER · Question #235

You are developing a Java Web Server that needs to interact with Google Cloud services via the Google Cloud API on the user's behalf. Users should be able to authenticate to the Google Cloud API using

The correct answer is D. 1. When a user arrives at your application, route them to a Google Cloud consent screen with a. To allow users to authenticate with their Google Cloud identities via a third-party web application, you must implement the OAuth 2.0 Authorization Code Flow. The correct workflow routes the user to Google's consent screen with a client_id and requested scopes, receives an author

Implementing security and compliance

Question

You are developing a Java Web Server that needs to interact with Google Cloud services via the Google Cloud API on the user's behalf. Users should be able to authenticate to the Google Cloud API using their Google Cloud identities. Which workflow should you implement in your web application?

Options

  • A
    1. When a user arrives at your application, prompt them for their Google username and
  • B
    1. When a user arrives at your application, prompt them for their Google username and
  • C
    1. When a user arrives at your application, route them to a Google Cloud consent screen with a
  • D
    1. When a user arrives at your application, route them to a Google Cloud consent screen with a

How the community answered

(25 responses)
  • A
    8% (2)
  • B
    4% (1)
  • C
    16% (4)
  • D
    72% (18)

Explanation

To allow users to authenticate with their Google Cloud identities via a third-party web application, you must implement the OAuth 2.0 Authorization Code Flow. The correct workflow routes the user to Google's consent screen with a client_id and requested scopes, receives an authorization code upon user consent, exchanges that code for both an access token and a refresh token, and uses the refresh token to obtain new access tokens when they expire. Option D correctly implements this full flow including refresh token storage, which is essential for long-lived access. Option C is incomplete because it does not handle token refresh. Options A and B involve collecting user credentials directly, which is a serious security anti-pattern and violates OAuth principles.

Topics

#OAuth 2.0#Web Application Authentication#Google Cloud Identity#Authorization Code Flow

Community Discussion

No community discussion yet for this question.

Full PROFESSIONAL-CLOUD-DEVELOPER Practice