SY0-701 Question #536: Real Exam Question with Answer & Explanation

Question

An organization has recently decided to implement SSO. The requirements are to leverage access tokens and focus on application authorization rather than user authentication. Which of the following solutions would the engineering team most likely configure?

Options

• ALDAP
• BFederation
• CSAML
• DOAuth

Explanation

OAuth is the correct choice because it is specifically designed for application authorization using access tokens, allowing applications to access resources on behalf of a user without exposing credentials - perfectly matching both requirements stated in the question.

Why the distractors are wrong:

• A. LDAP - A directory protocol for looking up user/resource information; it handles authentication queries against a directory store, not token-based application authorization.
• B. Federation - A broad concept describing trust relationships between identity domains; it's an architecture pattern, not a specific protocol, and doesn't inherently focus on access tokens.
• C. SAML - Like OAuth, SAML supports SSO, but it uses XML-based assertions and is built around user authentication and identity exchange between parties, not application-level authorization with tokens.

Memory tip: Think OAuth = Outhorization (note the "auth" rhymes with "auth-orization"). Whenever a question mentions access tokens and application authorization together, OAuth is your answer. SAML handles who you are; OAuth handles what apps can do.

No community discussion yet for this question.