- Email support@dumps4free.com
An API product in Apigee can be used to
A.
restrict access to a set of APIs
B.
configure the quota limits for APIs
C.
restrict access to APIs in different environments
D.
all of the above
restrict access to a set of APIs
Your APIs are configured as a relying party on an OpenID Connect platform. You need to inspect and verify
the OpenID Connect identity. What two actions should you take?
Choose 2 answers
A.
Verify the signature of the JWT using a shared secret.
B.
Parse the JWT to extract the exp: nbf and iat properties to determine if the token is still valid
C.
Pass the JWT to a preconfigured 3rd party for verification of the signature, exp, nbf and iat properties
D.
Use the OpenID Connect URL to locate a trusted 3rd party for verification the signature, exp, nbf and iat properties
E.
Using the JKWS URL in the OpenID Connect configuration, fetch the signing key to verify the JWT ignature and parameters
Parse the JWT to extract the exp: nbf and iat properties to determine if the token is still valid
Using the JKWS URL in the OpenID Connect configuration, fetch the signing key to verify the JWT ignature and parameters
You are using Apigee Edge as the OAuth Resource Server. The product owner asks you to create an API that logs a user out by revoking OAuth tokens. What should you do?
A.
Use the InvalidateToken operation with cascade=true
B.
Use the InvalidateToken operation with cascade=false
C.
Store a list of revoked tokens in Firebase. On each access, check the list and only allow unrevoked tokens through
D.
Store a list of revoked tokens in Key-Value Maps. On each access, check the list and only allow
unrevoked tokens through
Use the InvalidateToken operation with cascade=false
Which is a benefit of 2-way TLS (mutual TLS) for target endpoint connections?
A.
Sensitive data presented to end users will be encrypted
B.
Certificates can be used to verify the identity of both Apigee Edge and the target endpoint
C.
End users can use the name of the system to verify that they are connecting to a trusted system.
D.
All of the above
Certificates can be used to verify the identity of both Apigee Edge and the target endpoint
Which use case best fits the authorization code grant type?
A.
The client app is also the resource owner.
B.
The client app was developed internally and is highly trusted
C.
The client app was developed by an untrusted third party
D.
The client app runs on the end user's browser
The client app was developed internally and is highly trusted
| Page 6 out of 25 Pages |
| Previous |