Developing Applications and Automating Workflows Using Cisco Platforms (DEVASC) — Question 507

A developer prepares an API to be used by administrators. API requires username and password to be verified for validated access to data, however username-password combination of users must not be sent to the API service itself. Authentication and authorization will be provided over the same mechanism. Which authentication mechanism must be used by the API service?

Answer options

• A. OAuth Authentication
• B. Digest Access Authentication
• C. Basic Authentication
• D. API Key Authentication

Correct answer: A

Explanation

OAuth Authentication is the correct choice because it allows for secure token-based authentication without sending the username and password directly to the API service. In contrast, Basic Authentication and Digest Access Authentication require sending credentials, which contravenes the requirement, and API Key Authentication does not provide the same level of authorization capabilities as OAuth.