Developing Applications Using Cisco Core Platforms and APIs (DEVCOR) — Question 394

Which authorization steps are required to obtain an access token according to the OAuth2 authorization code grant flow?

Answer options

• A. Authenticate, get the authorization code, and send it with the client ID and client secret.
• B. Send the client ID and client secrets by using the grant flow type, get the token, and authorize by using a callback.
• C. Log in with a username and password using a form, get a token, and include the token in the body.
• D. Send the base64 encoded username, password, client ID, and client secret to the single sign-on manager.

Correct answer: A

Explanation

Option A is correct as it outlines the proper steps in the OAuth2 authorization code grant flow, which includes authentication, obtaining the authorization code, and sending it with the client ID and client secret. The other options misrepresent the process, either by omitting necessary steps or altering the sequence required to obtain the access token.