Developing Applications Using Cisco Core Platforms and APIs (DEVCOR) — Question 62

An application uses OAuth to get access to several API resources on behalf of an end user.
What are two valid parameters to send to the authorization server as part of the first step of an authorization code grant flow? (Choose two.)

Answer options

• A. URI to which the authorization server will send the user-agent back when access is granted or denied
• B. list of the API resources that the application is requesting to access
• C. secret that was generated by the authorization server when the application registered as an OAuth integration
• D. list of scopes that correspond to the API resources to which the application is requesting to access
• E. name of the application under which the application registered as an OAuth integration

Correct answer: A, D

Explanation

The correct answers are A and D. A is necessary because it specifies where the user will be redirected after the authorization process, while D defines the scopes that limit the access to specific API resources. Options B, C, and E are not required parameters during the initial request in the authorization code grant flow.