CompTIA Security+ (SY0-501) — Question 51
A web developer improves client access to the company's REST API. Authentication needs to be tokenized but not expose the client's password.
Which of the following methods would BEST meet the developer's requirements?
Answer options
- A. SAML
- B. LDAP
- C. OAuth
- D. Shibboleth
Correct answer: A
Explanation
The best choice is SAML because it allows for secure token-based authentication without exposing the client's password. LDAP and Shibboleth do not provide the same level of support for tokenization in this context, and OAuth is not the primary protocol for this specific requirement.