Quiz

Question 1

Which is the standard flow to use in a gateway to know what's inside an opaque token

Solution

Introspection

The phantom token flow defines a pattern to:

Solution

Hide sensitive data on the Internet but expose it internally

There are three methods to use tokens for API to API calls

Solution

Exchange, embed, share

What is good practice for the gateway when it comes to authorization

Solution

To validate the token and inspect the scopes to perform a coarse grained authorization decision

Last updated 1 month ago