Answer-first summary for fast verification
Answer: Build or leverage an OAuth-compatible access control system
The question focuses on implementing delegated authorization for third-party tools accessing vehicle data via an API. OAuth 2.0 is specifically designed for delegated authorization, allowing third-party applications to access resources on behalf of users (dealerships) without sharing credentials. Community discussion strongly supports Option A, with high upvotes (e.g., 47 upvotes) and reasoning that OAuth handles authorization, while SAML (Option B) is for authentication/SSO, which is not required. Option C (IP-based restriction) is inflexible and doesn't support delegation, and Option D (secondary credentials) violates security best practices by sharing credentials. Thus, Option A is optimal for secure, scalable delegated authorization.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Your development team has built a structured API for retrieving vehicle data and wants to enable third-party development of dealership tools using this vehicle event data. You need to implement delegated authorization for this data.
What should you do?
A
Build or leverage an OAuth-compatible access control system
B
Build SAML 2.0 SSO compatibility into your authentication system
C
Restrict data access based on the source IP address of the partner systems
D
Create secondary credentials for each dealer that can be given to the trusted third party
No comments yet.