A media service wants to unify sign-ins across its different websites. Its plan issues a compact token containing user details after sign-in. Additional websites accept this minimal token without asking for credentials again. Which method is most appropriate here?
An extension of a widely used authorization approach that includes a minimal token carrying user claims
A certificate-based model that distributes client certificates to each affiliated website
An XML token-based strategy that depends on large assertion documents
A ticket system requiring separate key negotiations for each new session
An extension of an existing framework that provides a minimal token carrying user claims matches the described scenario. This approach supports seamless reuse across websites without repeated logins. The other methods involve tickets that require ongoing exchanges, large XML assertions, or multiple re-authentication steps, which do not align with relying on a compact token model.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a compact token?
Open an interactive chat with Bash
What are user claims in a token?
Open an interactive chat with Bash
How does seamless reuse of tokens work across websites?