A web aggregator needs limited account privileges from multiple services but does not want to store login details for each user. Which advantage is gained by implementing OAuth?
It requires the aggregator to keep encrypted passwords for each user in case of reauthentication
It relies on temporary credentials that can be refreshed, eliminating the need to maintain user logins
It saves user details in one location, providing a central store of credentials for all services
It relies on long-lived sessions across every service, reducing the frequency of new authentication steps
With OAuth, short-term credentials are granted to the aggregator, so it does not handle user passwords. The alternative methods listed either focus on retaining passwords, merging data into a single pool, or extending session life in a way that exposes sensitive information. By using time-bound credential grants, OAuth reduces the risk of credential theft while enabling the aggregator to gather the needed information.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is OAuth and how does it work?
Open an interactive chat with Bash
Why are temporary credentials more secure than long-lived credentials?