A team has created a custom portal that lets users log in through an external provider instead of sharing passwords with the portal. Which method accomplishes this setup?
Prompt users to store their passwords in the portal database for each login
Replicate account credentials into a shared directory on the portal’s infrastructure
Redirect users to the external provider, have them grant access, then exchange the returned code for a token to request data
Forward credentials from the portal to a local identity service that verifies passwords directly
A solution that uses a token from the external provider, rather than credentials, ensures the portal does not store or transmit users’ passwords. The other options keep or handle credentials in a way that fails to delegate access securely or forces the portal to manage sensitive data.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of using tokens instead of credentials in authentication?
Open an interactive chat with Bash
How does the token exchange process work in this authentication method?
Open an interactive chat with Bash
What are the risks of storing passwords locally in the portal database?