A developer is working on enhancing the security of a serverless infrastructure where user authentication is handled by an OIDC-compliant external identity provider. Upon a user's successful sign-in, the external service issues a token. The developer needs to ensure that this token is validated before allowing access to the serverless function endpoint. Which approach should the developer implement to enforce token validation?
Deploy client-side certificates to secure the endpoint and validate the incoming tokens.
Configure a role with specified permissions that authenticates users based on the provided token.
Apply a resource-based policy directly on the function to check for the presence of the token in the request.
Utilize a Lambda function programmed to evaluate and verify the token before proceeding with the request.