AWS Certified Developer Associate DVA-C02 Practice Question
A development team is working on an application that allows users to access their order history on an e-commerce platform. The team decides to use bearer tokens to handle user authentication and authorization. What strategy should the developers implement to maximize the security of the application while using these tokens?
Store the bearer token in local storage and send it through regular HTTP to simplify the architecture.
Validate the bearer token once at the beginning of the user session and trust subsequent requests from the same user without further validation.
Email the bearer token to users for easy access and retrieval, ensuring they can authenticate their sessions easily.
Enforce HTTPS for all token transmissions and validate the token's integrity and revocation on the server with each request.