ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
A company runs its web portal on Amazon ECS. When employees click a link, the portal must obtain an OAuth2 access and refresh token from the corporate IdP to call an external SaaS service. The exchange must occur on the backend so the browser sees only a short redirect and never the client secret. Which OAuth2 grant type meets these needs and current security guidance for confidential server-side apps?
Because the portal is a confidential server-side application, it can safely store a client secret and exchange an authorization code for access and refresh tokens over a back-channel HTTPS request. The Authorization Code grant was designed for this model: the browser receives only a short-lived code, so the secret and tokens remain hidden from the user. The Implicit grant would return tokens directly to the browser and cannot issue refresh tokens. The Resource Owner Password Credentials grant would force users to enter their passwords into the portal, which is discouraged and often disabled. The Client Credentials grant is meant for service-to-service scenarios without an end user, so it cannot provide user-specific tokens here.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is OAuth2 Authorization Code grant?
Open an interactive chat with Bash
Why is the Implicit grant less secure compared to Authorization Code grant?
Open an interactive chat with Bash
What is the difference between Authorization Code grant and Client Credentials grant?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Access Controls
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .