A web aggregator needs limited account privileges from multiple services but does not want to store login details for each user. Which advantage is gained by implementing OAuth?
It saves user details in one location, providing a central store of credentials for all services
It relies on long-lived sessions across every service, reducing the frequency of new authentication steps
It relies on temporary credentials that can be refreshed, eliminating the need to maintain user logins
It requires the aggregator to keep encrypted passwords for each user in case of reauthentication
With OAuth, short-term credentials are granted to the aggregator, so it does not handle user passwords. The alternative methods listed either focus on retaining passwords, merging data into a single pool, or extending session life in a way that exposes sensitive information. By using time-bound credential grants, OAuth reduces the risk of credential theft while enabling the aggregator to gather the needed information.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is OAuth and how does it work?
Open an interactive chat with Bash
What happens if an OAuth token expires?
Open an interactive chat with Bash
How does OAuth reduce the risk of exposing sensitive user credentials?