A software development company wants to allow its users to log into a third-party code repository from their in-house development platform. The company aims to facilitate this without sharing user credentials with the third-party service. Which protocol is best suited to allow the company's platform to request access to the third-party service on behalf of the user?
Remote Authentication Dial-In User Service (RADIUS)
Terminal Access Controller Access-Control System Plus (TACACS+)
Open Authorization, commonly known as OAuth, is best suited for this purpose. OAuth is a protocol that enables applications to obtain limited access to user accounts on an HTTP service without passing user credentials to the application. It works by using access tokens provided by the authorization server, which mediate the authentication of the end user by the information provider.
LDAP (Lightweight Directory Access Protocol) is primarily used for accessing and maintaining distributed directory information services over an IP network, which is not the goal in this scenario.
RADIUS (Remote Authentication Dial-In User Service) provides centralized authentication, authorization, and accounting for users who connect and use a network service, but does not cater to the specific needs of application-to-application authorization.
TACACS+ (Terminal Access Controller Access-Control System Plus) provides detailed accounting information and flexible administrative control over authentication and authorization processes, but it is not designed for delegating user authorization between web services.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is OAuth and how does it work?
Open an interactive chat with Bash
What is the difference between OAuth and LDAP?
Open an interactive chat with Bash
What are access tokens in OAuth, and why are they important?