beginner

What is OAuth 2.0 used for?

OAuth 2.0 is a way to let apps access your information on other services without sharing your password. It acts like a permission slip.

Click to reveal answer

beginner

Name the four main OAuth 2.0 roles.

1. Resource Owner (user)<br>2. Client (app)<br>3. Authorization Server (gives tokens)<br>4. Resource Server (holds data)

Click to reveal answer

beginner

What is an access token in OAuth 2.0?

An access token is like a temporary key that lets the client app access the user's data on the resource server.

Click to reveal answer

intermediate

Describe the Authorization Code flow in OAuth 2.0.

The client app asks the user to log in and get an authorization code. Then the app exchanges this code for an access token to access data securely.

Click to reveal answer

beginner

Why use Postman for testing OAuth 2.0 flows?

Postman helps you simulate OAuth 2.0 steps easily, like getting tokens and calling APIs, without writing code.

Click to reveal answer

Which OAuth 2.0 role is the user who owns the data?

AResource Owner

BClient

CAuthorization Server

DResource Server

In OAuth 2.0, what does the client receive after exchanging the authorization code?

ARefresh token

BAccess token

CAuthorization code again

DUser password

Which OAuth 2.0 flow is best for server-side applications?

AImplicit flow

BAuthorization Code flow

CClient Credentials flow

DResource Owner Password Credentials flow

What is the main purpose of the Authorization Server?

AStore user data

BIssue tokens

CRun the client app

DDisplay user interface

In Postman, which tab helps you set up OAuth 2.0 authentication?

AHeaders

BBody

CAuthorization

DPre-request Script

Explain the OAuth 2.0 Authorization Code flow step-by-step as if teaching a friend.

Describe how you would test an OAuth 2.0 flow using Postman.