Bird
Raised Fist0

Why does OAuth 2.0 separate the roles of Authorization Server and Resource Server?

hard🧠 Conceptual Q10 of Q15
Rest API - Authentication and Authorization
Why does OAuth 2.0 separate the roles of Authorization Server and Resource Server?
ATo reduce the number of tokens issued
BTo allow independent scaling and security management
CTo simplify client registration
DTo avoid using HTTPS
Step-by-Step Solution
Solution:

  1. Step 1: Understand role separation

    Authorization Server handles authentication and token issuance; Resource Server protects data.

  2. Step 2: Reason about benefits

    Separating roles allows each to scale and secure independently, improving flexibility and security.

  3. Final Answer:

    To allow independent scaling and security management -> Option B

  4. Quick Check:

    Role separation = better scaling and security [OK]
Quick Trick: Separate servers for better security and scaling [OK]
Common Mistakes:
MISTAKES
  • Thinking separation reduces tokens
  • Assuming it simplifies client registration
  • Believing it avoids HTTPS requirement

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Rest API Quizzes
Authentication and Authorization - Basic authentication - Quiz 3easy Authentication and Authorization - JWT structure and flow - Quiz 12easy Authentication and Authorization - Token refresh mechanism - Quiz 6medium Error Handling - Nested error reporting - Quiz 15hard Error Handling - Problem Details (RFC 7807) format - Quiz 9hard Error Handling - Rate limit error responses - Quiz 8hard Error Handling - Why consistent errors help developers - Quiz 15hard Pagination Patterns - Keyset pagination for performance - Quiz 6medium Pagination Patterns - Keyset pagination for performance - Quiz 8hard Rate Limiting and Throttling - Per-user vs per-IP limits - Quiz 3easy