An organization wants to secure its exposed APIs running on IBM Cloud API Connect Reserved Instances using OAuth and OpenID. Which capabilities can help in this case?
A.
Authentication and authorization capabilities are offered by IBM API Connect itself
B.
IBM API Connect APIs must be secured by a third party as API Connect is responsible for managing the API life cycle only
C.
IBM API Connect is providing authentication, but authorization can be provided by IAM
D.
IBM API Connect creates user registries, but OAuth isn’t allowed in API Connect, and this can be done by a third-party provider
IBM API Connect provides built-in capabilities for both authentication and authorization using OAuth 2.0 and OpenID Connect (OIDC) standards.
With these, you can:
Protect APIs with OAuth 2.0 tokens.
Integrate with OpenID Connect identity providers (like IBM Security Verify, Azure AD, etc.).
Define and enforce security policies (client credentials, password, implicit, authorization code, etc.).
Control access scopes and permissions directly in API Connect.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Malex68
1 month ago