A deployment professional has a requirement to configure an OpenID Connect federation which does not allow the Relying Party to access the token endpoint.
Which grant type must be enabled when creating the federation?
A deployment professional has a requirement to configure an OpenID Connect federation which does not allow the Relying Party to access the token endpoint.
Which grant type must be enabled when creating the federation?
The implicit grant type must be enabled because it allows the Relying Party (client) to obtain tokens directly from the authorization endpoint without having to access the token endpoint, which aligns with the requirement mentioned in the question.
Correct is A, implicit.