Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud Developer Exam - Topic 16 Question 120 Discussion

You are developing a Java Web Server that needs to interact with Google Cloud services via the Google Cloud API on the user's behalf. Users should be able to authenticate to the Google Cloud API using their Google Cloud identities. Which workflow should you implement in your web application?
D) 1) When a user arrives at your application, route them to a Google Cloud consent screen with a list of requested permissions that prompts the user to sign in with SSO to their Google Account. 2) After the user signs in and provides consent, your application receives an authorization code from a Google server. 3) The application requests a Google Server to exchange the authorization code with an access token. 4) The Google server responds with the access token that is used by the application to call the Google Cloud API.
A) 1) When a user arrives at your application, prompt them for their Google username and password. 2) Store an SHA password hash in your application's database along with the user's username. 3) The application authenticates to the Google Cloud API using HTTPs requests with the user's username and password hash in the Authorization request header.
B) 1) When a user arrives at your application, prompt them for their Google username and password. 2) Forward the user's username and password in an HTTPS request to the Google Cloud authorization server, and request an access token. 3) The Google server validates the user's credentials and returns an access token to the application. 4) The application uses the access token to call the Google Cloud API.
C) 1) When a user arrives at your application, route them to a Google Cloud consent screen with a list of requested permissions that prompts the user to sign in with SSO to their Google Account. 2) After the user signs in and provides consent, your application receives an authorization code from a Google server. 3) The Google server returns the authorization code to the user, which is stored in the browser's cookies. 4) The user authenticates to the Google Cloud API using the authorization code in the cookie.

Google Professional Cloud Developer Exam - Topic 16 Question 120 Discussion

Actual exam question for Google's Professional Cloud Developer exam
Question #: 120
Topic #: 16
[All Professional Cloud Developer Questions]

You are developing a Java Web Server that needs to interact with Google Cloud services via the Google Cloud API on the user's behalf. Users should be able to authenticate to the Google Cloud API using their Google Cloud identities. Which workflow should you implement in your web application?

Show Suggested Answer Hide Answer
Suggested Answer: D

https://developers.google.com/identity/protocols/oauth2#webserver

The Google OAuth 2.0 endpoint supports web server applications that use languages and frameworks such as PHP, Java, Python, Ruby, and ASP.NET. The authorization sequence begins when your application redirects a browser to a Google URL; the URL includes query parameters that indicate the type of access being requested. Google handles the user authentication, session selection, and user consent. The result is an authorization code, which the application can exchange for an access token and a refresh token.


by Oretha at May 05, 2026, 08:30 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Developer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Mammie
1 month ago
I practiced a similar question where we had to implement OAuth 2.0, and I think option D aligns with that workflow since it involves exchanging an authorization code for an access token.
upvoted 0 times
...
Rodolfo
1 month ago
I’m a bit unsure about the difference between the authorization code and access token processes. I think option D sounds familiar, but I can't recall the exact flow.
upvoted 0 times
...
Glendora
1 month ago
I remember we discussed the importance of not handling user passwords directly, so I think options A and B are definitely not the right choice.
upvoted 0 times
...

Save Cancel