New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

SailPoint IdentityNow-Engineer Exam - Topic 2 Question 18 Discussion

Actual exam question for SailPoint's IdentityNow-Engineer exam
Question #: 18
Topic #: 2
[All IdentityNow-Engineer Questions]

Is this statement true about using the IdentityNow APIs?

Solution: The APIs are authenticated using a client-certificate.

Show Suggested Answer Hide Answer
Suggested Answer: B

SailPoint IdentityNow APIs are not authenticated using client certificates. Instead, they use OAuth 2.0 for secure authentication and authorization. API consumers are required to obtain an access token, which is used to authenticate requests made to the IdentityNow API. The token is typically obtained by sending client credentials (client ID and client secret) to the IdentityNow authorization server, which grants the token for API access.

Key Reference from SailPoint Documentation:

API Authentication: SailPoint IdentityNow uses OAuth 2.0 for API authentication rather than client certificates. Detailed steps on how to implement OAuth-based authentication are available in SailPoint's API documentation.


by Donette at Aug 03, 2025, 10:56 AM

Limited Time Offer

25%

Off

Get Premium IdentityNow-Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Casie
2 months ago
No way, I've always used API keys for this.
upvoted 0 times
...
Melodie
2 months ago
I thought they used OAuth tokens instead?
upvoted 0 times
...
Onita
2 months ago
Yes, that's correct! Client certificates are used for authentication.
upvoted 0 times
...
Juliann
3 months ago
Wait, really? I didn't know that was how it worked!
upvoted 0 times
...
Lisbeth
3 months ago
Definitely true, I've implemented it before.
upvoted 0 times
...
Laura
3 months ago
I’m leaning towards "No" because I remember discussing how most APIs use token-based authentication instead of client-certificates.
upvoted 0 times
...
Lai
3 months ago
I feel like I saw something about client-certificates in the IdentityNow documentation, but I thought OAuth was more common.
upvoted 0 times
...
Leeann
4 months ago
I remember a practice question about API authentication methods, and I think client-certificates were mentioned as an option, but I can't recall if they were the main method.
upvoted 0 times
...
Eve
4 months ago
I think the APIs use OAuth for authentication, not client-certificates, but I'm not completely sure.
upvoted 0 times
...
Anika
4 months ago
Ah, I remember learning about this in class. The APIs do use client-certificate authentication, so I'll go with option A.
upvoted 0 times
...
Xuan
4 months ago
I'm a bit confused by this question. I'll need to review my notes on IdentityNow API authentication before answering.
upvoted 0 times
...
Linette
4 months ago
This seems like a straightforward question. The statement says the APIs are authenticated using a client-certificate, so the answer must be yes.
upvoted 0 times
...
Carlee
5 months ago
Hmm, I'm not too familiar with the IdentityNow APIs, so I'm not 100% sure about this. I'll have to think it through carefully.
upvoted 0 times
...
Phung
5 months ago
I'm pretty sure the APIs are authenticated using a client-certificate, so I'll select option A.
upvoted 0 times
...
Lashanda
5 months ago
A) Yes, I agree with Yolande. Client-certificate authentication provides an extra layer of security for APIs.
upvoted 0 times
...
Malinda
6 months ago
Well, duh! Of course it's true. Who doesn't love a good client-cert these days? Keeps the hackers at bay.
upvoted 0 times
...
Leeann
6 months ago
Hmm, I've seen this before. Client-certs are the way to go, no doubt about it.
upvoted 0 times
...
Albert
6 months ago
Definitely true! Client-certs are the way to go for these kinds of APIs. Keeps things nice and secure.
upvoted 0 times
...
Sharen
6 months ago
B) No, I disagree. APIs can be authenticated using other methods like OAuth tokens.
upvoted 0 times
...
Yolande
6 months ago
A) Yes, I think the statement is true because client-certificate authentication is a common practice for APIs.
upvoted 0 times
...
Edna
7 months ago
Yes, the statement is true. Using client-certificates for authentication is a common and secure approach for APIs.
upvoted 0 times
Howard
5 months ago
That's correct
upvoted 0 times
...
Reyes
5 months ago
Yes
upvoted 0 times
...
...

Save Cancel