APIGEE-API-ENGINEER Online Practice Questions and Answers

You have a new set of requirements for a mobile app. The product team has asked for the following.

The app requires access to customer order information The app needs to allow a search function for orders by product name

Choose two development tasks that would accomplish the requirements. Choose 2 answers

A. Create a new API proxy for a GET /v1/customers/{customerid}/orders

B. Create a new API proxy for a GET /v1/customers/{customerid}/products/{productname}

C. The design should include a new custom header X-Product-Name

D. The Apigee proxy should allow a query parameter for q=

E. The Apigee proxy should allow a query parameter for orderld=

Which is a use of OAuth 2 0 scopes'?

A. govern the level of access for client applications

B. select API products for the request

C. implement SAML security assertions

D. issue OAuth 2 0 refresh tokens

Which features are supported in the OAuthV2 policy? Choose 3 answers

A. Storing of external access tokens

B. Setting custom attributes for generated access tokens

C. Credentials validation when password grant type is used

D. Setting different expiration for refresh and access tokens.

You are designing an API that allows a consumer to tetch all orders associated to a given customer You want to use a RESTful design Which design should you use?

A. GET/customers/{customer-id}/orders

B. GET/orders?customer-id={customer-id}

C. GET/getOrdersForCustomer?customer-id={customer-id}

D. POST /orders with a post-body of customer-id-{customer-id}

Which Edge Microgateway plugin does not need to be explicitly added to the plugin sequence attribute configuration for execution?

A. analytics

B. oauth

C. quota

D. spike arrest

Given the following Javascript code snippet, which statement is true?

var paloAlto = httpClient.get{'http://weather.yahooapis.com/forecastrss?w=2467861'); context.session['paloAlto'] = paloAlto;

A. The code execution will wait for the httpClient to receive a response and store that into a session vanable named paloAlto.

B. The string paloAlto' will be stored in a message flow variable named paloAlto

C. The httpClient request will send a POST request to http //weather yahooapis com/forecastrss

D. The code execution will complete even if the httpClient has not yet received a response

Which is a benefit of using API keys to access API resources?

A. provides simple mechanism to authenticate developers

B. provides simple mechanism to identify developer apps

C. authenticates the developer

D. authenticates the client application

You need to restrict write access to those applications that have been specifically delegated that authority by end users Your project is already using OAuth2 for user and app authentication What should you do?

A. Create a different URL for updates

B. Implement user rights checks in the underlying microservice

C. Use an OAuth2 scope to identify allowed applications and user granted rights

D. Retrieve user rights from a database by inspecting the user id bound to the OAuth2 token

How many times can an authorization code be used to obtain an access token?

A. 1

B. 2

C. 5

D. Unlimited until it expires

E. Unlimited as long as requests come within specified time of authorization code creation

You are asked by the mobile app team which API should be used to populate a drop down for regions. According to pragmatic RESTful practices, which method should be used?

A. GET

B. HEAD

C. POST

D. PUT

E. OPTIONS