Exam ZDTE Topic 1 Question 17 Discussion
Actual exam question for Zscaler's ZDTE exam
Question #: 17
Topic #: 1
Question #: 17
Topic #: 1
Which authorization framework is used by OneAPI to provide secure access to Zscaler Internet Access (ZIA), Zscaler Private Access (ZPA), and Zscaler Client Connector APIs?
Suggested Answer: B Vote an answer
Zscaler OneAPI provides a unified, programmatic interface to automate configuration and operations across the Zscaler platform, including ZIA, ZPA, and Zscaler Client Connector. Zscaler's OneAPI documentation clearly states that OneAPI uses the OAuth 2.0 authorization framework to secure access to these APIs.
In practice, administrators or automation platforms register an API client in ZIdentity, obtain OAuth 2.0 access tokens, and then use those tokens to call OneAPI endpoints. The use of OAuth 2.0 ensures standardized flows for client authentication, token issuance, and scope-based authorization, aligning with modern security best practices and making it easier to control and audit API access. Zscaler also highlights OAuth 2.0 as one of the three architectural pillars of OneAPI, along with a common endpoint and tight integration with ZIdentity.
While JSON Web Tokens (JWTs) can be used as a token format inside OAuth 2.0, they are not, by themselves, the authorization framework. SAML is typically used for browser-based SSO, not for securing REST APIs in this context. API Keys are simpler credential schemes and are not what Zscaler prescribes for OneAPI. As a result, OAuth 2.0 is the correct and exam-relevant answer.
In practice, administrators or automation platforms register an API client in ZIdentity, obtain OAuth 2.0 access tokens, and then use those tokens to call OneAPI endpoints. The use of OAuth 2.0 ensures standardized flows for client authentication, token issuance, and scope-based authorization, aligning with modern security best practices and making it easier to control and audit API access. Zscaler also highlights OAuth 2.0 as one of the three architectural pillars of OneAPI, along with a common endpoint and tight integration with ZIdentity.
While JSON Web Tokens (JWTs) can be used as a token format inside OAuth 2.0, they are not, by themselves, the authorization framework. SAML is typically used for browser-based SSO, not for securing REST APIs in this context. API Keys are simpler credential schemes and are not what Zscaler prescribes for OneAPI. As a result, OAuth 2.0 is the correct and exam-relevant answer.
by Nick at Jan 10, 2026, 09:31 PM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).