NEW - Frequently Asked Questions (FAQs) ~ProctorU by Meazure Learning
Okta Certified Developer Study Guide
Introduction
Congratulations! You are one step closer toward earning your Okta Certified Developer Certification.
This exam study guide is designed to help you prepare for the Okta Developer Certification Exam. Passing this exam is a requirement to earn the Okta Developer Certification. Detailed exam topics and available preparation resources are included in this guide. Reading this guide in no way guarantees a passing score on the Okta Developer Certification Exam.
What does it mean to be an Okta Certified Developer?
Okta Certified Developers are technically proficient at building secure, seamless experiences, using Okta APIs and SDKs. Okta Certified Developers have experience working with RESTful APIs and developing web applications. They have a general understanding of authentication and authorization standards such as OpenID Connect (OIDC) and OAuth, as well as how Okta supports these standards for building authentication, flexible authorization, and role-based access control. Developers also have experience configuring authorization with API Access Management and implementing Single Sign-On (SSO) with OIDC. They have working knowledge of Okta Lifecycle Management and administrative APIs.
Exam Overview
|
Exam Part |
This exam has two parts.
|
|
Time allotted |
Part I: 60 minutes Part II: 90 minutes
Because this is a 150-minute exam, you should come fully prepared to sit through the entire exam. There is no scheduled break during this exam. You may request a brief break from your proctor, but the exam timer will not be stopped while you are away. When you return from your break, your proctor can request an additional scan of your room. |
|
Exam Fee |
USD 250 (USD 100 for each subsequent retake) |
Preparing for the Okta Developer Exam
Okta Education Services offers a range of classes and training materials to help you prepare for this certification exam. Although attending a training class does not guarantee success on an Okta certification exam, we strongly recommend that you attend the Development: Series I (Okta) in preparation for this exam. Visit https://learning.asqula.com to learn more about these and other Okta Learning courses.
Practice Exams
To further help you in your preparation and to improve your skills, we highly encourage you to take the following practice exams. These exams simulate the real certification exam environment and will give you a great opportunity to test your knowledge and skills.
-
- Standard Practice Exams
- Take the official Okta Developer Practice Exam to familiarize yourself with the format and types of questions you can expect on the actual exam.
- Premier Practice Exam
- Take the Okta Developer Premier Practice Exam for a deeper dive into specific topics and to strengthen areas where you may need additional review.
- Standard Practice Exams
Okta Certified Developer - Workforce Identity Cloud subject areas
The following tables list the topics that are covered in Parts I and II of this exam. These topics are grouped into topics areas, and topic areas roll up into domains/exam sections. Use these tables as an outline to guide your study and validate your readiness for the Okta Developer Certification Exam.
Part I
|
Exam Domain |
Percentage of Part I Related to Domain |
Authentication |
9% |
Compare and Evaluate Authentication Methods |
Preparation resources: |
|
Understand the Authentication API transactional model |
|
|
Understand pros and cons of authentication types (e.g., custom login page vs. Okta login page) |
|
Understand Methods for Creating an Okta Session |
Preparation resources: |
|
Contrast the different ways to set a session in Okta |
|
|
Retrieve a Session Cookie using OIDC Connect Az Endpoint |
|
|
Manage an Okta Session via the Okta Sessions API |
|
SSO and API Access Management with OIDC and OAuth |
18% |
Enable an OAuth Client Application to Securely Access Services |
Preparation resources: |
|
Use the authorization code flow to obtain tokens |
|
|
Validate tokens |
|
|
Use a refresh token to obtain a new access token |
|
|
Use the /revoke endpoint to revoke a token |
|
|
Identify trusted and untrusted clients and the proper flows to use with each |
|
Describe client types and flows |
Preparation resources: |
|
Explain why is authorization code flow more secure than implicit flow |
|
|
Define which flow to use when a software or service needs to access an API using access token |
|
|
Explain how OIDC achieves SSO and List all possible actors in an OIDC flow |
|
|
Explain which flow is appropriate for app types |
|
|
Explain the difference between introspect call and signature validation |
|
Optimize the API consumption |
Preparation resources: |
|
Optimize the API consumption (performance) Optimize the API consumption (security) |
|
Lifecycle Management |
16% |
Use the Core API to Manage Users |
Preparation resources: |
|
Demonstrate understanding of the Users API and which operations can be performed Manage Users via the Users API |
|
User Objects, User States, and User Profile Sourcing |
Preparation resources: |
|
Demonstrate understanding of User Objects, User States, and User Profile Sourcing Options |
|
Use the Core API - Groups |
Preparation resources: |
|
Manage Groups using the Groups API Manage Group membership using the Groups API |
|
Just-in-Time Provisioning (JIT) |
Preparation resources: |
|
Demonstrate understanding of how JIT works as well as when to use JIT |
|
Administrative APIs |
20% |
Use the Core API - Schemas |
Preparation resources: |
|
Demonstrate understanding of the Okta User Schema |
|
|
Demonstrate understanding of Okta Application Schemas |
|
Use the Core API - Policy |
Preparation resources: |
|
Demonstrate understanding of Okta Policies and Rules and how these affect operations |
|
Use the Core API - Authenticators |
Preparation resources: |
|
Demonstrate understanding of multi-factor authentication in Okta Demonstrate understanding of the Authenticators Administration API and which operations can be performed |
|
Use the Core API - OAuth |
Preparation resources: |
|
Understand OAuth configuration in Okta |
|
|
Understand API Access Management |
|
Use the Core API - Apps |
Preparation resources: |
|
Understand applications in Okta |
|
Debug Techniques |
9% |
Debug API-Related Issues |
Preparation resources: |
|
Investigate API-related issues using sys log, Administrator Dashboard, APIs, and tasks |
|
Debug API Requests |
Preparation resources: |
|
Determine when to make API calls Valid user states for API calls |
|
Design Principles |
18% |
Apply the Okta API Design Principles |
Preparation resources: |
|
Make Okta API requests with the correct HTTP Verbs Make Okta API requests using HTTP headers correctly Make Okta API requests identifying the origin using User-Agent and X-Forwarded-For Read and Understand the Okta API response headers Read and Understand the Okta API response errors Read and Understand the Okta API HTTP response codes |
|
Okta API Rate Limiting |
Preparation resources: |
|
Read and Understand the Okta API Rate Limiting |
|
Redirect or CORS as Trusted Origin |
Preparation resources: |
|
Identify when to use Redirect or CORS as Trusted Origin |
|
App Logout and Global Logout |
Preparation resources: |
|
Implement App Logout and Global Logout (Okta) |
|
Okta Hooks |
9% |
Inline Hooks |
Preparation resources: |
|
Implement token inline hooks |
|
|
Implement registration inline hooks |
|
|
Implement SAML assertion inline hooks |
|
|
Implement password import inline hooks |
|
Event Hooks |
Preparation resources: |
|
Create event hooks Implement event hook objects |
|
|
Implement event hook auth scheme objects |
|
Working with the Sign-In widget for Authentication |
2% |
Okta Sign-in Widget Customization and Configuration |
Preparation resources: |
|
Configure and customize the Okta Sign-In Widget |
Part II
Exam Domain |
Percentage of Part II Related to Domain |
Onboard new users using Okta’s Management SDK and User and Group APIs |
27% |
|
Manage users with Okta’s Management SDK and User and Group APIs |
Preparation resources: |
Federate an App through OIDC |
33% |
|
Provide federated access to an app using OIDC Display claim data from the ID token |
Preparation resources: |
Securing an API using OAuth and Securely accessing an API from a client app using OAuth |
20% |
|
Secure an API using OAuth by verifying there is a valid bearer of token Securely access API from a client application using OAuth in Okta |
Preparation resources: |
Implement the Okta Sign-In Widget for Authentication Purposes |
20% |
|
Implement a custom authentication experience with the Okta Sign-In Widget |
Preparation resources: |
|
Implement and enforce multifactor authentication Create a session for a user |
Preparation videos for Part II
In Part II, you will be required to use a few special tools to complete the use cases. Training videos on using these tools are provided through the following links:
Other Resources
- The Okta Help Center contains a knowledge library of articles and videos, some of which are pertinent to topics covered on this exam.
- The Okta Content Library offers searchable white papers with a rich body of information to explore before your exam.
- Join the Okta Community to review questions, discussions, ideas, and blogs for additional exam preparation.
Subject Matter Experts for the Okta Developer Exam
Okta certification exams are designed and built by subject matter experts who have extensive real world-experiences implementing and administering the Okta service.
Here is the list of subject matter experts who helped design and/or build this exam:
