You are tasked with developing an application that requires the use of Oracle Cloud Infrastructure (OCI) APIs to POST messages to a stream in the OCI Streaming service.
Which statement is incorrect? (Choose the best answer.)
Click on the arrows to vote for the correct answer
A. B. C. D.D.
https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/signingrequests.htmThe correct answer is D. The request does not require an Authorization header.
Explanation:
To POST messages to a stream in the OCI Streaming service, you need to make a request to the OCI Streaming service's REST API using an HTTP POST method. The request must include certain headers and parameters to be successful. Here's a breakdown of the statements and why they are correct or incorrect:
A. The request must include an authorization signing string including (but not limited to) x-content-sha256, content-type, and content-length headers. This statement is correct. To authenticate the request, the request must include an authorization signing string that includes certain headers, including the x-content-sha256, content-type, and content-length headers. These headers are used to generate the signing string and ensure that the request is authentic.
B. The Content-Type header must be set to application/json This statement is correct. The Content-Type header must be set to application/json because the message body must be in JSON format.
C. An HTTP 401 will be returned if the client's clock is skewed more than 5 minutes from the server's. This statement is correct. The timestamp in the request is used to generate the authorization signing string. If the client's clock is skewed more than 5 minutes from the server's, the authorization signing string will be invalid, and the request will fail with an HTTP 401 Unauthorized status code.
D. The request does not require an Authorization header. This statement is incorrect. The request must include an Authorization header containing the authorization signing string. The authorization signing string is used to authenticate the request and ensure that it is coming from an authorized source. Without the Authorization header, the request will fail with an HTTP 401 Unauthorized status code.
Therefore, the incorrect statement is D. The request does require an Authorization header.