Explanation

In the given scenario, the developer should use the approach of creating an authorizer function using token-based authorization. Token-based authorization is a commonly used approach for authenticating API requests. It involves generating and issuing tokens to API callers, which they can then include in the requests they make to the API. The tokens serve as proof of authentication and are validated by the server to ensure the caller's identity and access rights. By creating an authorizer function using token-based authorization, the developer can implement a custom scheme that accepts string-based parameters from the API caller. This allows the developer to define their own authentication logic and validate the provided tokens according to their requirements. The authorizer function can be configured in the OCI API Gateway to be invoked before forwarding the request to the web application. It will perform the necessary token validation and authentication checks, allowing only authorized requests to access the protected resources of the web application.