Salesforce Integration-Architect Exam With Confidence Using Practice Dumps

Answer A is valid because creating an Auth provider in the package and setting the consumer key and consumer secretof the connected app in the central org can allow the package to authenticate with the central org using OAuth 2.0. An Auth provider is a configuration that specifies how to connect to an external service that uses a specific identity protocol. A connectedapp is an application that can access Salesforce resources using APIs and standard protocols. The consumer key and consumer secret are credentials that identify the connected app to Salesforce.

Answer C is valid because creating a connected app in the central org and adding the callback URL of each org the package is installed in to redirect to after successful authentication can enable the package to obtain an access token from the central org using OAuth 2.0. The callback URL is a parameter that specifies where the user should be redirected after granting or denying permission to access Salesforce resources. The access token is a credential that can be used to invoke the custom Apex REST endpoint in the central org.

Answer E is valid because using the Auth Provider configured and selecting the identity type as Named Principal with OAuth 2.0 as the protocol and selecting Start Authentication Flow on Save can initiate the authentication flow when installing the package. The identity type determines how the package accesses Salesforce resources on behalf of users or an application. The Named Principal identity type means that the package uses a single credential, such as a username and password or an access token, to access Salesforce resources for all users.TheStart Authentication Flow on Save option means that the package will prompt the user to enter the credential when saving the Auth Provider configuration.

Answer B is not valid because contacting Salesforce support and creating a case to temporarily enable API access for managed packages is not a necessary or recommended action. API access for managed packages is enabled by default and does not require any special permission or configuration from Salesforce support. Moreover, this action does not addressthe security requirement of using a specific integration account in the central org that will be authorized after installation of the package.

Answer D is not valid because using an encrypted field to store the password that the security team enters and using password management for external orgs and setting the encryption method to TLS 1.2 is not a secure or reliable solution. An encrypted field is a custom field that encrypts sensitive data at rest and masks it on the user interface. However, this fielddoes not prevent unauthorized access or leakage of data, as it can be decrypted by users who have the View Encrypted Data permission or by Apex code that runs in system mode. Moreover, this field does not support encryption methods such as TLS 1.2, which are used for securing data in transit, not at rest.

Using Change Data Capture (CDC) to update downstream systems accordingly when a record changes is a solution that can handle this requirement by capturingdata changes in Salesforce and sending them to external systems via a publish-subscribe model. This way, the external systems can receive near real-time updates from Salesforce and synchronize their data accordingly. Designing an MDM solution that maps external ID’s to the Salesforce record ID is a solution that can handle this requirement by creating a master data hub that stores and manages the unique identifiers of each system and their relationships. This way, the MDM solution can ensuredata quality,consistency, and accuracy across systems. Locally caching external ID’s at the middleware layer and designing business logic to map updates between systems is not a good solution because it can introduce performance and scalability issues, as well as increase the complexity and maintenance cost of the middleware layer. Storing unique identifiers in an External ID field in Salesforce and using this to update the proper records across systems is not enough to handle this requirement, as it does not address how to update Salesforce with record changes from external systems. Reference: Salesforce Integration Architecture Designer Resource Guide, page 27-28

The Salesforce Community Cloud should support OpenId Connect Authentication Provider and Registration Handler, and SAML SSO and just-in-time provisioning for self-registration and SSO. OpenId Connect is a protocol that allows users to authenticate with an external identity provider and access Salesforce resources. A registration handler is a class that implements the Auth.RegistrationHandler interface and defines how to create new users or update existing users in Salesforce from the information received from the identity provider. SAML SSO is a protocol that allows users to log in to Salesforce with a single credential from an identity provider. Just-in-time provisioning is a featurethat allows creating or updating user accounts in Salesforce based on SAML assertions.