PDF Integration-Architect Study Guide

Middleware should coordinate request delivery and payment processing, and Payment System should process a payment request only once. This solution ensures that each payment request is delivered to the Payment System in a reliable and consistent manner, and avoids duplicate or conflicting updates to the same Payment Request record. Middleware can act as a mediator between the Data Entry Point and the Payment System, and implement logic to handle errors, retries, and acknowledgments. Payment System can use the globally unique identifier to check if a payment request has already been processed, and avoid processing it again. References: Certification - Integration Architect - Trailhead, [Integration Patterns and Practices]

The recommendations that the Salesforce integration architect should make to fulfill the requirements around caching, queuing, error handling, alerts, retries, event handling, etc. are based on the best practices and capabilities of the middleware tools. The recommendation B is valid because middleware tools can provide true message queueing for integration scenarios that require asynchronous processing, guaranteed delivery, load balancing, etc. The recommendation D is valid because middleware tools can handle various events that may occur during the integration process, such as logging errors, sending notifications, triggering recovery actions, etc. The recommendation E is valid because middleware tools can support the publish/subscribe pattern for event-driven integration, where the middleware can route messages from publishers to subscribers based on topics or filters. The recommendation A is not valid because transforming a fire-and-forget mechanism to request-reply does not improve performance, but rather increases the latency and complexity of the integration. The recommendation C is not valid because message transformation and protocol translation are tasks that are better suited for middleware tools than Salesforce, as they can handle different formats and protocols more efficiently and flexibly23

1: Integration Architecture Designer Resource Guide 2: Integration Patterns and Practices 3: Salesforce Integration Architecture Designer Certification Exam Guide

The Connect REST API is designed to access Chatter feeds and social data such as users, groups, followers, and files. By using this API, the integration can query the Chatter posts that include the #thanksNTO hashtag and post them to Twitter using another API. The REST API, Streaming API, and Apex REST are not specific to Chatter and do not provide the same level of functionality and ease of use as the Connect REST API2

References: 1: Fire and Forget Pattern 2: Connect REST API

• Answer A is valid because creating an Auth provider in the package and setting the consumer key and consumer secret of the connected app in the central org can allow the package to authenticate with the central org using OAuth 2.0. An Auth provider is a configuration that specifies how to connect to an external service that uses a specific identity protocol. A connected app is an application that can access Salesforce resources using APIs and standard protocols. The consumer key and consumer secret are credentials that identify the connected app to Salesforce.
• Answer C is valid because creating a connected app in the central org and adding the callback URL of each org the package is installed in to redirect to after successful authentication can enable the package to obtain an access token from the central org using OAuth 2.0. The callback URL is a parameter that specifies where the user should be redirected after granting or denying permission to access Salesforce resources. The access token is a credential that can be used to invoke the custom Apex REST endpoint in the central org.
• Answer E is valid because using the Auth Provider configured and selecting the identity type as Named Principal with OAuth 2.0 as the protocol and selecting Start Authentication Flow on Save can initiate the authentication flow when installing the package. The identity type determines how the package accesses Salesforce resources on behalf of users or an application. The Named Principal identity type means that the package uses a single credential, such as a username and password or an access token, to access Salesforce resources for all users. The Start Authentication Flow on Save option means that the package will prompt the user to enter the credential when saving the Auth Provider configuration.
• Answer B is not valid because contacting Salesforce support and creating a case to temporarily enable API access for managed packages is not a necessary or recommended action. API access for managed packages is enabled by default and does not require any special permission or configuration from Salesforce support. Moreover, this action does not address the security requirement of using a specific integration account in the central org that will be authorized after installation of the package.
• Answer D is not valid because using an encrypted field to store the password that the security team enters and using password management for external orgs and setting the encryption method to TLS 1.2 is not a secure or reliable solution. An encrypted field is a custom field that encrypts sensitive data at rest and masks it on the user interface. However, this field does not prevent unauthorized access or leakage of data, as it can be decrypted by users who have the View Encrypted Data permission or by Apex code that runs in system mode. Moreover, this field does not support encryption methods such as TLS 1.2, which are used for securing data in transit, not at rest.

References: Auth Provider: Connected Apps : OAuth 2.0 Web Server Authentication Flow : Named Credentials as Callout Endpoints : API Access in Packages : Encrypted Fields : Encryption Methods Available in Salesforce

11of30