MuleSoft Certified Platform Architect – Level 1 — Question 58

What API policy would be LEAST LIKELY used when designing an Experience API that is intended to work with a consumer mobile phone or tablet application?

Answer options

• A. OAuth 2.0 access token enforcement
• B. Client ID enforcement
• C. JSON threat protection
• D. IP whitelist

Correct answer: D

Explanation

The correct answer is D, IP whitelist, because mobile applications typically operate from various IP addresses, making it impractical to restrict access by IP. In contrast, OAuth 2.0 access token enforcement, Client ID enforcement, and JSON threat protection are commonly used to secure APIs and manage access control effectively.