Salesforce Certified Identity and Access Management Designer — Question 21
Universal Containers wants to build a custom mobile app connecting to Salesforce using OAuth, and would like to restrict the types of resources mobile users can access.
What OAuth feature of Salesforce should be used to achieve the goal?
Answer options
- A. Refresh Tokens
- B. Scopes
- C. Access Tokens
- D. Mobile PINs
Correct answer: B
Explanation
The correct answer is B, Scopes, as they allow defining the specific resources and permissions that an application can access on behalf of a user. Refresh Tokens and Access Tokens are important for maintaining sessions and authorization but do not restrict access to resources. Mobile PINs are used for additional security but do not serve the purpose of limiting resource access.