Salesforce Certified Identity and Access Management Designer — Question 31

Universal Containers (UC) wants to build a mobile application that will be making calls to the Salesforce REST API. UC's Salesforce implementation relies heavily on custom objects and custom Apex code. UC does not want its users to have to enter credentials every time they use the app.
Which two scope values should an Architect recommend to UC? (Choose two.)

Answer options

• A. full
• B. api
• C. refresh_token
• D. custom_permissions

Correct answer: A, C

Explanation

The 'full' scope allows the app to have complete access to the user's data, which is necessary for utilizing custom objects and Apex code effectively. The 'refresh_token' scope is essential for obtaining a new access token without requiring user credentials again, enabling a seamless user experience. The 'api' scope provides access to the Salesforce API, but it does not cover the need for refresh tokens, while 'custom_permissions' does not directly relate to the authentication process needed for this scenario.