Salesforce Certified Integration Architect — Question 47

Northern Trail Outfitters needs to secure an integration with an external Microsoft Azure API Gateway.
Which integration security mechanism should be employed?

Answer options

• A. Use an API-only user profile and implement an external identity provider with federated API access.
• B. Configure mutual server authentication with two way SSL using certification authority (CA) signed certificates.
• C. Configure a connected app with an authorization endpoint of the API Gateway and configure OAuth settings.
• D. Implement Salesforce Shield with Encryption at Rest and generate a tenant secret.

Correct answer: B

Explanation

The correct answer is B because mutual server authentication with two-way SSL ensures that both the client and server verify each other's identities, providing a robust security mechanism for API integrations. The other options, while they offer security measures, do not specifically address the mutual authentication requirement needed for securing an integration with an API Gateway.