Salesforce Certified Integration Architect — Question 58

Universal Containers (UC) currently owns a middleware tool and has developed an API-led integration architecture with three API tiers. The first tier interfaces directly with the systems of engagement, the second tier implements business logic and aggregates data, and while the third tier interfaces directly with the systems of record. Some of the systems of engagement will be a mobile application, a web application, and Salesforce.
UC has a business requirement to return data to the systems of engagement in different formats while also enforcing different security protocols.
What should an integration architect recommend to meet these requirements?

Answer options

• A. Enforce separate security protocols and return formats at the second tier of the API-led architecture.
• B. Leverage an Identity Provider solution that communicates with the API tiers via SAML.
• C. Implement an API Gateway that all systems of engagement must interface with first.
• D. Enforce separate security protocols and return formats at the first tier of the API-led architecture.

Correct answer: D

Explanation

The correct answer is D because enforcing separate security protocols and return formats at the first tier allows for customization specific to the needs of each system of engagement, ensuring data is properly formatted and secure. Option A is incorrect because handling these requirements at the second tier does not address the unique needs of each engagement system directly. Option B does not directly solve the issue of returning data in different formats. Option C, while useful for managing API traffic, does not focus on the specific requirements of varied formats and security protocols.