Salesforce Certified Integration Architect — Question 81

Northern Trail Outfitters needs to secure an integration with an external Microsoft Azure API Gateway.

Which integration security mechanism should be employed?

Answer options

• A. Use an API-only user profile and implement an external identity provider with federated API access.
• B. Configure mutual server authentication with two-way SSL using certification authority (CA) signed certificates.
• C. Configure a connected app with an authorization endpoint of the API Gateway and configure OAuth settings.

Correct answer: B

Explanation

The correct answer is B because mutual server authentication with two-way SSL ensures that both the client and server verify each other's identities, providing a high level of security. Option A does not provide the necessary level of security for API integration, and option C, while useful for authentication, does not offer the same level of mutual verification as two-way SSL.