Salesforce Certified B2C Commerce Architect (Arch-303) B2C-Commerce-Architect Question # 16 Topic 2 Discussion

B2C-Commerce-Architect Exam Topic 2 Question 16 Discussion:

Question #: 16

Topic #: 2

During implementation, the team found that there is a notification controller exposed for an external service that marks the order as paid when notification is received. The notification URL is sent to the service together with the payment request and contains only the URL with orderlD as the parameter.
What should the Architect recommend to the team in order to prevent the unauthorized usage of the controller to mark the orders as paid?

Add a customer number in the callback URL and match the customer number against the one stored on the order.

Add HTTPS restriction to the controller start node.

Add an order token in the callback URL and match the token against the one stored on the order.

Add a session attribute and validate it on the callback.

Get Premium B2C-Commerce-Architect Questions

Actual exam question for Salesforce B2C-Commerce-Architect exam by Rael4588 at Aug 3, 2025, 12:01:09 PM

Contribute your Thoughts:

Chosen Answer: A B C D
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Salesforce Certified B2C Commerce Architect (Arch-303) B2C-Commerce-Architect Question # 16 Topic 2 Discussion

Salesforce Certified B2C Commerce Architect (Arch-303) B2C-Commerce-Architect Question # 16 Topic 2 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Salesforce Certified B2C Commerce Architect (Arch-303) B2C-Commerce-Architect Question # 16 Topic 2 Discussion

Salesforce Certified B2C Commerce Architect (Arch-303) B2C-Commerce-Architect Question # 16 Topic 2 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Awaiting moderator approval