Pass the Salesforce Integration Architecture Designer Integration-Architect Questions and answers with CertsForce

To satisfy a requirement for near real-time REST updates with limited development resources, the architect should utilize Flow Builder. Flow Builder is Salesforce's primary low-code tool for automating complex business logic and outbound integrations.

The Remote Process Invocation—Fire and Forget pattern is the most efficient way to signal an external system (or middleware) that a record was created without blocking the user. Using a Record-Triggered Flow on the Order object, the architect can configure an Action (such as an External Service or a simple HTTP Callout) to send the order data to the middleware's REST endpoint.

Option A is slightly incorrect because creating a platform event is just one step in an event-driven flow; the "Fire and Forget" pattern more accurately describes the end-to-end intent. Option B (Change Data Capture) is a powerful tool, but it is considered a "pro-code" or high-configuration so12lution on the middleware side, requiring the middleware to manage Replay IDs and Bayeux subscriptions. Option C leverages the native strengths of Flow to fulfill the requirement declaratively, 13allowing the team to14 deliver a functional integration without writing Apex code while meeting the near-real-time performance expectations of the ERP.

In this scenario, the primary architectural challenge is managing high-latency, multi-step orchestration involving 10 disparate external systems. Each agency has a varying response time that can span several days, making a synchronous "Request-Reply" pattern within Salesforce technically impossible due to transaction timeout limits (maximum 120 seconds).

The recommended approach is to leverage Middleware as the orchestration and state-management layer. Middleware (such as an ESB or iPaaS) is specifically designed for Process Choreography. Salesforce initiates a single "Fire and Forget" request to the middleware. The middleware then takes responsibility for:

Sequential or Parallel Callouts: Initiating the requests to all 10 verification agencies.

Callback Management: Handling the asynchronous responses from each agency as they arrive over a period of days.

Aggregation Logic: Consolidating the results and determining when the "Business Process" is complete (e.g., all 10 agencies have approved).

Once the consolidation logic is satisfied, the middleware performs a Remote Call-In to the Salesforce REST API to update the trainer’s record. This pattern keeps Salesforce "clean" by moving complex, long-running orchestration logic off-platform, preventing the consumption of excessive Apex CPU time and ensuring that Salesforce only receives a single, final status update.

Option B (External Services) is unsuitable for a multi-day asynchronous process as it is designed for real-time, synchronous Flow actions. Option C (@future) is restricted by the same 120-second timeout and cannot handle the "waiting" state required for days of verification. Using middleware provides the necessary Quality of Service (QoS), durability, and error handling required for such a critical enterprise compliance process.

Salesforce is a highly capable CRM platform, but it is not a dedicated messaging or orchestration engine. When requirements include complex message queuing, process choreography, and guaranteed quality of service (QoS), the Integration Architect must recommend a middleware solution (ESB or iPaaS).

"True message queuing" involves holding messages in a persistent state until the target system is ready to receive them, handling sophisticated retry logic (such as exponential backoff), and providing dead-letter queues for failed messages. While Salesforce has basic asynchronous tools like Outbound Messaging or Platform Events, they lack the granular control over queuing and orchestration that enterprise middleware provides.

Option A is incorrect because performing heavy transformation and protocol translation (like XML to JSON or SOAP to REST) within Salesforce consumes excessive Apex CPU time and is better handled by middleware designed for that purpose. Option B is conceptually backward; usually, architects move away from synchronous Request-Reply toward asynchronous Fire-and-Forget to improve scalability. By recommending a middleware solution to handle these infrastructure-level concerns, the architect ensures that Salesforce remains performant for its users while the middleware manages the technical complexities of reliably connecting the enterprise.

For a team with limited development resources and a low-code requirement, Lightning Flow (Flow Builder) is the primary declarative engine for modern integrations.

In this scenario, creating a Platform Event via a record-triggered flow provides a highly scalable, near real-time "Fire-and-Forget" signal to the middleware. This is considered low-code because it can be built entirely using point-and-click tools within Salesforce. Once the Order is created, the flow publishes the event to the bus. The middleware, acting as a subscriber, receives the event and orchestrates the REST call to the ERP.

Option C (Outbound Messaging) is also a low-code tool, but it natively sends messages in SOAP format. Since the ERP requires a REST endpoint, using Outbound Messaging would necessitate additional transformation logic in the middleware, making it a less efficient architectural choice than using a Flow to trigger an event or an External Service. Option B (Change Data Capture) is a powerful tool but often requires more advanced "pro-code" configuration on the subscriber/middleware side to handle Replay IDs and Bayeux protocols, which might exceed the "limited resources" constraint of the Salesforce team.

To secure outbound HTTP requests from Salesforce, architects must implement defense-in-depth measures at both the authentication and transport layers.

Named Credentials are the primary architectural recommendation for managing callout endpoints and authentication in a secure, declarative manner. They abstract the endpoint URL and authentication parameters (such as usernames, passwords, or OAuth tokens) away from Apex code. This prevents sensitive credentials from being hardcoded or exposed in metadata, significantly reducing the risk of accidental disclosure. By using Named Credentials, Salesforce handles the heavy lifting of authentication headers automatically, ensuring that the integration is both secure and maintainable.

Two-way SSL (Mutual Authentication) provides an additional layer of security at the transport layer. While standard SSL ensures that Salesforce trusts the external server, Two-way SSL requires the external server to also verify the identity of the Salesforce client. The architect first generates a certificate in Salesforce, which is then presented to the external system during the TLS handshake. This "mutual trust" ensures that the external service only accepts requests from an authorized Salesforce instance, protecting against man-in-the-middle attacks and unauthorized access attempts.

While an Authorization Provider (Option C) is essential for OAuth-based flows, it is typically used within the configuration of a Named Credential rather than as a standalone security method for a generic HTTP request. By combining Named Credentials with Two-way SSL, the architect ensures that the integration is secured at both the session/authentication level and the network/transport level, adhering to enterprise security best practices for cloud-to-on-premise or cloud-to-cloud communication.

In a standard API-led connectivity model, the First Tier (Experience APIs) is responsible for tailoring data for specific systems of engagement.

The Experience APIs take the core data from the lower tiers and transform it into the specific return formats (e.g., JSON for mobile, XML for legacy web) and security protocols (e.g., OAuth for Salesforce, API Keys for web) required by each consumer. Option B correctly identifies that these transformations and security enforcements should happen at this outer layer. While an API Gateway (Option A) can provide generic security and rate limiting, it is the Experience API layer that provides the functional transformation and specific protocol requirements defined by the business needs of the engagement systems.

When migrating from a legacy environment to a multi-tenant cloud platform like Salesforce, Data volume and processing volume represent the most critical technical constraints. Legacy systems often operate without the strict governor limits found in Salesforce, meaning they may push large datasets or high-frequency updates that could easily overwhelm standard Salesforce APIs.

An integration architect must evaluate these volumes to determine the appropriate integration pattern:

Pattern Selection: If the daily volume involves millions of records, the architect must recommend the Bulk API rather than standard REST or SOAP APIs to avoid hitting daily API limits.

Synchronous vs. Asynchronous: High processing volumes often necessitate asynchronous patterns (such as Fire-and-Forget or Batch) to prevent user-interface lag and "Concurrent Request Limit" errors.

Data Virtualization: If the legacy data volume is massive but only needs to be viewed occasionally, the architect might consider Salesforce Connect to avoid consuming expensive internal data storage.

While reporting (Option A) and multi-currency (Option C) are important functional requirements, they do not fundamentally dictate the technical "plumbing" or scalability of the integration architecture. By prioritizing the analysis of volume and processing needs, the architect ensures the new modernization effort is stable, performant, and capable of scaling as the business grows within the bounds of the Salesforce platform.

Governance and maintenance are critical when using event-driven architectures. Unlike standard objects, which can often be retrieved from the Recycle Bin, Platform Event definitions are handled with high permanence. Once an event definition is deleted, it is permanently removed. This deletion also immediately destroys any associated triggers, subscriptions, and any events currently stored in the event bus. Architects must highlight this risk to ensure proper metadata backup and change management processes are in place. Options A and B refer to specific security and monitoring features that are secondary to the fundamental architectural risk of permanent metadata loss.

To ensure that all integrations calling into a Salesforce portal are secured with Mutual Authentication, the architect must enable and configure specific platform-level security settings. The primary recommendation is to Enforce SSL/TLS Mutual Authentication for the relevant integration users.

Mutual Authentication (Two-way SSL) adds a layer of trust beyond the standard session-based authentication. When enforced, the Salesforce server requires the calling client to present a valid CA-signed certificate that matches a certificate stored in the org. This ensures that only authorized systems with the correct private key can establish a connection.

To implement this, the architect must first work with Salesforce support to enable the feature. Once enabled, a Mutual Authentication Certificate must be uploaded to the org, and a specific user profile—cloned for integration purposes—must have the "Enforce SSL/TLS Mutual Authentication" permission enabled. This configuration forces the client to use port 8443 (the dedicated port for mutual TLS) for API calls, providing a highly secure, server-to-server connection that protects against impersonation and unauthorized data access.

In the framework of a Salesforce Platform Integration Architect's landscape evaluation, the primary goal is to determine the "system of record" for each business function and identify redundancies between legacy systems and the proposed Salesforce architecture. This process is driven by the alignment of Salesforce's native "Customer 360" capabilities with the specific goals defined by the enterprise stakeholders.

According to Goal 2, the customer intends to leverage Salesforce specifically for marketing, sales, and service processes. Within the standard Salesforce ecosystem, these domains are addressed by the three core cloud products:

Marketing Cloud provides the capabilities found in the legacy Email Marketing System.

Sales Cloud replaces the functions of the Sales Activity System.

Service Cloud is the native replacement for the Case Management System.

By migrating these three domains to a single platform, the organization directly fulfills Goal 1—developing a 360-degree view of the customer. Consolidating these interactions onto the Salesforce platform allows for a unified data model where customer behaviors in marketing, sales, and support are visible in one place, eliminating the silos inherent in the previous landscape.

However, a critical constraint is presented in Goal 3, which explicitly mandates the reuse of existing enterprise capabilities for quoting and order management. In an integration architecture, this signals that the Quoting System and Order Management System (OMS) are designated as external systems of record that must remain active. These systems often contain complex logic, tax calculations, or supply chain integrations (such as with an SAP Business Suite) that the business is not currently ready to migrate.

Therefore, since the Quoting and Order Management systems must be retained, they are excluded from the retirement list. The remaining three systems—Email Marketing, Sales Activity, and Case Management—overlap with Salesforce's native strengths and are not protected by the "reuse" requirement. Retiring them streamlines the technology stack and allows the architect to focus on building robust integration patterns (such as REST or SOAP callouts) to connect Salesforce to the retained Quoting and Order Management systems.