Architect Journey: Integration Architecture
What is a streaming channel?
- monitors and invoke events - can be created through Streaming Channel app interface or sObject thru Apex/REST/SOAP api - name format is /u/ChannelName - StreamingChannel ch = new StreamingChannel();
What type of API does an external web service need to have to be consumable by Salesforce External Service?
REST-based API
You're creating a connected app that allows a Smart TV to display a customer's movie order history. Which OAuth 2.0 flow would you use for the connected app? OAuth 2.0 web server Flow OAuth 2.0 Device Flow OAuth 2.0 JSON Web Token Exchange (JWT) Bearer Flow OAuth 2.0 user-agent Flow
OAuth 2.0 Device Flow
What does SOAP stand for?
Simple Object Access Protocol
True or False. Encrypted fields are supported on Salesforce to Salesforce connections
false
True or False. Bulk API 2.0, it automatically resolves batch size issues.
True
True or False. Change Data Capture ignores sharing settings and sends change events for all records of a Salesforce object.
True
True or False. For outbound messages, If the endpoint is unavailable, messages will stay in the queue until sent successfully, or until they are 24 hours old.
True
True or False. PushTopics - Certain queries aren't supported, such as aggregate queries or semi-joins.
True
True or False. Updates performed by Bulk API won't generate push notifications.
True
True or false: OAuth 2.0 APIs enable a user to work in one app but see the data from another.
True
***OUTBOUND MESSAGING How does outbound messaging work?
uses the notifications() call to send SOAP messages over HTTP(S) to a designated endpoint when triggered by a workflow rule.
What can OpenID Connect dynamic client registration do?
resource servers can dynamically create client apps as connected apps in Salesforce (i.e. MuleSoft's Anypoint Platform, which is the resource server, can dynamically create client apps as connected apps)
What is EPT?
the time when a page starts loading to the time when no activity has occurred for at least two frames (about 33 milliseconds)
***EXTERNAL SERVICES*** What is external services?
(1) registering an external web service that you submit as an OpenAPI schema defining the web service, and (2) magically (well, almost!) bringing the operations of your external web service into the Salesforce platform (see invocable actions) for use with point-and-click tools like Flow Builder.
What are the governor limits of platform events?
- "publish after commit" counts against Apex DML limits - "publish immediately" counts against publishing limit of 150 - max batch size of event trigger is 2k event messages
How long does salesforce store PushTopic events?
- 24 hours for standard volume platform events - 72 hours for high-volume events
Encryption and Decryption to Protect Confidentiality
- Crypto.Encrypt() - Crypto.Decrypt() - Crypto.generateAESKey(Integer keylength)
What are the REST HTTP methods?
- HEAD: retrieve resources metadata - GET: query data - POST: create data - PATCH: update data - DELETE: delete data
Available Lightning Usage App objects
- LightningUsageByAppTypeMetrics - LightningUsageByBrowserMetrics - LightningUsageByPageMetrics - LightningUsageByFlexiPageMetrics
Username/password authentication can be done through?
- Login page - Oauth username/password flow - API
What are the information that you need to provide when setting up outbound message?
- Name - endpoint URL to which the SOAP message will be sent - port - session Id if you need to make API callback - User to send as
What are the parts of outbound message notifications metadata?
- Organization ID - Action Id - the workflow that triggers the message - Session Id - Enterprise URL - url to make callback to Salesforce using enterprise WSLD - Partner URL - url to make callback to Salesforce using partner WSLD - Notification - contains the object data type and fields
Ways to publish Platform Events?
- Process Builder using the Create a Record action - Flow using a Create Records element - Apex EventBus.publish() method - REST API sobjects resource - SOAP API create() call
What is the difference between "PushTopic Event Receive", "Change Data Capture Event Receive" and "Platform Event"?
- PushTopic receives notification including only the fields that you define on a SOQL - Change Data Capture includes all fields that have been changed - Platform Event receives payload based on a predefined schema
What other fields are not supported by Salesforce to Salesforce connection?
- Rich text area - Geolocation fields: latitude and longitude
What are two basic use case for using canvas app?
- application integration - cloud apps developed by partners to be integrated with salesforce - application rationalization/enterprise desktop - org has many existing apps that you want to be accessed in one place
How to create mutual authentication certificate?
- Setup > Certificate and Key Management - Click "Upload Mutual Authentication Certificate" - choose file to locate the certificate - Click Save - Enable the "Enforce SSL/TLS Mutual Authentication" user permission for an "API Only" user. This "API Only" user configures the API client to connect on port 8443 to present the signed client certificate.
How to generate certificate signed by a certificate authority?
- Setup > Certificate and Key Management - Select "Create CA-Signed Certificate" - Select a key size - Enter the information to generate a unique certificate: Common Name, Email Address, Company, Department, City, State, Country Code - Click Save - Click "Download Certificate Signing Request" - Send the certificate to the certificate authority - After the certificate authority sends back the signed certificate, click "Upload Signed Certificate"
How to generate a certificate signed by Salesforce?
- Setup > Certificate and Key Management - Select "Create Self-Signed Certificate" - Select a key size - Click Save
*SALESFORCE OPTIMIZER What is Salesforce Optimizer?
- THE maintenance, productivity, and adoption app for Salesforce Admins - where to start when it comes to cleanup, maintenance, and optimization - evaluates your implementation to determine how your company uses certain Salesforce features - identifies ways that you can improve your implementation
What are characteristics of Change Event Triggers?
- They run under the Automated Process entity - They are subject to Apex synchronous governor limits - They have a maximum batch size of 2,000 event messages (the number of items in Trigger.New)
What is an octane score?
- a benchmark that measures a JavaScript engine's performance by running a series of automated tests - find the Octane score for a specific device by appending "speedtest.jsp" to your org's domain
What are subscription channels?
- a stream of change events that can correspond to either a single or multiple entities - All standard objects channel - /data/ChangeEvents - Single entity standard object - /data/AccountChangeEvent - Custom Object - /data/Employee_ChangeEvent - Custom Channel - to create specific/isolated channels for your subsrcibers; /data/YourChannelName__chn
What are needed to use generic streaming?
- a streaming channel that defines the channel - clients subscribed to the channel - streaming channel push resource to monitor and invoke events
Where is Analytics API used for?
- access datasets - sends queries to analytics platform - create and retrieve lenses - create and retrieve analytics applications - create and retrieve analytics dashboards and snapshots
How does field mapping works in Salesforce to Salesforce connection?
- any field (standard or custom) can map to any field as long as they are the same data type - for picklist fields, you must map the picklist values as well - you can map formula, lookup, autonumber to text fields
What are the most noticeable difference in performance between sandbox and production orgs?
- asynchronous processing - database caching
Where can you place a canvas app?
- chatter feed - chatter tab - console - layouts and mobile cards - mobile nav - open cti - publisher - visualforce page
What can Chatter REST API access?
- chatter feeds, users, groups and followers - files - recommendations - topics - notifications - data.com purchasing
How does SSO works when Salesforce is the identity provider?
- connected app to integrate a service provider with your org - the connected app implements SAML 2.0 or OpenID Connect for user authentication
What is the key difference of OpenID Connect from SAML?
- enable secure exchange of ID tokens that contain user information alongside OAuth access tokens - the service provider must accept OpenID Connect tokens
***CANVAS*** What is a canvas?
- enables you to easily integrate a third-party application in Salesforce - expose an application as a canvas app
What is IoT Integration (OAuth 2.0 Device Flow)?
- integrate devices with limited input or display capabilities, such as Smart TVs - end users can authorize using web-based browser - example: customer uses your bluetooth device to control their house lights - Salesforce verifies the request and returns a human-readable user code, verification URL, and device code that the user enters
What is master encryption key used for?
- key for encrypted custom fields - automatically assigned when you select fields to encrypt - archive existing key and create new key - export an existing key after it's been archived - delete an existing key - import an existing key after it's been deleted
What is a canvas personal app?
- let you create connected apps that are designed specifically for end users - you make your own app available for installation without relying on organization administrators - enable Connected App > Allow users to install canvas personal apps (for the target org) - the developer of the canvas app should check "Enable as a Canvas Personal App" when creating the canvas app, then provide the link to any user
What is a connection template?
- lets you define the objects and fields that can be published - added from Connections Tab > Templates subtab
What are the attributes you define on a PushTopic()?
- name - query - ApiVersion
What are some limits that need to be considered with PushTopic?
- number of push topics - number of clients subsribed - number of concurrent client subscribers - number of events per day - length of the SOQL query - length of the pushtopic name - reconnection timeout is 40 seconds before the client needs to restart the handshake - connection timeout is 7,200 seconds (2 hrs) before a client needs to start a new session - socket timeout is 110 seconds when no events are generated before the client needs to reconnect again - max request size body is 32,768 bytes
What is Mutual Authentication Certificate?
- prevent being compromised by impersonation - clients and servers prove their identity to each other
What is Apex Crypto class?
- provides sets of functions that are particularly valuable for safeguarding your communications - shield confidential data from eavesdroppers - verify that message data is complete and unmodified - verify the authenticity of senders and receivers
How does Forward records to another salesforce organization work?
- records are assigned to a queue - do not forward records to the org that published as it cause errors on Apex triggers - you can accept the records forwarded EXCEPT on mobile app
What can User Interface API access?
- records, list views, actions, favorites and more - metadata and data
What is Server-to-Server Integration (OAuth 2.0 JWT Bearer Flow)?
- requires prior approval of the client app - connected app sends the JWT, which enables identity and security information to be shared across security domains, to the Salesforce token endpoint - JWT is validated by Salesforce based on a signature previously configured (i.e thru profiles/permission sets or end-user approval if all are authorized)
What is a PushTopic?
- sObject that contains the criteria of events you want to listen to - criteria is defined in SOQL query - the operation is also defined (create, update, delete, undelete) - represents the channel that client apps subscribe to - event notification is in JSON
How do you prevent circular changes on outbound messages?
- specify a single user to respond to outbound messages - deselect "Send Outbound Messages" on other user's profile
How does object to object mapping works in Salesforce to Salesforce connection?
- standard objects map to its equivalent standard object - custom object can map to a different custom object
What can you track on the "View Message Delivery Status" page of Outbound Messages
- view the status of your outbound message - view total number of attempted deliveries - see the action that triggered the outbound message - click Retry to change the Next Attempt date to now - delete outbound message from the queue
What are two ways to display a canvas app?
- web tab - html iframe
What are the instances when attachments are not accepted along with the parent on an S2S connection scenario?
- when the attachment is marked as private - when the attachments is more than 20MB
Where is API client certificate used for?
- workflow outbound messages - the AJAX proxy - delegated authentication HTTPS callouts
What is a ca-signed certificate file extension when downloaded?
.csr
What is the URI for bulk API?
/services/data/v49.0/jobs/ingest
What are the two certificate key size?
1. 2048-bit keys which last 1 year 2. 4096- bit keys which last two years
What can you do from the connections detail page?
1. Accept Invitation 2. Cancel Invitation 3. Deactivate invitations 4. Edit Connections 5. View Connection History - Download connection history (csv)
What are the status of records shared with S2S?
1. Active (sent) 2. Active (received) 3. Pending (sent) 4. Inactive 5. Inactive (deleted) 6. Inactive (converted)
What are 4 ways to measure EPT?
1. Add an EPT counter to the header of your app - Lightning Component Debug Mode, or append ?eptVisible=1 to your URL 2. Use the Lightning Usage App to view page and browser performance 3. Build a custom report using Lightning Usage App objects 4. Use the Event Monitoring Analytics App to monitor performance with event types - use the prebuilt Lightning Performance dashboard
*INTEGRATION PATTERNS & BEST PRACTICES Types of Integration Initiatives
1. Application Integration - features and functionalities 2. Data Integration - data integrity, governance, flow, migration 3. Process Integration - extending business processes between systems
***LIGHTNING PLATFORM API BASICS What are the 2 types of API limits?
1. Concurrent limits - cap the number of long-running calls (20 seconds or longer) 2. Total limits - cap the number of calls within a rolling 24-hr period
What Role Do I Play with Connected Apps?
1. Connected App Developer - Salesforce developer or ISV who builds API integrations or external apps 2. Connected App Admin - install, uninstall, and—when necessary—block connected apps from the Salesforce org; configure permissions and policies
Configuring Salesforce to Salesforce
1. Create and assig permission set to allow non-admins to manage the connection - enable "Manage Connections" user permission - set "Connections" tab visible - enable "Manage Queues" user permission 2. Add the "External Sharing" related list page layouts - add the Received Connection Name and Sent Connection Name columns 3. Create custom list views on External Sharing related list 4. Configure to use communication templates and email address and name used on templates - From Email Address: what email appears when emails are sent and customer responds to communication templates - From Email Name - Invitation Template - Deactivation Template - Accept Invitation Template - Reject Invitation Template - Update Connection Profile Template
*MEASURE PERFORMANCE OF SALESFORCE ORG Steps for conducting performance testing
1. Draw system diagram of current/future features, systems and users/personas. 2. Estimate peak/average load levels and feature use 3. Estimate size and shape of data 4. Draw out data model, role hierarchies and sharing rules
What are the Force.com Web Services WSDL Files?
1. Enterprise WSDL - all fields are declared in each object; structure of database table; tied to the specific object configuration 2. Partner WSDL - abstract object (sObject) that supports any object structure; use with describe metadata calls
What are the components of even-driven systems (i.e. platform events)?
1. Event 2. Event message - contains the data about the event 3. Event producer - publisher of an event 4. Event channel - the stream of events 5. Event consumer - subscriber of the event
Process for implementing external services?
1. External web service provider shares its REST-based API 2. Web service provider creates a JSON-based schema 3. Salesforce admin creates named credential to authenticate the web service endpoint 4. Salesforce admin registers the web service and uses the named credential and schema during the registration process 5. Salesforce admin creates a Flow that accesses the invocable actions
What does the JSON body of a change data capture transaction include?
1. For Create - all non-empty fields 2. For Update - only changed fields 3. For Delete - doesnt include any fields 4. Undelete - all non-empty fields
***CHANGE DATA CAPTURE BASICS Change Data Capture as real-time data replication process
1. Initial (day 0) copy of the entire data set to the external system 2. Continuous synchronization of new and updated data to the external system 3. Reconciliation of duplicate data between the two systems
What are the integration characteristics you need to consider?
1. Integration environment - existing tools, on-premise tools you need to integrate to; architecture and middleware 2. Integration direction - inbound or outbound 3. Integration levels - user interface, application logic, data 4. Time-based integration processes - synchronous, asynchronous, batch 5. Integration Process Granurality - complexity of data exchange process
***ORG PERFORMANCE AT SCALE Factors Affecting Scale in Integration
1. Lack of Bulkification - trigger, Bulk API batch size must be processed in 10 mins. 2. Lack of Governance - conflicting integrations causing record locking, poor data/sharing model affecting scalability 3. Locking 4. Heavy apex post-processing
***SECURE SECRET STORAGE features that can be used to store and protect secrets
1. Named Credential - specifies the URL of a callout endpoint and its required authentication parameters in one definition; replaces URL references in your code 2. Protected Custom Settings 3. Protected Custom Metadata types
four main factors that can adversely affect EPT
1. Network: Conditions and "distance" between the device and the host instance. 2. Device: Available processing power, memory, and resources of your devices. 3. Browser: Specific browser processing capabilities and configuration. 4. Salesforce Configuration: Lightning page customizations, Visualforce implementations, or specific org customizations.
Where can streaming API be used?
1. Pages in salesforce applications 2. Application servers outside salesforce 3. External clients
What are two ways to resume a trigger for a suspended subscription?
1. Resume - from the earliest event message 2. Resume from Tip - from new event messages
What are ways to check your remaining API calls?
1. System Overview 2. Information from Sforce-Limit-Info response header for REST APIs 3. Information from response body (in <type>API REQUESTS</type>) for SOAP APIs 4. /limits call in the Lightning Platform REST API 5. Company Information page > Usage-Entitlements related list 6. Setup notifications when limits are exceeded from Setup > API Usage Notifications
What are the important lines of codes when creating test classes for change event triggers?
1. Test.enableChangeDataCapture(); 2. Test.getEventBus().deliver() - delivers the event message to the corresponding trigger causing the trigger to fire
Sequence diagrams are used to model what?
1. Usage scenarios 2. logic of methods 3. logic of services
How do you find partners you can connect to using Salesforce to Salesforce connection?
1. Use the "Connection Finder" field which becomes enabled when you enable Salesforce to Salesforce 2. Select the contact you want to survey and click "Find Connections" - option does not appear if the contact does not have a valid email and is not linked to an account 3. Select an email template or modify the default. The survey URL must be on the email 4. Recipients must respond before within 90 days 5. The recipient is asked if he/she is an admin, if not he/she can provide their admins contact 6. Salesforce creates a contact if the contact does not exist yet
What are the different OAuth 2.0 Authorization Flows?
1. Web App Integration (OAuth 2.0 Web Server Flow) 2. Mobile App Integration (OAuth 2.0 User-Agent Flow) 3. Server-to-Server Integration (OAuth 2.0 JWT Bearer Flow) 4. IoT Integration (OAuth 2.0 Device Flow) 5.
What are the different security considerations?
1. authentication 2. data security 3. transport security - SSL 3. integration security - 2-wayl SSL, remote site settings, port restrictions, whitelisting
How does Salesforce connect works?
1. browser performs AJAX call which then performs an action to the external object adapter 2. the adapter translates the action into an OData request and makes HTTP GET request to the remote system via the Integration and Service layers 3. the remote system returns a JSON response 4. the response is translated from OData into an external object displayed on the browser
How is connection negotiated and maintained with long polling?
1. client sends login request. salesforce sends response 2. client sends handshake request. salesforce sends response 3. client sends connection request and waits for any events 4. when there is an event, salesforce sends a connection response 5. then client sends another connection request
What are some important ChangeEventHeader fields in a change data capture transaction?
1. entityName - name of the object 2. changeType - CREATE, UPDATE, DELETE, UNDELETE 3. chagedFields - array [] of fields in an update operation; will also include LastModifiedDate 4. changeOrigin - source of the change; either salesforce UI or external client; can be used to prevent loops 5. transactionKey - unique identifier of the transaction 6. sequenceNumber - sequence of the change within a transaction (i.e. multiple objects enabled for change data capture causing changes on each other); use this to ensure that all the events in the transaction is successful and captured in a single commit (avoid partial completion)
How does automated processes behave when records are published with S2S?
1. workflow only ran when you accept the parent records 2. process builders must be scheduled to allow the record to be published first before running any automated logic 3.Check for these attributes when running processes in relation to records published from S2S - Received Connection Names - Current User equals pnet - Last Modified By equals Connection User 4. Use triggers instead of workflow if more than one field is being published to prevent loop 5. For triggers, S2S publish is only triggered on "after" events
Up to how many notifications can a single SOAP message contain?
100 - each notification contain the object ID and reference to sObject
How many tasks per related record can be shared on S2S cenario?
100 tasks
How long is the query timeout limit?
120 seconds
What is the maximum timeout limit?
120 seconds / 2 minutes
How long till the changes on fields get published for Salesforce to salesforce connection?
15 min while salesforce refreshes the cache
How many max certificates can you have?
50
API default batch size
500
Salesforce outbound ports restrictions
80: HTTP 443: HTTPS 1024-65535: both
How do you broadcast a message with generic streaming? A.Create a generic streaming channel, and then POST a request to /StreamingChannel/push. B.Create a PushTopic, and then POST a request to /PushTopic//push. C.POST a request to /PushTopic/push. D.POST a request to /StreamingChannel/push.
A
Suppose you have defined a custom object called Mountain_Hiker__c. What is the corresponding channel name? A./data/Mountain_Hiker__ChangeEvent B./data/MountainHiker__ChangeEvent C./data/MountainHiker_ChangeEvent D./data/Mountain_Hiker__ChangeEvents
A
What are some characteristics of a platform event record (or, message)? A. It is similar to an sObject record, it is not viewable in the user interface, and it can't be edited or deleted. B. It is an object, it can't be edited or deleted, and it is viewable in the user interface. C. It is an sObject record, it is not viewable in the user interface, and it can be edited but not deleted. D. It is a one-of-a-kind custom object record! E. It is similar to an sObject record, it is not viewable in the user interface, and it can't be edited, but it can be deleted
A
True or False. Field-level permission does not matter on push topic?
False
True or False. Messages are assured to be retried according to their sequence in the queue
False
What is a "continuation" callout?
Asynchronous callout
Which replay option specifies that the subscriber receives event notifications with replay IDs 6, 7, 8, and 9? A.6 B.5 C.-2 D.-1
B
What fields are included in the event message body for a deleted record? A.System fields only B.Header fields and Replay ID C.Header fields, Replay ID, and all record fields D.Header fields, Replay ID, and system fields E.Header fields only
B
Which of the following characteristics apply to change events? A.Change events are published by Salesforce and by users. B.Change events are published by Salesforce and contain fields of records that were created, updated, deleted, or undeleted. C.Change events are published by Salesforce only for updated records. D.Change events are published by Salesforce and contain fields of new and updated records. E.A and D
B
Why isn't the following SOQL query a valid PushTopic query? SELECT Name, Phone FROM Contact WHERE MailingCity='Indianapolis' A.WHERE clauses aren't supported for PushTopics. B.The SELECT statement doesn't include an ID. C.Contact isn't a supported object for PushTopic queries. D.The query is valid.
B
Streaming API's push paradigm lets you: A.Create more records in a single API call B.Use SOSL to listen for event notifications C.Avoid making unnecessary API requests by listening for notifications rather than polling for data D.Write code from the crow's nest of a pirate ship
C
How can you bypass validation rules on records published from S2S?
Check if Connection ReceivedId = null
How do you stop sharing particular records in S2S scenario?
Click "Stop Sharing". You can only do this for records that you own.
*SALESFORCE TO SALESFORCE What user is created when you enable Salesforce to Salesforce connection?
Connection User - do not count to the number of licenses - assigned a "Partner Network" profile
Hash Digests to Protect Integrity
Crypto.generateDigest()
Creating a Digital Signature
Crypto.sign()
For which of these scenarios would you use platform events? A. Schedule a calendar event B. Broadcast messages with a payload containing only the message body C. Subscribe to events tied to Salesforce records only D. Publish and subscribe to events that are within or external to Salesforce E. Use Apex and Streaming API
D
What are the components of an event-based architecture? A. Event bus, event producer, event consumer, and event builder B. Event producer, event consumer, event channel, and event bus C. Event producer, event consumer, and Apex trigger D. Event producer, event consumer, event bus, event, and event message E. Platform events
D
Which scenario is best suited for Change Data Capture? A.Publishing custom events to an external order fulfillment service B.Populating an external data store with all data from Salesforce at once C.Receiving events with selected fields for changed Salesforce records D.Receiving events for new, changed, deleted, and undeleted Salesforce records E.Querying Salesforce record data for an external app
D
How do you enable change event notifications for an object? A.Do nothing. Change events are enabled by default for all objects. B.If the object is a standard object, change events are enabled by default. C.If the object is a custom object, enable change events on the object overview page using Object Manager. D.Enable the object using Apex. E.Select the object in the Change Data Capture page.
E
Suppose Andy created the Employee__c custom object record and populated the Department__c and Job_Title__c custom fields, and the Name standard field. Which of the following fields are returned in a JSON event message after Andy updates Job_Title__c without changing Department__c and Name? A.Department__c and Job_Title__c B.Department__c, Job_Title__c, and Name C.All fields and the LastModifiedDate system field D.Job_Title__c E.Job_Title__c and the LastModifiedDate system field
E
What are some benefits of an event-driven software architecture? A. It decouples event producers from channels. B. It decouples event producers from event consumers, which have several dependencies on each other. C. It enables near real-time communication between publishers and subscribers by requiring the writing of complex logic. D. It enables the broadcasting of news messages. E. It enables near real-time communication, simplifying communication by decoupling event producers from event consumers.
E
What channel name corresponds to a platform event that you defined with the label of Solar Panel Event? A./event/Solar_Panel_Event B./topic/Solar_Panel_Event C./event/Solar_Panel_Event__c D./event/Solar Panel Event E./event/Solar_Panel_Event__e
E
What is a better way for measuring specific pages? Lightning Usage App or EPT
EPT because Lightning Usage App aggregates performance metrics
How does Salesforce measure performance?
Experienced Page Time (EPT)
TRUE or FALSE: Lightning Component Debug Mode speeds up performance because it minifies code
FALSE
True or false: You can integrate identity providers with Salesforce using connected apps.
False - in this scenario Salesforce is the identity provider
What schema format does External Services adhere to?
JSON-based OpenAPI
What format is the exported file from keystore?
Java Keystore (JKS) format
What does JSON stand for?
Javascript Object Notation
What is the key difference between adding eptVisible on the URL versus enabling Lightning Component Debug mode?
Lightning Component Debug Mode shows network bandwidth
What is the mechanism for keeping the connection open on a streaming API scenario?
Long polling using - Bayeux Protocol - transport messages via HTTP - Comet D - scalable HTTP-based using ajax push
How can you avoid publishing specific Case Comment records
Make them Private
What flow step you use to subscribe to a platform event?
Pause
What is the key difference of a platform event with a pushtopic?
Platform events aren't tied to Salesforce records and aren't published automatically by Salesforce
What is a mashup?
Providing access to data and/or custom links within Salesforce user interface
What platform event transaction can be rolled back?
Publish After Commit
What do you need to do to start sharing records using Salesforce to Salesforce
Publish/Unpublish the object
Platform event replay options
ReplayId - references a specific event -1 - receives only new incoming events -2 - receives new and past events from the time the client subscribes
What is salesforce's transport security?
Secure Socket Layer over HTTP/HTTPS
How do you change the fields that trigger notifications in a PushTopic()?
Set the pushTopic.NotifyForFields to any of these values and record must satisfy the criteria in the WHERE clause - All: all field changes - Referenced: default setup. Fields in the query and in the WHERE clause - Select: fields on the select statement - Where: fields on the where clause
How to enable streaming channel in salesforce?
Setup > User Interface > Enable Dynamic Streaming Channel Creation
What tool can you use to validate that your schema complies with the OpenAPI specification?
Swagger Editor tool
TRUE or FALSE: Sandbox and production orgs exist in different instances, have different hardware, and can differ in performance.
TRUE
True or False. Changing the stage of opportunity records from a global find does not publish the change on S2S scenario?
True. you must open each of the opportunity record.
What does URI mean?
Uniform Resource Identifier
What is a WSDL? What is SOAP?
WSDL defines what a web service can do; contract between system SOAP the actual implementation of what the WSDL can do
What trigger event is supported for Change Events?
after insert asynchronously
What is custom web service
an apex class that is generated as a wsdl
What to do when you don't see mutual authentication certificate option in salesforce?
contact Salesforce to enable the feature
How do you stop recursive callbacks on outbound messages
ensure that the user specified on the "Send As User" has the permission "Send Outbound Messages" unchecked
What is the rate of salesforce checking for new notifications with streaming API?
every 3 seconds
How do you maintain certificates and keys?
export all your certificates and private keys into a keystore for storage or import certificates and keys from a keystore
***CONNECTED APP What is connected App?
framework that enables an external application to integrate with Salesforce using APIs and standard protocols, such as Security Assertion Markup Language (SAML), OAuth, and OpenID Connect
What is Force.com canvas?
framework to embed external web applications in salesforce
*CERTIFICATE AND KEYS When do you use certificate and keys?
if you're working with an external website that wants verification that a request is coming from a Salesforce organization
What is Single Sign-On (SSO)?
lets users access other applications without logging in separately to each one—and without having to create (and remember) different user credentials for each app
What lightning component can you use if you want to build a lightning app that receives instant notification of salesforce data changes?
lightning:empApi
What is CometD?
messaging library that enables listening to events through long polling and simulates push technology
What is remote site setting?
needed before salesforce can call an external site
What is OAuth 2.0?
open protocol that enables authorization and secure data sharing between applications through the exchange of tokens
What is federated ESB
prevents a single point of failure by having multiple ESBs that can interact with each other
Commands for setting the notification in a PushTopic explicitly
pushTopic.NotifyForOperationCreate = true; pushTopic.NotifyForOperationUpdate = true; pushTopic.NotifyForOperationUndelete = true; pushTopic.NotifyForOperationDelete = true;
What is the nextRecordsURL in rest api?
the element used when the query request has been batched. It specified the URL that you can call to get the next batch of records
What tool can you use to improve performance when processing large request files?
use gzip compression (90% compressed) config.setCompression(true);
What is an event replayId?
used to replay events for up to 3 days, incase it failed
What does WSDL stand for?
web service description language
What are the general limits of Salesforce Connector?
- 100 max external objects per org - 4 max joins per query - 4k max characters of the Oauth token - 100K max new rows retrieved by SOSL search / created per hour 2K max rows for paging
Bulk API limits
- 10K batches per rolling 24-hr period - max 10k records - 1MB max event message size
What profile permissions are considered for an integration user
- API Enabled - API User Only - Password Never Expires
Where is Connect REST API used for?
- B2B Commerce on Lightning - CMS managed content - communities - files - notifications - topics - display Chatter feeds especially on mobile applications
Solution for archiving data using Heroku
- Heroku App has web services that can be called from salesforce when archiving/unarchiving data - Heroku Postgres then runs stored procedures for processing the data - Heroku Connect exposes archived records to Salesforce as external object using a sync engine
Licensing difference between Heroku Connect and Mulesoft?
- Heroku connect's pricing is based on number of records synced - Mulesoft is based on connection point, but needs to be maintained as data scales
What are the salesforce connect adapters?
- OData 2.0, 4.0 - Cross-org adapater: salesforce to salesforce using REST API - custom adapter created via Apex Connector Framework
Characteristic of Solution: Streaming API
- Push topic: query definition that specifies what events trigger an update and what data to include - Javascipt that can be used by the user interface - VF page or lightning component - Java script library that includes a static resource - delivery and order of notifications are not guaranteed
What comprises the HTTP Request?
- Request Header: oauth + token / or session id - Named URI: endpoint - Request Entity: JSON data - Http Method
SOAP/REST API limits
- SOAP: request size limit is 10kb - SOAP: 3600 calls to login() per user per hour - create, update and deleted up to 200 records at a time - 2GB limit on content versions - 500MB standard objects/sObject collections - 500 query result size for query() querymore() - 2K max number of rows returned - 1MB max event message size - number of API calls per 24-hr period is based on edition and number of licenses (i.e. Unlimited has 5K)
Sample HTTP monitoring tool
- TCP utility - SOAP UI
Where is Tooling API used for?
- accessing complex metadata types
Characteristic of solution: Lightning component page initiates SOAP/REST callout synchronously (VF page for classic)
- allows consuming WSDL or invoke HTTP services (GET, POST, PUT and DELETE)
Characteristic of solution: Outbound messaging and callbacks
- allows retrieving other related data - mitigate out-of-sequence messaging - unique session id that can be used to authenticate and authorize
Characteristic of solution: Batch apex performs SOAP/HTTP callout
- batch processing - not optimal for request and reply scenario
Characteristic of solution: Process driven platform events
- best fit for fire and forget - no customization - external apps can listen to the event by subscribing to a channel called CometD - retries are performed by the remote system using the replay ID that is stored for 72 hours (3 days)
Examples of User Interface mash-ups.
- custom links (formula fields, visualforce tags) - embedded content (iframe) - data visibility (SOA callouts, apex callouts, javascript on vf pages)
What is a public key certificate?
- electronic document with a digital signature to bind public key with identity - partnered with private key that the certificate owner holds
Characteristic of solution: Trigger performs SOAP/HTTP callout
- executed after a DML operation - asynchronous call - not optimal for request and reply scenario
What is ETL?
- extract transform load (for bulk api processing)
What is an idempotent design considerations?
- guarantees that repeated invocations are safe and does not create duplicate transactions - implement unique message ID - have the remote system check if records exists and perform upserts
What are the best practices for improving integration performance?
- incremental processing - bulkifying SOAP calls - check for data skew impact - be aware of operations that causes cascading changes - check for parent roll-up fields recalculations
What is the difference between indirect lookup and external lookup?
- indirect lookup: external object lookup to standard or custom object - external lookup: external to external object
Characteristic of solution: Enhanced External Services invokes a REST API call
- invoke external rest service in declarative manner like flow - OpenAPI 2.0 JSON schema format - primitive data types - nested object types such as headers and body - doesn't risk exceeding synchronous governor limits
Where is User Interface Api used for?
- lightning experience for mobile - records, list views, actions, favorites - accesses metadata configured by admins
What should be done on the "listener" side of things for processing outbound messages?
- listener must send back an acknowledgement response so salesforce will stop retrying - listener should store the messages so it can perform call back if needed - listener can then check the notification id to avoid duplicate message processing - verify the source of the message by checking the org id, ip ranges and certificate
Platform Events limits
- max 100k events can be published per hour (standard volume) - max of 250k events per hour (high volume) - 1MB max event message size
What is HTTP monitoring?
- monitoring of TCP traffic - can capture and examine the SOAP messages - need to turn off HTTPS in Session Settings > Require Secure Connection - flow is: application -> tcp -> salesforce
Examples of popular connectors in Mulesoft Anypoint Platform?
- mulesoft connector to workday - aws connector - salesforce connector - OData connector & APIKits used for external objects - SAP connector
What is Two-way SSL?
- mutual authentication - both client and server present certificate to prove identity
What is outbound messaging?
- near real-time integration - messages fire based on trigger, workflow and approval messages - messages are sent to service exposed - has default retry logic for 24 hours - has built in monitoring in salesforce - can include up to 100 notifications - queued until they are sent - dropped from the queue after 24 hours
Characteristic of solution: Workflow-driven outbound messaging
- no customization - event is invoked from insert or update operation - SOAP message - salesforce retries providing a form of guarantee delivery (up to 24 hours) - administrators must monitor failed retries
What are some security considerations?
- one-way SSL is enabled by default, but two-way SSL requires self-signed and CA-signed certificates - Salesforce doesn't support WS-Security - use onw-way hashes or digital signatures using Apex crypto class methods - remote system must have firewall mechanism
User authentication considerations
- password never expires - access and actions are restricted based on profile - API Only permission so it cannot be used on web interface actions -
Characteristic of solution: Salesforce Change Data Capture
- publishes changed events which are updates on salesforce records - near-real-time - requires integration app receiving the events
What is the use of Mulesoft Anypoint Platform?
- ready to use connectors - avoid point-to-point integrations - make moving data easy and fast - makes API reusable - bidirectional connection
Characteristic of solution: Remote call-in
- remote system calling Salesforce API: SOAP, REST, Apex Web services, Apex REST services, bulk API - needs error handling on record locking - can cause continual updates impacting performance
Characteristic of solution: Replication via third-party ETL tool
- run change data capture against the source data - reacts to changes, transforms the data and calls Bulk API to issue DML statements to salesforce - uses SOAP API
What does Connected App framework provides?
- security controls - OAuth scope controls - OAuth policies for system behavior when user reconnects - SAML service provider settings - Mobile application policy settings to enable screen locking and PIN protection
What is an ESB (enterprise service bus)
- single point of interface for many systems, instead of creating multiple individual interfaces - has queuing capability - data transformation capability - authenticates connection before sending request to the other application
Characteristic of solution: Customization driven platform events
- trigger publishes a platform event
What is REST API
- uses JSON or XML - CRUD capabilities - exposes standard and custom objects - exposes object metadat - allows to work with workflow and approval processes - can perform admin tasks - chatter api
***SALESFORCE CONNECT*** Characteristic of solution: Salesforce Connect
- uses external object - allows querying, creating, updating and deleting data on the external system - external relationships between custom/standard objects and external objects - enable chatter on external objects - reports, list views, record pages - view data on mobile app
3 categories of integration patterns?
1. Data Integration - requirement to synchronize data 2. Process Integration - need for a business process to leverage two or more applications to complete the task 3. Virtual Integration - the need to view, search and modify data in an external system
four dimensions to evaluate integration patterns and solutions
1. Layers: types of tasks in a system 2. Volume: amount of data synched and the transformation activity between systems 3. Timing: Communication timing is either asynchronous or synchronous, real time (or as soon as possible) or is batched up for later delivery 4. Direction: one-way or bidirectional
*CONNECTORS FOR DATA INTEGRATION Sample Connectors
1. MuleSoft Salesforce Connector (Anypoint connector) 2. MuleSoft Database Connector - works with Java database such as Postgres 3. MuleSoft HTTP Connector - listening for and sending HTTP requests 4. Heroku Connect - connects one or more Salesforce instances to a Heroku Postgres database using SOAP, Bulk, and Streaming APIs 5. Salesforce Connect - creates external (temporary) objects that access real-time data
Sample integration pattern template
1. Name 2. Context - overall scenario 3. Problem - question form of the scenario 4. Forces - constraints 5. Solution 6. Sketch - sequence diagram 7. Results - details of how to apply the solution and how it resolves the forces 8. Sidebars - additional technical issues, variations and concerns 9. Example - E2E scenario how the pattern is used in real-world scenarios
What are types of integration architectures?
1. Point-to-point - direct integration between systems; hard to manage as the number of systems grow 2. Hub and Spoke - proprietary in nature; single point of failure; won't scale for large volumes 3. Enterprise Service bus - distributed adapters for each system; more scalable
What are two publishing behavior for platform events?
1. Publish After Commit 2. Publish Immediately - regardless of whether the transaction succeeds
What are the types of streaming API?
1. PushTopic Event - based on SOQL query definition 2. Change Data Capture Event - changed fields 3. Platform Event - processes payload based on predefined schema 4. Generic Event - arbitrary payloads
What are sample integration patterns
1. Remote Process Invocation—Request and Reply: salesforce invokes process on a remote system, waits and tracks responses 2. Remote Process Invocation—Fire and Forget 3. Batch Data Synchronization - updates on both systems are done in a batch manner 4. Remote call-in - when events on remote system should callout to salesforce 5. UI Update Based on Data Changes - salesforce user interface must be automatically updated without refreshing the screen (Streaming API) 6. Data Virtualization - salesforce access external data in real-time without persisting the data (Salesforce Connect) 7. High-Frequency Data Replication - source system asynchronously replicates data to a target system in near-real time at high scale 8. Publish/Subscribe - Salesforce publishes an event, subscribers listen for these events
What are the different security settings in Salesforce that can be enforced for integrations?
1. Session Security 2. Data Security - object, field record 3. Application-level security - must be configured as connected app 4. Transport Layer security - http or https, based on certificate
Layers representing a division of tasks in the system
1. User interface layer - canvas or mashups/lightning out 2. Business process layer - mulesoft, platform events, flows, outbound messaging 3. Data layer - heroku connect, salesforce connect. apex, APIs
Typs of APIs
1. Web services API 2. REST API 3. Bulk API (rest based) 4. Chatter REST API 5. Custom Web Services
Sample network authentications
1. profile - login hours, IP range restrictions 2. org-wide - ip restrictions, security token appended to the password, session timeout
four decisions that need to be made to make an accurate assessment of how to scale
1. source and target system 2. type of integration 3. data volume 4. timing
3 layers of API-led connectivity
1. system layer - connection with external system, no system logic (SAP, AWS, Oracle) 2. process layer - applies business logic and orchestration on data from the system layer (i.e. order management, inventory tracking) 3. experience layer - end user interface with data and processes (i.e. UI/UX, Mobile Apps, eCommerce)
What are examples of sidebars/concerns?
1. timeliness 2. data volume 3. endpoint capability 4. state management - unique id between remote system and salesforce 5. complex integration scenarios - orchestration of business processes, aggregation of calls, transformation of messages, transactional integrity across multiple systems 6. Governor limits 7. Middleware capabilities 8. Reliable Messaging - retries, replay ID
What are the mechanisms to maintain data integrity?
1. transaction management - has rollback, exception handling 2. orchestration - coordinates multiple systems , middlewares and services; enterprise integrations; may require manual intervention on failures
Types of authentication
1. user authentication 2. network authentication
How many different object types can you include in a bulkified API processing?
10 different object types
Remote Site Settings allowed outbound ports
80: https connections 443: https connections 1024-65535 (inclusive): These ports accept HTTP or HTTPS connections
***REMOTE SITE SETTINGS What needs to be created to enable access to Lightning Components?
CSP Trusted Site
Where can a user find desktop integration tools?
My Settings > Desktop Add Ons
What does REST stand for?
Representational State Transfer
What free tool can help with error handling in Salesforce Connector?
Salesforce Connect Validator runs common queries and notice error types and failure causes
What are the two main roles in OAuth?
Service Provider: Salesforce Service Consumer: External Application
What is SOA
Service-oriented architecture
True or False. Custom web services with apex do not follow profile security CRUD
True
True or False. Integration user will be allowed outside IP ranges so long as it uses security token
True
True or False. MuleSoft Salesforce Connector is not a fully managed integration connector and needs DevOps support to manage and maintain the connection.
True