Integration_Architect_-_Study_Group_Part_1.pptx

Integration Architect Study Group Part 1: Evaluate System Landscape Evaluate Business Needs Brenda Glasser Director, Salesforce Architect @ Ripple She/Her

About me… 13+ years in ecosystem Director / Salesforce Architect @ Ripple 24x Certified (Application & System Architect) Co-Lead Atlanta Architect Trailblazer Community Group @brendaglasser on Twitter (not calling it X) or find me on LinkedIn!

From the Exam Guide Evaluate The System Landscape - 8% / Appx. 5 Questions Given a set of business requirements, identify the current system landscape and determine what standards, limitations, boundaries, and protocols exist. Given an existing system landscape, analyze for constraints and/or pain-points to satisfy a business requirement(s). Given a set of requirements, evaluate the authentication and authorization needs based on the system landscape. Footer

Integration Patterns Pattern High Level Description Remote Process Invocation: Request & Reply Synchronous; “real-time”; Salesforce invokes a process on a remote system and needs to wait for a response before proceeding Remote Process Invocation: Fire & Forget Asynchronous ; platform events or outbound messages are typical use cases; Salesforce invokes a process in remote system but does not need to wait for a response Batch Data Synchronization Data stored in lightning platform is created or refreshed in remote system; executed in batch manner versus ‘per transaction ’ Remote Call-in Data stored in Salesforce is created, retrieved, updated, or deleted by a remote system UI Update based on Data Changes Salesforce user interface is automatically updated as a result of changes to Salesforce data; Streaming API Data Virtualization Salesforce accesses external data in real time; data is visible and editable within Salesforce UI but not ‘stored’ in Salesforce; External Objects

Exam Topics

Focus Areas Certificates & Keys SOAP vs. REST API Apex Limits Need for middleware versus not-middleware On-prem vs. off-prem/cloud to cloud vs. cloud to ground Authentication / Authorization requirements User / Record Access Salesforce Optimizer

Certificate Management Salesforce certificates and key pairs are used for signatures that verify a request is coming from your organization. They are used for authenticated SSL communications with an external website, or when using your organization as an Identity Provider. Go to: Setup → Certificate & Key Management Link to Documentation: https://help.salesforce.com/s/articleView?id=sf.security_keys_about.htm&type=5

Certificate Management The exam focuses on: Self-Signed Certificate: Certificate that you create yourself 2084 bit: Valid for 1 year 4096 bit: Valid for 2 years CA Signed Certificate: A certificate that you generate that is then ‘signed’ or validated by a third party Valid for 3 years Mutual Authentication Certificate : Requires clients & servers to prove their identity to each other Concept of ‘zero trust’ where everything must be considered as a potential threat

Which API to use? SOAP vs. REST API SOAP API: XML Only Needs WSDL (Web Service Description Language) file ( more info here ) Enterprise WSDL: strongly typed; specific to single salesforce org (internal) Partner WSDL: loosely typed; not specific to org (for ISV/partners) Cannot span multiple transactions convertLead() only available in SOAP API REST API: XML + JSON supported Can span multiple transactions Lighter weight; better for mobile & web apps

Apex Limits We know them and love them Documentation Here! Specific to this exam: Total number of callouts (HTTP requests or web services calls) in a transaction: 100 Maximum cumulative timeout for all callouts (HTTP requests or Web services calls) in a transaction: 120 Seconds Event messages < 1MB Bulk API: 10,000 in rolling 24 hour period Protip : If the exam scenario mentions lots of records (example: 1 million records per day, etc) then the answer that contains Bulk API is going to be the correct option :)

To middleware or not middleware… Sticking a middleware in between your systems is a great option to: manage limits caching retries data manipulation system limitations (in cloud to ground scenarios) Protip : In almost every exam question, if middleware makes sense, then choose the middleware option :)

Remember your authentication options OAuth 2.0 Web Server Flow Authenticate to external web application OAuth 2.0 User-Agent Flow Authenticate to desktop or mobile application OAuth 2.0 Refresh Token Flow Get refresh token; renew session OAuth 2.0 JWT Bearer Flow JWT = JSON Web Token; server to server authentication OAuth 2.0 Client Credentials Flow Exchanges consumer key/secret; requires integration User OpenID Connect Lets OAuth 2.0 clients register connected Apps OpenID Connect Token Introspection Checks to see if token is still valid OAuth 2.0 Device Flow Used for IoT devices (like AppleTV) OAuth 2.0 Asset Token Flow For assets (like Airtag) OAuth 2.0 Username/Password Flow Not recommended

Salesforce Optimizer Know what it does Documentation ! Key Items: Data Storage File Storage User Logins

User / Record Access Know your basics Profiles vs. Permission Sets Org Wide Defaults / Sharing Rules Remember that ‘view all data’ or ‘modify all data’ overrides Remember that ‘view all’ or ‘modify all’ in object settings overrides OWDs Order of Execution Validation Rules

From the Exam Guide Evaluate Business Needs - 11% / Appx. 7 Questions Given a use case, identify functional and non-functional requirements needed for integration. Based on a given integration requirement, identify and classify data into Confidential/Secure/Public. Given a use case, identify key factors for CRM success that should be included as integration requirements. Given a use case, identify the business growth and regulatory factors that can impact choice of integration solutions. Footer

Functional vs. Non-Functional Requirements

Key Words & Phrases: Functional Requirements These questions are scenario-based. Some things to look for in the scenario presented to help identify the functional requirements: Timing: Does the scenario describe a need for a ‘real time’ or synchronous integration? Direction of integration: Is it salesforce → external service; external service → Salesforce? It may be helpful to translate the scenario into a ‘user story’ As a __________, I need to __________, so that __________. As a ‘call center agent’ I need to ‘process credit card payments and receive a confirmation’ so that I can ‘provide the confirmation # and details to the customer while on the call’

Non-Functional Requirements Table stakes Non-Functional Requirements typically will describe the basic or table-stakes requirements for the scenario: Security or legal/regulatory/compliance requirements System availability & performance Maintenance Volumes: Does the scenario describe a high # of records/users or a low # Data Storage: Where does the data need to reside? Does it need to reside in both systems? Which system is the ‘system of record’ for the data in question?

Data Classification Integration requirements and options may need to consider data sensitivity in order to ensure a secure and compliant solution. Data Classification: Public : Data that’s publicly available; not sensitive (example, a company’s website) Internal : Data that should only be available to a company’s employees or authorized users (example: opportunity close dates) Confidential : Data is available to an approved group of users and could be made accessible under NDA, etc. Restricted : PII or sensitive information that must be kept secure (social security numbers, home addresses, credit card or bank account information, etc.)

Know your regulations! You don’t need to be an expert, but generally being aware of these will help: GDPR : General Data Protection Regulation - EU regulation that requires the proper consent, storage, and deletion of user information; includes ‘right to be forgotten’ HIPAA : Health Insurance Portability & Accountability Act - specific for health data; a user’s personal health data may not be shared with others or third parties without explicit consent PCI : Payment Card Industry - regulation related to security and usage of payment card information #protip: always comply with local regulatory requirements; if the scenario mentions many countries and there’s an answer that indicates complying with local regulatory requirements, that’s the one you’ll want to pick!

Exam #protips read the scenario very carefully map out all the steps in the pattern described what is creating records in salesforce or third-party system; what is updating them are the transactions synchronous or asynchronous what’s the direction of the integration (Salesforce → third party; third party → Salesforce, etc?) Review high level what the main APIs are for: SOAP REST Streaming Metadata Connect Tooling Know your terminology synchronous asynchronous some of this is just gonna be memorizing read/review the documentation - relying on Trailhead & Focus on Force is not going to cut it

CRM Success General Guidelines

Integration_Architect_-_Study_Group_Part_1.pptx

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

Integration_Architect_-_Study_Group_Part_1.pptx

About This Presentation

Slide Content

Slide 1

Slide 2

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Slide 19

Slide 20

Slide 21

Slide 22

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

TLE-9-Prepare-Salad-and-Dressing.pptxkkk

LESSON 1 ABOUT MEDIA AND INFORMATION.pptx

GRADE-8-AQUACULTURE-WEEKQ1.pdfdfawgwyrsewru

Feelings PP Game FOR CHILDREN IN ELEMENTARY SCHOOL.pptx

Jeopardy_Figures_of_Speech_Template.pptx [Autosaved].pptx

Jeopardy_Figures_of_Speech.pptxvdsvdsvsdvsd