Exam Identity-and-Access-Management-Architect Topic 4 Question 70 Discussion

Actual exam question for Salesforce's Identity-and-Access-Management-Architect exam
Question #: 70
Topic #: 4

Universal Containers (UC) wants to build a mobile application that twill be making calls to the Salesforce REST API. UC's Salesforce implementation relies heavily on custom objects and custom Apex code. UC does not want its users to have to enter credentials every time they use the app. Which two scope values should an Architect recommend to UC? Choose 2 answers.

A. Custom_permissions B. Api C. Refresh_token D. Full

Suggested Answer: B,C Vote an answer

The two scope values that an architect should recommend to UC are api and refresh_token. The api scope allows the app to access the Salesforce REST API and use custom objects and custom Apex code.
Therefresh_token scope allows the app to obtain a refresh token that can be used to get new access tokens without requiring the user to re-enter credentials. Option A is not a good choice because the custom_permissions scope allows the app to access custom permissions in Salesforce, but it does not affect how the app can access the REST API or avoid user re-authentication. Option D is not a good choice because the full scope allows the app to access all data accessible by the user, including the web UI and theAPI, but it may be unnecessary or insecure for UC's requirement. References: OAuth 2.0 Web Server Authentication Flow, Digging Deeper into OAuth 2.0 on Force.com

by Milo at Jun 29, 2026, 02:33 AM

Limited Time Offer

15%

Off

Get Premium Identity-and-Access-Management-Architect Questions as Interactive Self Test Engine or PDF

Comments

0 Happy Clients

0 Shares

0 Demo Downloads

10 Years in Business