Exam Mule-101 Topic 5 Question 8 Discussion

Actual exam question for Salesforce's Mule-101 exam
Question #: 8
Topic #: 5
What is an advantage of using OAuth 2.0 client credentials and access tokens over only API keys for API authentication?

Suggested Answer: A Vote an answer

Security Mechanisms:
API Keys (Client ID/Secret): These are static, long-lived credentials. If a Client Secret is stolen, you must reset it, update the application code, and redeploy-a painful process.
OAuth 2.0 (Access Tokens): The client uses the ID/Secret to request a temporary Access Token (TTL of usually 15-60 minutes).
The Advantage: The API client sends the token (not the secret) in the header. If this token is intercepted/compromised, it will expire shortly. The attacker cannot generate new tokens without the original Client Secret. Therefore, the underlying credentials remain safe, and you do not need to reissue them.

by Trista at Jul 12, 2026, 07:20 AM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

0
0
0
10