Subject Wise

Practice Everything. Become Subject Wise!

"Authentication is the key that gets you through the front door. Authorization is what determines which rooms you’re allowed to enter once you're inside." 
— Unknown
Question 1: How does Salesforce handle user-based authorization?

Answer:

Through Profiles, Permission Sets, Roles, Sharing Settings, and Teams.

Question 2: What is the difference between Profiles and Permission Sets?

Answer:

Profiles define baseline permissions and access settings for a group of users (object/field level, apps, tabs). Permission Sets extend those permissions or grant specific access to a subset of users without modifying their profile, offering more granular control.

Question 3: What is the purpose of Roles in Salesforce?

Answer:

They determine data visibility in the organization hierarchy. Users at higher levels can view records owned by those below them, regardless of sharing settings.

Question 4: What are the different types of Sharing Settings?

Answer:

  • Org-Wide Defaults (OWD): The default access level for records users do not own.
  • Manual Sharing: Individual record sharing by owners
  • Sharing Rules: Automatic access based on criteria or ownership.
Question 5: How do Teams (Account/Opportunity) function?

Answer:

They enable collaborative work by granting access to a predefined group of users on specific records.

Question 6: What mechanisms are used for API and external application authorization?

Answer:

OAuth 2.0 Flows, Connected Apps, and Named Credentials.

Question 7: What are the common OAuth 2.0 Flows supported by Salesforce?

Answer:

  • Web Server Flow: For web apps.
  • User-Agent Flow: For desktop/mobile apps.
  • Refresh Token Flow: To get new tokens without re-authenticating.
  • JWT Bearer Token Flow: For server-to-server (no user interaction).
  • Client Credentials Flow: For apps accessing resources without a user context.
Question 8: What is a Connected App?

Answer:

  • It defines how external applications integrate with Salesforce, including access permissions and OAuth settings.
Question 9: What are Named Credentials?

Answer:

  • They centralize authentication details and callout URLs, so developers don’t have to hardcode credentials in code.
Question 10: What other security layers can be used for authentication and authorization?

Answer:

  • Delegated Authentication, MFA, and Network Restrictions.

Pages: 1 2