Salesforce Integration Interview Question

In a world of connected experiences, a standalone system is a dead end. Salesforce Integration is no longer a niche skill , it’s the bedrock of modern digital transformation. Companies are actively seeking Developers, Architects, and Consultants who can build bridges between systems, automate complex processes, and create a single, unified source of truth.

This expert guide from SalesforceHours dives deep into the 50 most critical Salesforce Integration interview questions. We’ve packed it with detailed answers, real-world business scenarios, and pro tips to help you walk into your next interview with confidence and leave with an offer.

Contents Covered In the Blog

1. What is Salesforce Integration?

Salesforce Integration is the process of connecting your Salesforce CRM with other external applications and systems. But it’s more than just moving data, it’s about creating a living, breathing ecosystem where information flows automatically to power smarter business processes.

  • Real-Time Example: Imagine a customer places an order on an e-commerce site built on Shopify. A powerful integration strategy would mean:
    1. A new Sales Order is instantly created in Salesforce, linked to the customer’s contact record.
    2. The order details are simultaneously sent to the company’s SAP ERP system to begin the fulfillment process.
    3. Salesforce then triggers a “Thank You & Welcome” email from Marketo, adding the customer to a specific marketing journey. This entire chain happens automatically, providing a seamless customer experience and eliminating manual data entry for three different departments.

2. Why is Integration so critical in the Salesforce ecosystem?

Without integration, you have “data islands” valuable information trapped within individual applications. This leads to inefficient processes, inconsistent customer data, and a fragmented view of the business. It’s critical because it delivers a true 360-degree customer view, ensures data is consistent and reliable across all platforms, and automates end-to-end business processes that are too complex for a single system to handle.

3. What are the different types of Salesforce Integration?

Integrations aren’t one-size-fits-all. They are typically classified by their purpose:

  • Data Integration: This is about keeping data in sync across multiple systems. For example, ensuring that a customer’s updated shipping address in Salesforce is reflected in your company’s logistics and billing systems.
  • Business Logic Integration: This involves extending your business processes across applications. You can use Apex to call external web services that handle complex logic.
    • Example: When an Opportunity stage is changed to ‘Closed Won’ in Salesforce, an integration can trigger a custom credit check process in an external financial system before the final order is confirmed.
  • User Interface (UI) Integration: This is about creating a unified user experience by embedding components from one system into the UI of another. Using Canvas or Lightning Web Components, you can display data from an external shipping provider directly within the Salesforce Account page, so service agents don’t have to switch screens.

4. Can you explain the key Salesforce Integration Patterns?

Integration patterns are reusable blueprints for solving common integration challenges.

  • Request and Response (Synchronous): Salesforce calls an external system and waits for an immediate response to proceed. It’s like asking a question and waiting for the answer before you do anything else.
    • Example: A sales rep clicks a “Verify Address” button on an Account record. Salesforce makes a synchronous call to an address verification service (like Google Maps API or Loqate). The user’s screen freezes for a moment until the service responds with “Verified” or “Not Found,” at which point the record is updated.
  • Fire and Forget (Asynchronous): Salesforce sends a message to an external system but doesn’t wait for a response. It “fires” the message and “forgets” about it, moving on to the next task.
    • Example: After a support case is closed, Salesforce sends the case details to an external data warehouse for analytics. This process doesn’t need to happen in real-time and shouldn’t hold up the support agent, making it a perfect “fire and forget” scenario.
  • Batch Data Synchronization: This pattern involves moving large volumes of data between systems on a scheduled basis (e.g., hourly or nightly).
    • Example: Every night at 2 AM, an integration job runs to sync all new and updated product inventory data from the central SAP ERP system with the Salesforce Product Catalog. This ensures sales reps have accurate stock levels when creating quotes the next day.
  • Remote Call-In: In this pattern, an external system initiates communication and calls into Salesforce’s APIs to create, read, update, or delete data.
    • Example: A lead fills out a form on your company website (hosted on WordPress). The website’s backend makes a REST API call to Salesforce to create a new Lead record in real-time.
  • Data Virtualization (using Salesforce Connect): Instead of copying data into Salesforce, this pattern allows you to view and interact with external data in real-time as if it were stored in Salesforce.
    • Example: A company stores massive order history records in a legacy Oracle database. Instead of migrating millions of records, they use Salesforce Connect. Now, when a user views a Customer Account in Salesforce, they see a related list of “Order History” that is queried directly from the Oracle database on demand.

5. What is an API?

An API (Application Programming Interface) is a set of rules and protocols that allows different software applications to communicate and exchange data with each other. APIs are the fundamental building blocks of almost every Salesforce integration.

6. What are the main APIs that Salesforce provides?

Salesforce offers a rich toolkit of APIs, each designed for a specific purpose:

API NamePrimary Use CaseAnalogy
REST APIIdeal for web and mobile apps. Uses JSON and is lightweight.A modern, flexible courier service for sending well-structured packages.
SOAP APIPerfect for formal, enterprise-level integrations. Uses XML.An armored truck with a formal contract (WSDL) for high-security deliveries.
Bulk APIFor asynchronously processing millions of records.A freight train designed to move massive amounts of cargo efficiently.
Streaming APIPushes real-time notifications of data changes to clients.A live news ticker that instantly alerts you when something important happens.
Metadata APIFor managing your Salesforce org’s customization (metadata).The construction blueprint for deploying or modifying the structure of your org.
Tooling APIFine-grained access to metadata for building developer tools.The specialized tools (like a laser level) for precision work on your org’s structure.
Composite APIExecutes a series of REST API requests in a single call.An efficient personal shopper who can visit multiple stores and make all your purchases in one trip.

7. What is the key difference between the REST API and SOAP API?

FeatureREST APISOAP API
Payload FormatPrimarily JSON. It’s human-readable and lightweight.Exclusively XML. It’s more verbose but highly structured.
ProtocolA flexible architectural style, not a strict protocol. Uses standard HTTP methods (GET, POST, etc.).A standardized protocol with strict rules defined in a WSDL file.
StateStateless. Every request from a client must contain all the information needed to be understood.Can be stateful. The server can maintain information about the client across multiple requests.
Best ForMobile apps, single-page web applications, and scenarios where performance and flexibility are key.Enterprise applications requiring high security (WS-Security), transactional integrity, and formal contracts.
Example Use CaseA mobile app fetching a list of contacts from Salesforce.A bank’s core system integrating with Salesforce to process loan applications, requiring strict transactional control.


8. When should you choose the REST API over the SOAP API?

You should choose the REST API when:

  • You are building for mobile or modern web applications where bandwidth and performance are critical.
  • The data format required is simple, and a lightweight JSON payload is sufficient.
  • You need flexibility and don’t want to be tied to a rigid WSDL contract.

You should choose the SOAP API when:

  • The integration demands stateful operations or high-level security standards like WS-Security.
  • You are integrating with legacy systems or enterprise applications that already expose SOAP web services.
  • A formal contract (WSDL) is required to ensure all parties adhere to a strict data structure and set of operations.

9. What is the Bulk API truly for?

The Bulk API is your go-to solution for processing massive amounts of data from 50,000 to millions of records. It works asynchronously, meaning you submit a job, and Salesforce processes it in the background when resources are available, preventing you from hitting governor limits.

  • Example: A company just acquired another firm and needs to migrate 10 million contact and account records from the old CRM into their Salesforce org. Using the REST or SOAP API would be slow and would likely fail. The Bulk API is designed specifically for this kind of large-scale data migration, processing the data in optimized batches.

10. How does the Streaming API work in a real-world scenario?

The Streaming API uses a publish-subscribe (“pub-sub”) model to send real-time notifications to external clients when data changes in Salesforce.

  • Business Example: A company has a large wall-mounted dashboard in their sales pit to display real-time wins. Instead of having the dashboard poll Salesforce every few seconds (which is inefficient), it subscribes to a PushTopic on the Opportunity object. The moment an Opportunity’s stage is set to ‘Closed Won’, the Streaming API pushes a notification directly to the dashboard, which then flashes a “New Deal!” alert. This is instant and highly efficient.

11. Explain Named Credentials in a simple way.

Just think of a Named Credential as a secure vault inside Salesforce that stores the login details (URL, authentication method, credentials) for an external system. Instead of hard-coding a username, password, or API key into your Apex code (which is a major security risk), you simply reference the Named Credential by name. This decouples authentication from your code, making it incredibly easy to manage and update credentials in one place without changing your code.

12. What is OAuth in the context of Salesforce Integration?

OAuth (Open Authorization) is a security standard that allows one application to access data in another application on behalf of a user, without giving it the user’s password. It’s based on delegated access.

  • Analogy: Giving a parking valet a key that only starts your car and parks it is like OAuth. You’re granting limited access for a specific purpose. Giving them your entire key ring with your house key and office key is like sharing your username and password, which is far riskier.

13. What are the different OAuth flows, and when would you use them?

Here is the types of OAuth Flow and their use case :

OAuth FlowUse Case & Business Scenario
Web Server FlowFor web applications that have a secure backend server. It’s one of the most secure flows. Scenario: A third-party project management tool (like Asana) needs to access a user’s Salesforce Tasks. The user is redirected to Salesforce to log in and approve access, and the authorization code is sent back to the Asana server to get an access token.
User-Agent FlowFor applications that run entirely in the browser (single-page apps) or on a mobile device, where there’s no secure server to store a client secret. Scenario: A simple JavaScript-based web app that runs in a browser and needs to pull a list of the user’s Accounts.
Username-Password FlowFor trusted, first-party integrations where you can securely store the user’s credentials. It’s less secure and should be used sparingly. Scenario: An internal, company-built data migration script that needs to log in as a specific integration user to perform its tasks.
JWT Bearer FlowFor server-to-server integrations where the applications have established prior trust, often using a digital certificate. No user interaction is required. Scenario: A Jenkins CI/CD pipeline needs to connect to Salesforce to deploy metadata. It uses a certificate to generate a JWT and authenticate itself without a user logging in.
Client Credentials FlowFor machine-to-machine integrations where the external system is authenticating on its own behalf, not on behalf of a user. Scenario: An external system like an ERP needs to poll Salesforce for new Orders every hour. It authenticates using its own client_id and client_secret to get access.

14. What is a Connected App?

A Connected App is the gateway through which an external application connects to the Salesforce API. It’s a configuration framework within Salesforce that defines the integration’s rules, including which OAuth flow to use, what permissions (scopes) the external app has (e.g., “access and manage your data” or “access your basic information”), and any IP range restrictions. You cannot have an OAuth-based integration without first setting up a Connected App.

Connected App



15. What is Outbound Messaging and is it still relevant?

Outbound Messaging is a declarative, asynchronous “fire and forget” integration method that sends a SOAP message to a designated external endpoint when a record is created or updated and meets specific criteria in a Workflow Rule or Approval Process.

  • Use Case: Instantly notify an external billing system when an Opportunity is marked ‘Closed Won’.
  • Relevance: While still functional, Outbound Messaging is considered a legacy technology. Modern solutions built with Platform Events or asynchronous Apex callouts are generally more flexible, powerful, and easier to debug. However, it’s a simple, no-code solution for basic SOAP-based notifications.

16. What are Callouts in Salesforce?

A callout is any action in salesforce that sends a request to an external web service and gets a response back. It’s how Salesforce communicates with the outside system, whether it’s fetching data from another system or telling it to perform an action.

17. What is a Synchronous Callout?

A synchronous callout forces the Apex code to pause and wait for a response from the external system before it continues executing. This is essential when the subsequent logic depends on the data received from the callout.

  • Business Example: A user in a call center is creating a new order. They enter a credit card number and click “Process Payment.” The system must make a synchronous callout to a payment gateway like Stripe. The code must wait for a “Success” or “Failure” response before it can confirm the order and show a message to the user.

18. What is an Asynchronous Callout?

An asynchronous callout sends a request to an external system but does not wait for a response. The code continues to execute immediately. This is used for non-critical tasks that shouldn’t slow down the user experience or a core transaction.

  • Business Example: When a high-priority support case is created, the system needs to send an SMS alert to the on-call manager via Twilio. This alert is important, but the case creation process shouldn’t fail or be delayed if the SMS service is slow. An asynchronous callout (using @future or Queueable Apex) is perfect for this.

19. How do you make a REST API callout in Apex?

You use the built-in HttpRequest and Http classes. While you can build the request manually, the best practice is to use a Named Credential to handle the endpoint URL and authentication.


HttpRequest req = new HttpRequest();
// The endpoint is set relative to the URL in the Named Credential.
req.setEndpoint('callout:My_External_Service/api/data'); 
req.setMethod('GET');
req.setHeader('Content-Type', 'application/json');

try {
    Http http = new Http();
    HttpResponse res = http.send(req);

    if (res.getStatusCode() == 200) {
        // Process the successful response
        Map<String, Object> results = (Map<String, Object>) JSON.deserializeUntyped(res.getBody());
        System.debug('Success! Response: ' + results);
    } else {
        // Handle error responses
        System.debug('Callout failed. Status: ' + res.getStatus() + ' Status Code: ' + res.getStatusCode());
    }
} catch (System.CalloutException e) {
    // Handle exceptions, like the endpoint being unavailable
    System.debug('Callout exception: ' + e.getMessage());
}


20. Can you make a callout from a trigger? If not, why and what is the solution?

No, you cannot make a direct synchronous callout from a trigger. Attempting to do so will result in an System.CalloutException: You have uncommitted work pending.

Why? A trigger operates within the same transaction as the DML operation that fired it (e.g., an insert or update). Salesforce can’t commit the data to the database until the trigger finishes. If you make a synchronous callout, Salesforce would have to wait for the external system to respond while holding the database transaction open, which could lead to data locking and performance issues.

Solution: The callout must be moved to an asynchronous process that runs in its own, separate transaction.

  1. @future Methods: The simplest way to run a process asynchronously. Pass the necessary data (like a set of record IDs) to the future method.
  2. Queueable Apex: A more powerful and flexible option. It allows you to chain jobs and pass complex objects (sObjects), giving you more control than a future method. This is the preferred modern approach.

21. How should you handle potential errors in callouts?

Robust error handling is crucial for stable integrations.

  1. Check HTTP Status Codes: Like 200, 500, 400, 401 etc
  2. Use Try-Catch Blocks: Always wrap your http.send(req) line in a try-catch block to handle System.CalloutException (e.g., if the endpoint is down).
  3. Implement Retry Logic: For transient errors (like a temporary network issue or a 503 Service Unavailable), use Queueable Apex to build a retry mechanism with an exponential backoff delay.
  4. Handle Token Expiration: If using OAuth, a 401 status code often means your access token has expired.
  5. Log Errors: Log detailed error messages (status, status code, response body) to a custom object or Platform Event for easier debugging.

22. What is Middleware, and when is it needed?

Middleware is a software layer that sits between Salesforce and other external systems, acting as a communication bridge. It’s needed when a simple point-to-point integration is not enough.

  • Business Scenario: A company needs to connect Salesforce with three different systems: an SAP ERP, a legacy Oracle database, and a third-party shipping provider. Each system uses a different data format (JSON, XML, SOAP) and has different security requirements. Instead of building three complex, brittle integrations from Salesforce, they use middleware. The middleware can receive one message from Salesforce, transform it into the correct format for each target system, and handle the complex orchestration and error handling.

23. Name some popular Middleware tools used with Salesforce.

  • MuleSoft Anypoint Platform (owned by Salesforce, the premier choice)
  • Boomi
  • Jitterbit
  • Workato
  • Informatica Cloud
  • Zapier (for simpler, low-code integrations)

24. What is MuleSoft’s primary role in the Salesforce ecosystem?

MuleSoft is Salesforce’s flagship integration platform. Its primary role is to enable API-led connectivity. Instead of creating messy point-to-point connections, MuleSoft encourages developers to build a network of reusable and discoverable APIs. This approach makes integrations more organized, scalable, and faster to build over time.

25. What are Platform Events?

Platform Events are secure and scalable messages that allow systems to communicate in an event-driven architecture. You define a custom event structure (the “payload”), and then systems can publish event messages. Other systems, both inside and outside Salesforce, can subscribe to these events and react in real-time.

Here is how you can create a Platform event

Top 50 Salesforce Integration Interview Questions & Answers


26. How are Platform Events different from the Streaming API (PushTopics)?

FeaturePlatform EventsStreaming API (PushTopics)
What it broadcastsA custom event message (the payload you define).A notification that a Salesforce record (e.g., Account) has been created, updated, or deleted.
Data SourceThe event is published explicitly by a process (Apex, Flow, external app).The change happens to a record in the Salesforce database.
FlexibilityHighly flexible. The event is not tied to any specific object.Tied directly to a specific sObject and a SOQL query.
Use CaseFor event-driven architecture and decoupling systems.For notifying external systems about specific data changes in Salesforce.

27. What is Salesforce External Services?

External Services is a declarative integration feature that allows you to connect to external APIs without writing Apex code. You provide an API specification using the OpenAPI standard , and Salesforce automatically creates callable actions that can be used directly in tools like Flow Builder.

  • Business Example: A company wants to allow business users to check the weather forecast for a customer’s location from a Flow. A developer registers the weather API with External Services. Now, the business user can simply drag a “Get Weather” action into their Flow, provide a city, and get the forecast back, all without a single line of Apex.

28. What is Salesforce Connect?

Salesforce Connect is a data virtualization framework. It allows you to access, search, and modify data stored in an external system in real-time, without copying that data into Salesforce. It uses External Objects to represent the external data within the Salesforce UI.

29. What is an External Object?

An External Object looks and feels like a custom Salesforce object, but its data resides outside of Salesforce. When a user views a record or runs a report on an External Object, Salesforce makes a real-time callout to the external system to fetch the data.

30. What are the common protocols used in Salesforce Integration?

  • HTTP/S: The fundamental protocol for all web-based communication, used by REST APIs.
  • SOAP: A standardized XML-based protocol for web services.
  • REST: An architectural style for building lightweight, flexible APIs.
  • OData (Open Data Protocol): A REST-based protocol used by Salesforce Connect to query external data sources.
  • gRPC: A high-performance RPC framework used by the new Pub/Sub API.

31. What is OData?

OData (Open Data Protocol) is an open standard that defines a set of best practices for building and consuming RESTful APIs. It provides a standardized way to perform CRUD (Create, Read, Update, Delete) operations and query data. Its primary role in Salesforce is as the main protocol for Salesforce Connect, allowing Salesforce to understand and interact with external data sources in a predictable way.

32. How do you secure integrations in Salesforce?

Security is multi-layered. Key practices include:

  • Authentication: Use OAuth 2.0 for all integrations instead of sharing user credentials. Use the appropriate flow for the use case.
  • Authorization: Use Named Credentials to securely store and manage authentication details, keeping them out of your code.
  • Encryption in Transit: Enforce TLS 1.2 or higher for all connections to encrypt data as it travels over the network.
  • Least Privilege Principle: Create a dedicated Integration User with a profile that grants access to only the objects and fields necessary for the integration.
  • Connected Apps: Configure Connected Apps with strict IP range restrictions and appropriate OAuth scopes.
  • Data Masking: Use Salesforce Shield Platform Encryption or field-level security to protect sensitive data at rest.
  • API Gateway: Use an API Gateway to manage traffic, enforce security policies, and monitor API usage.

33. What is the difference between Named Credentials and Remote Site Settings?

These two features both relate to defining callout endpoints, but Named Credentials are far more advanced and secure.

FeatureNamed CredentialsRemote Site Settings
PurposeSecurely stores an endpoint URL and its authentication details.Simply whitelists an endpoint URL, making it permissible for callouts.
AuthenticationBuilt-in. Handles OAuth, JWT, password authentication automatically.None. You must write custom Apex code to handle authentication yourself.
SecurityHigh. Credentials are encrypted and never exposed in code or debug logs.Low. You risk hard-coding credentials or keys in code or custom settings.
ManagementEasy. Update credentials in one place without code changes.Difficult. Requires code changes or manual updates to custom settings if credentials change.
Modern PracticeBest Practice. The recommended approach for all authenticated callouts.Legacy. Should only be used for callouts to public, unauthenticated endpoints.

34. How can you debug integration issues?

  • Salesforce Debug Logs: The first place to look. Set trace flags for the integration user and inspect the logs for callout details and errors.
  • Postman: Use an API client to manually test the external endpoint outside of Salesforce. This helps isolate whether the issue is in Salesforce, the middleware, or the external system.
  • Workbench: A powerful web-based tool for making API calls and inspecting data in Salesforce.
  • Middleware Dashboards: If using middleware like MuleSoft, check its logs and monitoring dashboards for detailed transaction tracing.
  • Event Monitoring: Use Event Monitoring to track API usage, performance, and potential security issues.

35. What is the Composite API?

The Composite API is a powerful REST API resource that allows you to execute a series of independent API requests in a single HTTP call. This is highly efficient because it reduces the number of network round-trips between the client and Salesforce, helping you stay within API limits and improving performance.

  • Business Example: To onboard a new customer, you need to create an Account, then create three Contacts related to that Account, and then update a field on the new Account. Instead of making five separate API calls, you can bundle them into a single Composite API request.

36. What is the Metadata API used for?

The Metadata API is used to manage the setup and configuration of your Salesforce org, not its data. It allows you to retrieve, deploy, create, update, or delete metadata items like custom objects, Apex classes, page layouts, and profiles. It is the backbone of Salesforce DevOps, enabling continuous integration/continuous deployment (CI/CD) pipelines and tools like the Salesforce CLI and VS Code.

37. How do you avoid hitting API limits?

  • Use the Right API: Use the Bulk API for large data loads, not the REST/SOAP API.
  • Combine Requests: Use the Composite API to bundle multiple operations into a single call.
  • Cache Data: On the client-side or in middleware, cache frequently accessed, non-volatile data instead of fetching it from Salesforce every time.
  • Optimize Queries: Ensure API queries are selective and efficient.
  • Proactive Monitoring: Use the Limits REST API resource or the Limits Apex class to monitor your API consumption and get alerts before you hit the limit.

38. What are the key governor limits for callouts?

  • Number of Callouts: You can make a maximum of 100 callouts in a single transaction.
  • Timeout: The maximum cumulative timeout for all callouts in a single transaction is 120 seconds.
  • Heap Size: The maximum response size for a callout is 6 MB for synchronous Apex and 12 MB for asynchronous Apex.

39. What is an Integration User, and why is it essential?

An Integration User is a dedicated Salesforce user license created solely for a specific integration. It is essential for:

  • Security: You can assign it a highly restrictive profile with access to only the necessary data, following the principle of least privilege.
  • Traceability: All changes made by the integration are clearly stamped with the integration user’s name, making auditing and debugging much easier.
  • Stability: The integration won’t break if a real employee’s user account is deactivated when they leave the company.

40. What is the difference between an insert and upsert operation?

  • Insert: Always creates a new record. If you try to insert a record with an ID that already exists, the operation will fail.
  • Upsert: A combination of “update” and “insert.” It requires an External ID field. When you make an upsert call, Salesforce checks if a record with that External ID already exists.
    • If it exists, Salesforce updates the existing record.
    • If it does not exist, Salesforce inserts a new record and populates the External ID field. Upsert is fundamental for synchronizing data between systems.

41. How are Custom Metadata Types used in Integration?

Custom Metadata Types are like custom objects for configuration data. They are ideal for storing integration settings because they are deployable via the Metadata API and can be accessed in Apex without a SOQL query.

  • Use Case: Instead of hard-coding an API key or an endpoint URL in your Apex class, you store it in a Custom Metadata Type record. If the API key changes in production, an admin can simply update the Custom Metadata record without requiring a new code deployment.

42. What is Change Data Capture (CDC) and how does it differ from Platform Events?

Change Data Capture (CDC) is a streaming product that publishes event notifications whenever a change is made to a Salesforce record. It captures creates, updates, deletes, and undeletes. The key feature of CDC is that its event messages are rich, containing details about what changed, including the record fields that were modified.

The primary difference lies in their purpose and payload:

FeatureChange Data Capture (CDC)Platform Events
PurposeData Replication: Keeping an external system’s data in sync with Salesforce.Business Process Notification: Signaling that a business process has occurred.
What it represents“What data changed?”“What business event happened?”
PayloadRich, standardized structure with all changed fields and header information.Custom payload that you define. It is not tied to any sObject.
ExampleAn external data warehouse subscribes to the Account CDC stream to get a near real-time replica of all customer data.An order system publishes a Shipment_Dispatched__e event. Multiple systems (Salesforce, a customer notification service) can subscribe and react independently.

In short, use CDC when you need to know the state change of a record. Use Platform Events when you need to signal a business moment in a decoupled architecture.

43. What is an Idempotent API, and why is it crucial for robust integrations?

An API operation is idempotent if making the same call multiple times produces the exact same result as making it only once. In other words, repeating an idempotent request won’t cause unintended side effects.

Why is it crucial? Integrations often happen over unreliable networks. A client might send a request, but a network error prevents it from receiving the response. The client doesn’t know if the request failed or if it succeeded and only the response was lost. Its only option is to retry.

  • If the API is not idempotent, retrying a “Create Payment” request could charge a customer twice.
  • If the API is idempotent, the server will recognize the duplicate request and simply return the original success response without creating a second payment.

How to implement idempotency: The common pattern is to use an Idempotency Key.

  1. The client application generates a unique ID (e.g., a UUID) for each transaction.
  2. This ID is sent in an HTTP header (e.g., Idempotency-Key: <unique-id>).
  3. The server-side Apex REST service first checks if it has already processed a request with this key.
    • If yes, it retrieves and returns the saved response from the first request without re-running the business logic.
    • If no, it processes the request, saves the response and the key, and then returns the response.

44. Can External Services be used in Flows?

Yes, absolutely. This is one of their primary use cases. After you register an external API via its OpenAPI spec, the actions defined in the spec become available as native elements in the Flow Builder. This empowers admins and declarative developers to build powerful integrations without writing Apex.

45. What is the difference between a Web Service and an API?

This is a classic distinction: All web services are APIs, but not all APIs are web services.

  • API (Application Programming Interface): A broad term for any set of rules that allows applications to talk to each other. A library in a programming language has an API; your operating system has APIs.
  • Web Service: A specific type of API that communicates over a network (usually the web) using standard protocols like HTTP. SOAP and REST are the two main types of web services.

46. What is a WSDL file?

A WSDL (Web Services Description Language) file is an XML-based contract for a SOAP API. It formally describes what the web service can do, how to call it, and the data structures it expects and returns. It defines the operations, messages, data types, and binding information.

47. How do you consume a WSDL in Salesforce?

Salesforce provides a built-in “Generate from WSDL” tool.
You go to Setup > Apex Classes > Generate from WSDL.

Generate from WSD


You upload the WSDL file, and Salesforce automatically parses it and generates the necessary Apex classes to represent the service and its data structures. This makes it very easy to make SOAP callouts from Apex.

48. What is the role of an API Gateway in an integration architecture?

An API Gateway is a management layer that sits in front of your APIs. It acts as a single entry point for all clients, providing a layer of security and control. Its key roles include:

  • Authentication & Security: Enforcing API key validation and OAuth policies.
  • Traffic Management: Rate limiting (throttling) and request queuing to protect backend services.
  • Request/Response Transformation: Converting data formats between the client and the backend.
  • Monitoring & Analytics: Logging all API calls and providing dashboards on usage and performance.
  • Examples: MuleSoft Anypoint Gateway, Amazon API Gateway, Google Apigee.

49. What is the Pub/Sub API?

The Pub/Sub API is the next-generation, high-scale event streaming product from Salesforce. It allows you to publish and subscribe to Platform Events and Change Data Capture events using the high-performance gRPC protocol. It is designed for massive event volumes and is more efficient and scalable than its predecessors, the Streaming API and CometD.

50. How do you properly test Salesforce Integrations?

A comprehensive testing strategy includes:

  1. Unit Tests with Mock Callouts: In your Apex tests, you cannot make real callouts. You must use the HttpCalloutMock interface to simulate the external service’s response. This allows you to test how your code behaves with both successful responses (e.g., status code 200) and error responses (e.g., status code 404 or 500).
  2. Integration Testing in a Sandbox: Test the end-to-end integration in a full sandbox that is connected to the external system’s test environment. This verifies the entire flow, including authentication, middleware, and the external system’s logic.
  3. User Acceptance Testing (UAT): Business users test the integration in the sandbox to ensure it meets their requirements.
  4. Performance/Load Testing: For high-volume integrations, use specialized tools to simulate a large number of API calls to ensure the system can handle the load.


Also checkout our latest post

Author

  • Salesforce Hours

    Salesforcehour is a platform built on a simple idea: "The best way to grow is to learn together". We request seasoned professionals from across the globe to share their hard-won expertise, giving you the in-depth tutorials and practical insights needed to accelerate your journey. Our mission is to empower you to solve complex challenges and become an invaluable member of the Ohana.

Discover more from Salesforce Hours

Subscribe to get the latest posts sent to your email.

Leave a Reply

Discover more from Salesforce Hours

Subscribe now to keep reading and get access to the full archive.

Continue reading