CTA March 22 All Flashcards
How does SAML maintain trust of messages?
The SAML assertion is sent back from the IdP to the SP. This assertion contains the success/failure of the login and is signed by the IdP to ensure the message has not been tampered with and it came from the trusted IdP.
How can you have multilingual visualforce email templates?
Use custom labels in the template text. In the outermost tag (messaging:emailTemplate) you can specify the language. (language=”{!recipient.LanguageLocaleKey})
What are the four types of mobile apps you could build?
Native, HTML5, Hybrid, React Native
What is the “relay state” parameter used for in SSO flows?
Can put any data you like in there, the SP sends this to the IdP, and then IdP just returns it back again. Usually used to store the URL the service provider should redirect to on successful login.
How can you generate a QR Code?
Formula field using the Google Charts API
Can Customer Community Users edit tasks?
No, only read access. Need to upgrade to Customer Community Plus to get CRUD privileges.
What additional sharing options does the Partner Community License add over Customer Community Plus?
Case Team Sharing, Opportunity Team Sharing
How many Partner, External Apps or Customer Community Plus Users can you have?
2 Million
How many Customer Community or Commerce Portal (AKA Lighting External Apps Starter) Users can you have?
20 Million
What are the two implicit sharing types assoicated with High Volume Portal users?
1) All members of the sharing set access group gain access to every record owned by every high volume user associated with that sharing set. 2) Read only access to the parent account of records shared through a sharing set’s access group for users member of the group
Where can an admin “disable” child implicit sharing?
On the role, the admin can set the Contact, Opportunity and Case access levels for Accounts they own.
When is Parent implicit sharing not active?
If the child’s access is Controlled By Parent.
What is the Portal implicit sharing?
Users get access to their Account and all associated contacts under that Account.
Can manual sharing be used on Standard objects, Custom Objects or Both?
Both. But Standard Objects only support share records with rowcause=manual.
If using outbound messaging, what is the requirement on the remote service?
It must be able to participate in a contract-first integration where Salesforce provides the contract.
How can a workflow outbound message have the remote system callback to sfdc once the action is completed?
The outbound message provides a unique SessionId that you can use as an authentication token to callback to Salesforce with.
Name the Scope paramter values in Salesforce Oauth?
api (including chatter API), chatter_api, custom_permissions,full,id,openId, refresh_token,visualforce,web
What does sepcifying “web” in the scope of an Oauth request grant access to?
Allows the ability to use theaccess_tokenon the web, and includesvisualforce, allowing access to customer-created Visualforce pages.
Which licences are used for an Employee Community?
Salesforce Platform License + Lightning Platform Starter or Plus Permission Set License
What are the main differences between Lightning Platform Starter and Lightning Platform Plus?
The Plus edition adds an additional 100 Custom Objects (upto 110) and additional API calls.
Does the Knowledge Only User Licence grant access to custom objects?
Yes
What features does a Service Cloud Licence add on to a Sales Cloud Licence?
Entitlements, Service Contracts, Live Agent, Omni-channel. Also needed to buy additional licenses: Einstein Chat Bots, LiveMessage, SOS
What features does a Sales Cloud Licence add onto to a Service Licence?
Sales Contracts, Quotes, Opportunity Splits,
What is LiveMessage?
Enables customers to contact support agents from their preferred messginf app, e.g. Facebook Messenger, WhatsApp and SMS
What’s Salesforce SOS?
Enables customers to connect with ages via video call and do screen sharing.
Name the three types of Chatter Licences?
Chatter External, Chatter Free & Chatter Only.
What’s the main difference between the Lightning Platform Starter and Lightning Platform Plus licenses?
Access to 10 Custom Objects with the Starter edition and 110 Custom Objects with the Plus edition.
Do Lightning Platform Starter and Plus Licenses get access to Account and Contact?
Yes, full CRUD.
What limit increase does the Lightning Platform Plus contain over the Starter edition?
Additional API calls. Up from 200 per member per day to 1000 per member per day. And 5000 for Unlimited Edition Orgs.
What are the only two objects included with the Lightning Platform Starter and Plus Editions?
Account and Contact. CRUD access for both.
What do Salesforce Snapshot Reports enable?
Store an snapshot of the data to a new custom object on a schedule. You can then report on the Custom Object to see trends.
How many rows can a Snapshot Report store to the Custom Object on each run?
Up to 2000 rows
Which report types can be used in a Snapshot Report?
Tabular or Summary
How many fields can you have in a Snapshot Report?
100
What’s the difference between a Snapshot Report and a Trend Report?
Snapshot Reports are done in Salesforce and stored to a custom object, whereas Trend Reports are an Einstein Analytics feature that store trend data in Analytics.
How does Identity Connect connect to sfdc? Can it go via ESB?
No, goes via users browser etc.
Whats the difference between Push Topic, Platform Events and CDC?
Push topics are used for updating a UI based on data changes defined within a SOQL query. Platform Events are sObject type events where you define the schema and are created via Process Builder, Flow or Apex. CDC is a more standard Event Type that sends any data changes within an Event, only changes are sent.
What is the Protocol of Salesforce Platform Events?
CometD which implements the Bayeux protocol.
How is session id refreshed? Does it ever expire?
Using a refresh token. Admin can set four options: expire immiediately (nevers works), Valid until revoked (lives forever unless revoked by user or admin), Expire if not used (expires if not used within specified period), Expire after fixed time (expires after specified time).
What’s Commerce Cloud? When’s it used?
Shopping site built on top of communities. Uses Apex and Visualforce.
What are core features of Field Service Lightning?
Scheduling Work, Ensuring required parts are available, offline app.
Does Salesforce Identity Connect support deprovisioning?
Yes, the Salesforce session is revoked immediately when the user is removed from Active Directory.
Does Salesforce Identity Conect go via ESB?
No.
Does Identity Connect support SSO?
Yes. And to external applications also.
What SSO approach does Identity Connect use?
Federated User Authentication via SAML 2.0
What are some key objects in FSL?
Work Order, Work Order Line Item, Service Appointment.
What are a couple of capabilties of Salesforce Social Customer Service Starter Pack?
Inbound and outbound social posts apppear as items in the case feed or lead feed and you can create a lead or case from a conversation
How many social media accounts are supported by Salesforce Social Customer Service Starter Pack?
2
Which social media platforms are supported by Salesforce Social Customer Service Starter Pack?
Facebook and Twitter
Which social media platforms are supported by Salesforce Social Customer Service Starter Full?
Facebook, Twitter, Instagram, Youtube, Weibo (Pilot)
Whats the difference between On Demand Email to Case and Email-to-Case?
Email-to-case has a limit of 2,500 emails per day whereas On-Demand Email to Case limits are based on user numbers (currently 1,000 x user count). Also Email-to-case requires a software agent to be installed locally and keeps email traffic inside the company network firewall whereas On Demand Email to Case runs in SFDC data centres.
What can be used to integrate a telephony system and a Salesforce Call Centre?
Open CTI is a browser-based JavaScript API that allows building and integration of third-party computer-telephony integration (CTI) systems. CTI Toolkit or Desktop CTI has been retired by Salesforce and is no longer supported for developing CTI adapters.
How can you make a milestone trigger time dynamic?
When setting up the entitlement process, you can select the apex class to use. Implementing the MilestoneTriggerTimeCalculator Interface.
When would you use a Push Topic Event?
When you want to define a SOQL query for which a record change triggers an Event. Generally used to update UI components.
How do you define which fields to include in a Push Topic event?
All the fields you include as part of the Select clause of the SOQL query are included in the notification message.
When would you use a Platform Event?
When you want to manually fire the Events (process builder/flow) and you want to define the structure of a notication message. Platform Events are setup like sObjects with fields added which will be included in the notification.
When would you use a Change Data Capture Event?
When you want to send notications for Salesforce record changes create, update,delete, undelete. It only contains the field values for changed fields (for update) or populated fields for insert.
When would you use a Generic Event?
When you want to send a JSON payload to a defined set of Users by Id (or send to all). These are not tied to data changes in Salesforce.
How do you subscribe to a generic event?
Streaming API
Can a user with Modify All Data view a file in a private library?
No
Can a user with Modify All Data view a file that has it’s sharing setting set to private?
Yes
Can a user with View All Data view a file that has it’s sharing setting set to private?
No - need modify all
Can a user with View All Data view a file that has it’s sharing setting set to privately shared?
Yes
Which users can view a file that has it’s sharing setting set to Your Company?
All users
Which file viewer types can upload attach the file to a post?
All types - File Viewer, File Collaborator and File Owner
Who can see a private file?
Owner or those with View All or Modify All data permission unless file is in a private folder, then only owner has access.
What are the file sharing options?
Viewers, Collaborators, Set by record, set by library.
What can file “Viewers” do with a file?
View, download and share
What can file collaborators do with a file?
View, download, share, change permission, edit the file, and upload new versions.
What does Set By Record file access mean?
If the user has read-only access on the record, they become a Viewer on the file, if the user has edit access on the record, they become a collaborator on the file.
What can lead assignment rules do?
Assign lead to a User, Partner User or Queue based on filter criteria.
How can you create a round-robin assignment rule?
Create an autonumber, field, use a formula field with mod function, set up assignment rules based on the remainder of the mod function.
Difference between entitlements, milestones, milestone actions, escalation rules?
Entitlements define a service level a customer can expect. You attach milestones to Entitlements and to milestones, you attach milestone actions (workflow actions). Escalation rules are used to reassign a case or notify a user if a case has been open for an extended period. Entitlements require service cloud license.
What are some of the core elements of a governance model?
Centre of Excellence - the process of managing governance across multiple projects. Steering committee - escalation point for decisions, review KPIs and manage budget. Architecture Review Board - project leads and architects to review build approach.
What’s the difference between JWT and JWT with claims?
Claims contains the user info.
Can you report on Big Objects?
No. Would need to use async SOQL queries to bring a subset of that data into a custom object and then report on that custom object.
What’s the SAML Bearer Assertion Flow used for?
Getting an access token from Salesforce. If the connected app has been pre-authorised (either by admin or user) you can fire a SAML assertion at the Salesforce OAuth token endpoint, and it will return an access token.
Does the SAML Bearer Assertion flow support refresh tokens?
No. No need, you can keep firing the SAML assertion at the endpoint to get a new refresh token.
Talk me through super user access
Two types: “Partner Super User” and “Customer Super User”. Partner can only be applied to Partner Community License via contact page, Customer can be applied to CC+ and Partner. Partner gives access to records of users in the same role. Customer gives much more, for your accounts: CRUT on Cases, create cases for contacts, view and edit all contacts, view account details when contact on a case, report on all contacts.
How do you setup two-way SSL in Salesforce?
- Upload Mututal Authentication Certificate in Salesforce. 2. For the an API Only User, enable the “Enforce SSL/TLS Mutual Authentication” user permission.
How to setup outbound JWT in Salesforce?
- Create Self-signed certificate (or upload). 2. Create a named credential selecting JWT and referencing the certificate. 3. Callout from Apex referencing the named credential
How to setup inbound JWT in Salesforce?
- Setup a connected app. 2. Set “Admin Approved Users are pre-authorised” and authorise the API user with profile/permission set. 3. Register the certificate for the connected app.
What encryption method does Salesforce require a JWT is signed using?
RSA SHA256
What options are available when replaying events?
Replay all events held on the event bus, replay events after a specific event id, play only new events.
How long do events stay on the Salesforce Event Bus?
24 hours for PushTopic, Generic and standard volume. 72 hours for Platform and CDC Events.
How can you write “Unit Tests” for your LWCs?
Jest is a powerful tool with rich features for writing JavaScript tests.
What’s a reverse proxy?
A proxy server that sits in front of your web server and controls access. To the client, all requests appear to come from the reverse proxy.
How can you setup OWDs with Person Accounts enabled?
Account and Contact OWDs can be set independently. But the OWD for Contacts will only be applicable for business accounts.
What can you enable in the community to give users the ability to ask and answer questions in a community?
Chatter questions
How can you enable community users to identify preferred vendors in a community?
Enable users to follow records.
What’s the main difference between Git and Subversion?
Git is a decentralised repository whereas SVN is centralised. Subversion stores branches as directories (folders)
What are the advantages of Subversion over Git?
Better at handling binary files, arguably easier to learn than git, arguably better access controls (by file or directory)
What are the advantages of Git over SVN?
Better for offline has developer has full repository locally, better for branching
What’s the difference between feed history tracking and field history tracking?
Feed history tracking post field changes to the chatter feed, posts are deleted after 45 days if no likes or comments exist. Field History tracking is more of an audit trail, these are retained for 18 months.
What types of chattter groups are there?
Public (anyone can see and join), private (Only group members can see and add posts, comments, and files. All community users can see the group picture, name, description, and members. If you want complete privacy, make the group Unlisted), Unlisted (hidden from view), Groups with Customers (Private and unlisted groups can allow customers.), Archived (When a group is archived, people can no longer create posts but previous posts are retained for reference.)
With Chatter, can users: reply to chatter email notifications, post via email and add attachements via email?
Yes
What are the key additional offerings of Lightning External Apps Plus vs Lightning External Apps Starter?
Case Management, Roles and Advanced Sharing, access to Sales and Sevice Objects, access to knowledge, Reports and Dashboards, more data and files storage, more API calls.
How can you enable Salesforce users to access data from external sources like Quip, Google Drive, Sharepoint or Box?
Salesforce Files Connect
Is Salesforce Files Connect available in Communities?
Yes
How can you setup an external object?
1) Setup “New External Data Source”. 2) Select table to sync. 3) click “Sync” to automatically create the external objects In Salesforce.
What protocal does Salesforce Connect/External Objects support?
Odata
Is external data searchable?
Yes
What is the suffix on external objects?
__x
How can you enable Translation in Feeds in a community?
There’s an option to add a “Translate with Google” menu option on every feed item. You just need to supply the google API key in Community Builder Language Settings.
How do you setup Push Notifications to a custom mobile app?
- Developer Registration with Mobile OS Vendors. 2. Creating a Connected App, one for andoid, one for iOS. 3.Configure Your Mobile SDK App - implement push notification protocols required by Salesforce and the device OS provider. 4. Send the notification from Apex Trigger, REST API or Create a Custom Notification Type and associate with the Connected App in “Notification Delivery Settings”.
What’s the limit of Push Notications to a mobile app? (Android and iOS)
An org can send up to 20,000 iOS and 10,000 Android push notifications per hour
How can you mask data in Sandboxes?
Use Salesforce Data Mask.
What does the Salesforce Mobile SDK do?
A Mobile SDK app accesses Salesforce data through a mobile device’s native operating system rather than through a browser
Is the Salesforce mobile SDK usable for all types of mobile app? (Hybrid, native etc)
Yes
What’s a react native app?
This uses the React Native framework from facebook to run javascript apps as native code. React Natice lets you assemble the native UI building blocks with Javascript code so you can maintain one code base across both apps.
Can you use the mobile SDK via an Event Bus?
No, direct to Salesforce
What does the Mobile SDK provide?
Implementation of Salesforce Connected App policy, Login & Refresh & Oauth credential management, offline storage with SmartStore, data syncing between Salesforce and SmartStore, Community Support, REST API Wrappers
Where does Mobile SDK code live?
Within the mobile app you develop.
How can you help to enforce GDPR data categorisation in Salesforce?
For every field, you can mark it’s Data Sensitvity Level and Compliance Categorisation.
How many big objects can you have in Salesforce?
100
How many rows can be supported in a Big Object?
Billion (s)
Do big objects support OLS and FLS?
Yes
Do big objects support sharing rules?
No
What’s the primary key on a Big Object?
You create it as a composite of the other fields. Queries must use this primary key and cannot miss out a element of the key in the where clause.
Can you SOQL query parent relations from a big object?
Yes
Do Big Objects support standard UI Components?
No, need to create a Lighting component to fetch the data
What two ways can you query big objects?
Standard SOQL queries using an indexed field. Or async SOQL if you are not using an indexed field, you must specify where the data should be stored when query completes.
Limitations of a big object?
No UI components, no reporting directly, can only query on index (synchronously), sharing not supported.
Can you insert records into a big object synchronously with Apex?
Yes
What is a Large Data Volume?
Around 10M records or more
What is Odata?
Open Data Protocol - defines a set of best practices for building and consuming RESTful APIs.
Does Odata support creating records?
Yes
Does Salesforce Connect enable you to modify external data?
Yes
How could you put an external object on Heroku?
Use Heroku External Objects with Salesforce Connect. It uses a Postgres database.
How can you make an Async SOQL query?
Has to be done via Rest API.
What Licences are available with FSL?
Dispatcher, Technician, Contractor, Contractor Plus, Field Service Plus
What’s the difference between FSL Contractor and Contractor Plus?
Adds: Account & Contact management, Resource Scheduling, Partner Community (rather than customer), Leads, Opportunities, Terrtory Management
What FSL license would you give to a Partner who needs scheduling capabilites?
Contractor Plus
What’s the name of the FSL Licence that includes everything, both Dispatcher + Scheduler functions?
Field Service Plus
When a lead is converted, do you have to create an Opportunity?
No, user can choose not to.
When you convert a lead, is the lead deleted?
No, but they are not longer accesible in the UI. You can mass delete them in the setup menu.
Does an Opportunity Line Item have a lookup to Product or Pricebook Entry or Both?
Both.
Does an Order Item have a lookup to Product or Pricebook Entry or Both?
Both.
Where would you store details of a Product a customer owns but was provided by a competitor company?
Asset object, check the standard field “Competitor Asset”
What object must an Asset be related to?
An Account or Contact. Or Both. Unless the Assets sharing is not set as “Controlled by Parent”, in which case these can be left unpopulated.
Do assets support an asset hierarchy?
Yes
How can you access other Salesforce Org Data as an external object?
Cross-Org Adapter for Salesforce Connect
What options are available for a hub and spoke strategy?
Hub broadcasting or spoke aggregation. Hub broadcasting means the hub creates the data and broadcasts out to other orgs. Spoke aggregation involves the spokes creating the data and then pushing to hub for reporting etc.
How can you replicate data between Salesforce Orgs?
Salesforce to Salesforce
What routing options are available in FSL? What’s the diffference?
Ariel Routing: shortest distance between locations based on a straight line, Street Lvel Routing - computes the distance along roads with timing based on road speed and type. Predictive travel - incorporates time of day data into the calculation.
What objects does territory management apply to?
Only Account, Opportunity and master-detail children of Account and Opportunity. Case is also covered.
When you enable the territory hierarchy, what happens to the role hierarchy?
Nothing they work side by side opening up access.
How are records assigned into a territory?
Using assignment rules.
Regarding account access when configuring the territory hierarchy, what two options are available to define what users can do with Accounts in the territory?
Viewandeditaccounts assigned to the territory or View, edit, transfer, and delete accounts assigned to the territory
When setting up territory management how do you configure the opportunity territory assignment?
Upload an apex class that implements OpportunityTerritory2AssignmentFilter interface
What are inherited Account Assignment rules?
This means the rules higher in the hierarchy are added into this territories evaluation criteria
What’s the limit of sharing rules per object?
Upto 300 per object, with a max of 50 Criteria Based rules.
Do Territories have to be geographical?
No! Based on any field on the Account. Typically Industry, Revenue, No of employees, Region.
Can an account be assigned to mutiple territories?
Yes
Which territory do territory assignment rules assign an account to if it matches multiple territories in the hierarchy?
The lowest hierarchy matching all rules
If an account matches the rules of two territories in different branches, which territory does it get assigned to?
Both
What three options do community users have to control their profile visibility?
Restricted: visible to internal users only. Members: visible to logged in members. Public: available on unauthenticated pages.
Can a user set their photo as Restricted in a Community?
No, only to “Members” or “Public”.
What are the multi-org approaches?
Hub & Spoke/Hierachical, Region Based, Business Unit, Criticality based
How do you setup a Salesforce to Salesforce connection?
1) Setup “Salesforce to Salesforce” - Enable. 2) Connections Tab > Select a Connection > New Template > Select Objects > Select Fields. 3) Email sent from source org to a contact to enable them to authenticate the second org.
What are the differences between the chatter licenses?
Chatter External: for users outside your company email domain. Invite Customers to chatter groups, no access to chatter objects or data. Chatter Free: essentially Chatter External, but for internal users. Chatter Only (aka Chatter Plus): Chatter access + read on Account and Contact + 10 custom objects.
What are the three types of community rules?
Moderation rules, Content Criteria rules, and member criteria rules
how can you block users creating too much content in a short period of time?
Create a rate rule in moderation settings. Options are 3 minutes or 15 minutes.
What’s the relationshop between a moderation rule, a content criteria rule and a member criteria rule?
A moderation rule links a member criteria rule (a selection of the community members the rule should apply to) with a content criteria ruke (banned words or rate limiting) with the moderation rule defining how to handle the scenario (block, review, replace, flag)
What authentication types are supported for external objects?
Per user or named credential (i.e. one for all user, or one each). Then can use OAuth or Password Authentication. If specifying OAuth, then need to setup an Auth Provider.
How do you setup a SOAP Callout?
1) Download the WSDL from service. 2) Upload WSDL to Salesforce (in Apex Classes), this generates two classes, sync and async. 3) Authorise Endpoint in Remote Site Settings. 4) Call stub methods in auto-generated class.
How do you setup a SOAP Webservice?
1) Create global class with “webservice” keyword applied to the method. 2) Download the Apex Class WSDL and give to the calling service. 3) Also provide the Enterprise or Partner WSDL for Authentication.
What is WS Security for a SOAP Call?
Web Services Security is an extension to SOAP to apply security to Web Services. It describes: how to sign messages, how to encrypt messages ad how to attach security tokens.
How can you restrict a user to access Apex Rest Services but not other standard APIs?
Only enable “Apex Rest Services” on their profile, not API Enabled. Set their Apex Class access on the profile.
What are three features of Salesforce Shield?
Encryption, Monitoring and Field Audit
What two types of Encryption are available for fields with Salesforce Shield?
Deterministic and Probabilistic
What does API stand for?
Application Programming Interface
Does Identity Connect provision users JIT?
No, users synced on a schedule or near real time.
How do you set up SAML SSO?
1) Setup “Single Sign On Settings”. 2) Enable SAML. 3) “New” Single Sign On settings. 4) Upload Certificate. 4) Configure additional options such as JIT, Single Logout.
How does Identity Connect connect to Salesforce to Provision/derovision users?
Via Salesforce REST APIS.
Which uses less API calls with Identity Connect, Scheduled Sync or Live-updates?
Live Updates doesn’t consume as many API calls because Identity Connect connects to Salesforce only when it detects changes to user settings in AD
What features does Identity Connect 3.0 add?
Default database is now PostgreSQL rather than OrientDB. Improved Performance and reduces network traffic.
What is included within a JWT Claim?
Issuer (iss), Subject (sub) - in Salesforce must be username, Audience (aud), expiry (exp)
How does single logout work?
During Single Sign On, the IdP sends thr SP a “Session Index Parameter”. Both the SP and IdP store this and either party can send this with the logout request to the other to force the logout.
How is Salesforce Connect Licensed?
It requires Salesforce Connect Add-On Licenses, each of these gives you 5 cross-org connections and one Odata Connection. A License is connected with an Org, so for two Orgs accessing each other, they need one each.