Which setting is available to a hyperautomation practitioner that meets this security requirement?

Northern Trail Outfitters is concerned about security in their Salesforce org regarding their newly created hyperautomation flow that calls a MuleSoft API. A mechanism needs to be implemented that restricts which users can invoke the flow.

Which setting is available to a hyperautomation practitioner that meets this security requirement?
A . Configure OAuth 2.0 in the connected app.
B . Assign an appropriate profile or permission set to users in the external service.
C . Assign an appropriate profile or permission set to users in the connected app.
D . Configure OAuth 2.0 in the external service.

View Answer

Answer: C

Explanation:

Profiles and Permission Sets: Assigning the appropriate profile or permission set to users in the connected app restricts access to the MuleSoft API. This method ensures that only authorized users can invoke the hyperautomation flow.

Reference: Salesforce Connected App Security

OAuth 2.0 Configuration: Configuring OAuth 2.0 is important for authentication, but it does not directly control which users can invoke the flow. The profile or permission set is used to manage user permissions.

Reference: OAuth 2.0 Overview

External Service Permissions: Assigning permissions in the external service is less relevant than managing permissions within Salesforce, where the flow is executed.

Reference: External Services in Salesforce

Connected App Security: Properly securing the connected app by configuring user profiles and permission sets ensures compliance with security policies and restricts access as required.

Reference: Managing Access with Connected Apps