Salesforce Integration Interview Questions

In this post, we’ll go over the most common questions and answers for Salesforce Integration interviews. These questions and answers will help you land your dream job as a Salesforce integration expert. The list includes questions ranging from basic to advanced levels.

Top Salesforce Integration Interview Questions

Here is a list of the top Salesforce Integration interview questions for 2024. Be sure to also check out our complete Salesforce Integration With External System Course.

What is Integration?

Salesforce integration means linking the data and features of the Salesforce CRM with other software, systems, or applications to create a unified user experience. This connection helps streamline important processes across different platforms.

What are web services?

Web services are internet-based programs that use standard messaging protocols and are available from a provider’s web server for clients or other web programs to use. Also known as web application services, they allow different machines and software to interact with each other across a network, even if they weren’t originally designed to work together.

A web service performs specific tasks and has a detailed description that explains how to use it, including the message formats and protocols needed. This allows almost any hardware or software to use the service, no matter what platform or programming language was used to create it. This makes it easier for different systems to work together and share data.

What is the difference between JSON Vs. XML ?

Stands forJSON means JavaScript Object Notation.XML means Extensible Markup Language. 
HistoryDouglas Crockford and Chip Morningstar released JSON in 2001.The XML Working Group released XML in 1998.
FormatJSON uses a maplike structure with key-value pairs.XML stores data in a tree structure with namespaces for different data categories.
SyntaxThe syntax of JSON is more compact and easier to read and write.The syntax of XML substitutes some characters for entity references, making it more verbose.
ParsingYou can parse JSON with a standard JavaScript function.You need to parse XML with an XML parser.
Schema documentationJSON is simple and more flexible.XML is complex and less flexible.
Data typesJSON supports numbers, objects, strings, and Boolean arrays.XML supports all JSON data types and additional types like Boolean, dates, images, and namespaces.
Ease of useJSON has smaller file sizes and faster data transmission.XML tag structure is more complex to write and read and results in bulky files.
SecurityJSON is safer than XML.You should turn off DTD when working with XML to mitigate potential security risks.

What is REST API?

A RESTful API is a way to design an interface that uses HTTP requests to access and manage data. With this API, you can perform operations like GET (read), PUT (update), POST (create), and DELETE (remove) on different resources.

An API is code that allows two software programs to talk to each other. The design of the API shows developers how to write a program (the client) that can request services from another application (the server). APIs are essential for allowing different software to work together.

RESTful APIs, also called RESTful web services or REST APIs, are based on a communication style called representational state transfer. This method is often used to develop web services and can help different types of applications communicate with each other.

REST technology is usually preferred over other similar technologies because it uses less bandwidth, making it more efficient for internet use. RESTful APIs can also be created with popular programming languages like PHP, JavaScript, and Python.

What is SOAP API?

Simple Object Access Protocol (SOAP) is a way to exchange information between systems and applications. When using application programming interfaces (APIs), a SOAP API is created in a structured and formal manner.

Think of SOAP like the national postal service: it’s reliable and trusted for sending messages between systems and within business applications. It’s been around for a while and is dependable, but it can be slower compared to newer styles like REST.

SOAP uses XML to format the data in messages sent and received by an API client. It defines four different aspects of the API protocol:

  • Envelope: Describes how the message is structured.
  • Encoding: Specifies rules for representing different types of data.
  • Requests: Outlines the structure of each SOAP API request.
  • Responses: Outlines the structure of each SOAP API response.

When to use SOAP APIs

SOAP uses XML as a standard way to communicate and exchange structured information between applications in different environments. It allows apps running on different systems and written in different languages to talk to each other.

What is the difference between SOAP and REST?

If you’re not creating your own web service, the choice of protocol may already be decided for you. Only a handful of web services, like Amazon, support both protocols. Your decision usually revolves around which web service suits your needs best, rather than choosing the protocol.

Soap Advantages

SOAP offers several advantages over REST:

  • It’s independent of language, platform, and transport (REST relies on HTTP).
  • It functions effectively in distributed enterprise setups (REST assumes direct communication).
  • It’s standardized.
  • It offers extensive built-in extensibility through WS* standards.
  • It includes built-in error handling.
  • It can automate tasks when used with specific language tools.

REST has several advantages over SOAP:

  • It’s generally easier to use and more flexible.
  • No costly tools are needed to interact with the web service.
  • It has a shorter learning curve.
  • It’s efficient (SOAP uses XML for all messages, whereas REST can use smaller formats).
  • It’s faster because it doesn’t require extensive processing.
  • It’s closely aligned with other web technologies in its design approach.

What is WSDL?

WSDL, which stands for Web Services Description Language, describes what a web service can do, including those that use SOAP APIs.

WSDL documents create an agreement between web service providers and users, specifying which methods are supported and the types of data they use.

Core Elements of WSDL

WSDL is distinctive because of its key components:

  • types: Defines the data types used by the web service, detailing how inputs and outputs are structured.
  • message: Specifies the data structure for each operation, including what data is sent and received.
  • portType: Lists the operations supported by the web service, along with the inputs and outputs for each operation.
  • binding: Maps operations to specific transport protocols or data formats, like SOAP over HTTP.
  • service: Shows where clients can access the web service, providing essential details for connecting.

What is SoapUI?

SoapUI is a tool used to test various types of web services, including SOAP, RESTful, and HTTP-based services. It’s open-source and free to use, but there’s also a commercial version called ReadyAPI. ReadyAPI offers additional features suited for companies that rely heavily on web services for their operations.

SoapUI is capable of testing both RESTful APIs and SOAP Web Services comprehensively. It supports various types of testing, including Functional Testing, Performance Testing, Interoperability Testing, Regression Testing, and more. It’s designed to be user-friendly; for instance, creating a Load Test is as simple as right-clicking on a functional test and running it as a load test.

In SoapUI, you can simulate web services and record tests for later use. It allows you to generate code stubs directly from WSDL files. Additionally, you can create REST specifications (WADL) from recorded interactions.

There are many possibilities with SoapUI, so we encourage you to explore the documentation and experiment with the tool yourself.

What is the difference between Enterprise WSDL and Partner WSDL?

Partner WSDL in Salesforce:

  • Loosely Typed: It provides flexibility to adapt to different configurations within Salesforce.
  • Reflects Any Configuration: It can be used to interact with any setup in Salesforce.
  • Static: It remains unchanged even if modifications are made to the Salesforce organization’s configuration.
  • Intended Audience: It is designed for customers, partners, and ISVs (Independent Software Vendors).
  • Purpose: It enables building integrations that can operate across multiple Salesforce organizations, regardless of their custom objects or fields.

Enterprise WSDL in Salesforce:

  • Strongly Typed: It specifies data types rigorously for clarity and reliability.
  • Tied to Specific Configuration: It is tailored to a particular setup within Salesforce.
  • Dynamic: Changes when modifications are made to the Salesforce organization’s configuration.
  • Intended Audience: It is designed for customers who wish to integrate specifically with their own Salesforce org.

What is an Integration Pattern?

Integration patterns in enterprise systems are established designs or solutions that help different software applications, systems, or services in an organization connect, interact, and share data smoothly.

What is remote site settings?

Remote Site Settings in Salesforce are settings that let you define which external URLs your Salesforce instance can communicate with. This is a security feature that ensures Salesforce only interacts with trusted external sites and prevents unauthorized access to potentially risky or malicious sites.

To access Remote Site Settings:

  1. Log into Salesforce with administrative privileges.
  2. Click on the ‘Setup’ (gear icon) in the upper-right corner of the interface.
  3. Use the Quick Find box and type ‘Remote Site Settings’.
  4. Click on ‘Remote Site Settings’ under Security.

Adding a New Remote Site

  1. In the Remote Site Settings page, click on the ‘New Remote Site’ button.
  2. Fill in the following fields:
    • Remote Site Name: A unique name to identify the remote site.
    • Remote Site URL: The web address (URL) of the endpoint that Salesforce is permitted to communicate with.
    • Description (optional): Additional information or notes about the remote site.
    • Active: A checkbox to activate the remote site immediately for use.
  3. Click ‘Save’.

Example Use Case

Imagine you’re connecting Salesforce to a third-party API that checks addresses. The API is located at To let Salesforce send requests to this service, you must add this URL to the Remote Site Settings.

What is a Connected App?

A connected app is a setup that allows an external application to connect and work with Salesforce using APIs and common standards like SAML, OAuth, and OpenID Connect. Connected apps use these protocols to authenticate users, grant permissions, and enable single sign-on (SSO) for external applications.

These external apps can operate on Salesforce’s platform, as well as on other platforms, devices, or subscription services. For instance, when you log into your Salesforce mobile app and view your Salesforce data, you’re using a connected app.

A connected app stores information about an external application’s metadata, informing Salesforce about the authentication method (like SAML, OAuth, or OpenID Connect) used by the app and where it operates. Salesforce uses this data to authorize the external app to access its information. Policies can be attached to control access, such as setting expiration dates for the app’s access. Salesforce can also track and review how connected apps are used through audits.

What is OAuth?

OAuth is a protocol that allows a client application to access data from a secured resource by exchanging tokens. These tokens grant specific permissions to the client application.

The resource server verifies these tokens and permits the client application to access the protected resources as defined. In Salesforce, OAuth authorization is used to grant a client application access to protected resources within your organization.

What different OAuth2.0 Authorization flows are available in Salesforce?

To learn more about these flows, check out salesforce official page.

What is JWT flow in Salesforce?

   OAuth 2.0 JWT Bearer flow is an authorization method designed for server-to-server interactions on the Salesforce platform. This flow uses a Json Web Token (JWT) as an assertion to request an access token from the Salesforce server.

  • This flow does not need any direct interaction from users, making it suitable for frequent server-to-server interactions.
  • The assertion used in the token request is signed by an SSL certificate, enhancing security for this flow.
  • The validity of the assertion is limited to the date and time specified in the JWT token.
  • To obtain the access token, the end user’s profile or permission set (specifically, the username specified in the JWT subject) must be pre-approved. This requires users to be pre-authorized under OAuth policies set to Admin-approved users.

What is web service flow in Salesforce?

This flow is typically used by web applications that can securely store the client secret. A key requirement of the web server flow is that the application must safeguard the consumer secret effectively.

The OAuth web-server flow works as follows:

  Redirect to Salesforce Login: The client app sends the user to Salesforce’s login page to request access to a resource.

  User Login: Users log in to Salesforce to verify their identity. Since Salesforce manages the login page, the client app doesn’t see or handle the user’s login details. The user also gives permission for the client app to access their data.

  Receive Authorization Code: Salesforce sends an authorization code back to the client app through a callback URL.

  Exchange Code for Access Token: The client app uses the authorization code to request an access token from Salesforce.

  Get Response Token: Salesforce checks the authorization code and sends a response token to the client app. If everything is correct, this token includes an access token, a refresh token, and more details.

  Access Protected Resources: The client app can now use the access token to access protected resources like Salesforce Connect REST API endpoints.

What is Named Credentials, and what is the use of it?

Named Credentials in Salesforce let developers and admins define the URL and authentication details for outbound HTTP requests in one place. This simplifies the setup by handling authentication protocols, endpoint permissions, and token storage automatically. It allows Trailblazers to concentrate on building Flows or Apex code while Salesforce manages the underlying details.

What is OpenID Connect?

OpenID Connect adds a straightforward identity layer over OAuth 2.0. It lets clients verify the identity of users based on authentication by an Authorization Server. Additionally, it allows clients to access basic profile details about the user.

What is the difference between OpenID and OAuth?

OpenID is used mainly for verifying users’ identities, whereas OAuth is for granting permissions to access resources on behalf of the user. OAuth’s versatility has made it widely adopted across industries, whereas OpenID is simpler but offers fewer customization options. Knowing these distinctions helps in using them effectively for different purposes.


• OpenID is a protocol used to log users into client apps securely. Its main purpose is user authentication.

• OAuth is a protocol used to let client apps access server resources on behalf of a user. Its main purpose is delegated authorization.


• OpenID works by redirecting the user to the OpenID provider for authentication. Once authenticated there, the user is redirected back.

• OAuth operates by exchanging tokens between the client, resource server, and authorization server in the background. It doesn’t involve redirection.


• OpenID confirms the identity of the end-user but doesn’t provide additional user details. Its focus is solely on authentication.

• OAuth verifies identities and grants specific access to protected resources, with options for customizing the scope of access. Access is limited to the delegated permissions specified.


• OpenID is often used for web single sign-on. Social sign-ins through platforms like Google or Facebook use OpenID.

• OAuth lets users give third-party apps permission to access their data on other websites, such as social media or cloud storage platforms.


• OpenID is a publicly available specification. Several providers can provide OpenID identity services.

• OAuth is a framework with different versions like 1.0, 2.0, and 3.0. It includes various extension grant types.


• OpenID doesn’t use tokens. Its protocol flow is simpler for developers to implement.

• OAuth uses signed tokens and requires multiple steps for token exchange. It’s more complex for developers to implement compared to OpenID.


• OpenID provides limited customization and is designed for basic single sign-on needs.

• OAuth allows extensive customization of token features such as scope, endpoints, expiration, refresh capabilities, and more.


• OpenID became less popular as social logins with platforms like Facebook and Google gained popularity.

• OAuth is widely used across industries for mobile apps, web APIs, and allowing third-party apps access to user data.

What is Streaming API? Explain the different mechanisms of Steaming API.

The Streaming API allows events to be streamed using push technology, providing a way to subscribe and receive events in almost real-time. It supports various types of events such as PushTopic events, generic events, platform events, and Change Data Capture events.

What is Change Data Capture?

Change data capture (CDC) is the method of detecting and capturing changes made to data in a database, then delivering these changes immediately to another process or system downstream.

What is Tooling API?

The Tooling API is used to retrieve metadata like Apex classes, Apex triggers, custom objects, custom fields, and more. Instead of manually gathering details from the entire Salesforce organization, Tooling API SOQL queries can quickly fetch lists of custom objects or custom fields.


SELECT Id, DeveloperName FROM CustomObject 

 SELECT Id, DeveloperName FROM CustomField 

What is Salesforce Connect?

Salesforce Connect is a service in App Cloud that allows users of Salesforce applications to easily access and manage data from external sources directly within the Salesforce environment, without needing to switch to different platforms.

With Salesforce Connect, you can retrieve data from both on-premise applications and cloud-based sources. You have the option to enable all users in your Salesforce organization to access an external data source using a single login account or set up individual login accounts for each user.

What are REST API Composite Resources ?

Performs multiple REST API requests in one POST request or retrieves a list of composite resources with a GET request. This allows chaining requests, where the output of one request can serve as input for the next. All request responses and HTTP statuses are consolidated into a single response body. This sequence of requests is counted as a single API call against your limit.

Checkout our post on Composite APIs here

What is the difference Between API Gateway and ESB?

Enterprise Service Bus (ESB) is an older technology used to connect digital services. An API gateway acts as a proxy layer for digital services, handling various features through APIs. Compared to ESB, an API gateway is often chosen for its better orchestration, integration, and security capabilities.

What is API Gateway?

An API gateway is a tool for managing application programming interfaces (APIs) that sits between a client and a group of backend services.

What is the use of Middleware(App Glue) In Enterprise Context?

Middleware is software that helps different applications talk to each other. It enables smart and efficient connections between applications, allowing for faster innovation.

Middleware acts as a link between various technologies, tools, and databases, seamlessly integrating them into one system. This unified system then offers a consistent service to users. For instance, a Windows application can exchange data with a Linux server in the background, without users noticing the technical details.

Checkout out Complete Salesforce Integration with External System Course


Recent Posts