Salesforce-MuleSoft-Platform-Architect Practice Test
Salesforce Spring 25 Release 152 Questions
An API is protected with a Client ID Enforcement policy and uses the default configuration.
Access is requested for the client application to the API, and an approved contract now exists between the client application and the API
How can a consumer of this API avoid a 401 error "Unauthorized or invalid client application credentials"?
A. Send the obtained token as a header in every call
B. Send the obtained: client_id and client_secret in the request body
C. Send the obtained clent_id and clent_secret as URI parameters in every call
D. Send the obtained clent_id and client_secret in the header of every API Request call
D. Send the obtained clent_id and client_secret in the header of every API Request call
Explanation:
By default, the Client ID Enforcement policy expects credentials via HTTP headers named client_id and client_secret (or via HTTP Basic Auth if configured). To satisfy the policy on every call, the consumer must include these credentials in the request header (or in the Authorization header for basic auth). Omitting them results in a 401 Unauthorized error.