Salesforce Certified Identity and Access Management Practice Exam 2025 - Free Identity and Access Management Practice Questions and Study Guide

The use of SSH Public Key Authentication for Salesforce APIs can be enforced effectively by configuring connected apps to utilize OAuth tokens. OAuth is an industry-standard protocol that allows secure delegated access, enabling applications to access user data provided that the user has granted permission. When properly implemented, this configuration ensures that API calls can only be made by authenticated and authorized applications, enhancing security.

Through connected apps, administrators can define the level of access that the application has, and by requiring OAuth tokens, they can set specific permissions that dictate how the APIs can be used. This method provides a clear structure for managing access while facilitating secure communication between apps and Salesforce services.

The other options do not directly address enforcing SSH Public Key Authentication for APIs. Enabling two-factor authentication enhances security for user logins but does not specifically relate to SSH for API access. Requiring frequent password changes can improve overall security for user accounts but does not influence API authentication methods. Disabling API access entirely restricts functionality and would not be a practical approach for securing data access if SSH Public Key Authentication is desired.