ACD301 Sample Questions Answers

Comprehensive and Detailed In-Depth Explanation:

As an Appian Lead Developer, ensuring a consistent user experience across multiple applications on the Appian platform involves centralizing reusable components and adhering to Appian’s design governance principles. The client’s concern about inconsistent headers (e.g., different colors, sizes, layouts) across applications using rich text, section layouts, and box layouts requires a scalable, maintainable solution. Let’s evaluate each option:

A. Create constants for text size and color, and update each section to reference these values:Using constants (e.g., cons!TEXT_SIZE and cons!HEADER_COLOR) is a good practice for managing values, but it doesn’t address layout consistency (e.g., rich text vs. section layouts vs. box layouts). Constants alone can’t enforce uniform header design across applications, as they don’t encapsulate layout logic (e.g., a!sectionLayout() vs. a!richTextDisplayField()). This approach would require manual updates to each application’s components, increasing maintenance overhead and still risking inconsistency. Appian’s documentation recommends using rules for reusable UI components, not just constants, making this insufficient.

B. In the common application, create a rule that can be used across the platform for section headers, and update each application to reference this new rule:This is the best recommendation. Appian supports a “common application” (often called a shared or utility application) to store reusable objects like expression rules, which can define consistent header designs (e.g., rule!CommonHeader(size: "LARGE", color: "PRIMARY")). By creating a single rule for headers and referencing it across all 5 applications, you ensure uniformity in layout, color, and size (e.g., using a!sectionLayout() or a!boxLayout() consistently). Appian’s design best practices emphasize centralizing UI components in a common application to reduce duplication, enforce standards, and simplify maintenance—perfect for achieving a consistent user experience.

C. In the common application, create one rule for each application, and update each application to reference its respective rule:This approach creates separate header rules for each application (e.g., rule!App1Header, rule!App2Header), which contradicts the goal of consistency. While housed in the common application, it introduces variability (e.g., different colors or sizes per rule), defeating the purpose. Appian’s governance guidelines advocate for a single, shared rule to maintain uniformity, making this less efficient and unnecessary.

D. In each individual application, create a rule that can be used for section headers, and update each application to reference its respective rule:Creating separate rules in each application (e.g., rule!App1Header in App 1, rule!App2Header in App 2) leads to duplication and inconsistency, as each rule could differ in design. This approach increases maintenance effort and risks diverging styles, violating the client’s requirement for a “consistent user experience.” Appian’s best practices discourage duplicating UI logic, favoring centralized rules in a common application instead.

Conclusion: Creating a rule in the common application for section headers and referencing it across the platform (B) ensures consistency in header design (color, size, layout) while minimizing duplication and maintenance. This leverages Appian’s application architecture for shared objects, aligning with Lead Developer standards for UI governance.

Comprehensive and Detailed In-Depth Explanation:

As an Appian Lead Developer, designing a large-scale acquisition application with multiple development teams requires a strategy to manage processes, forms, and code reuse effectively. The goal is to minimize repeated code (e.g., duplicate interfaces, process models) while ensuring scalability and maintainability across teams. Let’s evaluate each option:

A. Create a Center of Excellence (CoE):A Center of Excellence is an organizational structure or team focused on standardizing practices, training, and governance across projects. While beneficial for long-term consistency, it doesn’t directly address the technical design of minimizing repeated code for processes and forms. It’s a strategic initiative, not a design solution, and doesn’t solve the immediate need for code reuse. Appian’s documentation mentions CoEs for governance but not as a primary design approach, making this less relevant here.

B. Create a common objects application:This is the best recommendation. In Appian, a “common objects application” (or shared application) is used to store reusable components like expression rules, interfaces, process models, constants, and data types (e.g., CDTs). For a large-scale acquisition application with multiple teams, centralizing shared objects (e.g., rule!CommonForm, pm!CommonProcess) ensures consistency, reduces duplication, and simplifies maintenance. Teams can reference these objects in their applications, adhering to Appian’s design best practices for scalability. This approach minimizes repeated code while allowing team-specific customizations, aligning with Lead Developer standards for large projects.

C. Create a Scrum of Scrums sprint meeting for the team leads:A Scrum of Scrums meeting is a coordination mechanism for Agile teams, focusing on aligning sprint goals and resolving cross-team dependencies. While useful for collaboration, it doesn’t address the technical design of minimizing repeated code—it’s a process, not a solution for code reuse. Appian’s Agile methodologies support such meetings, but they don’t directly reduce duplication in processes and forms, making this less applicable.

D. Create duplicate processes and forms as needed:Duplicating processes and forms (e.g., copying interface!PurchaseForm for each team) leads to redundancy, increased maintenance effort, and potential inconsistencies (e.g., divergent logic). This contradicts the goal of minimizing repeated code and violates Appian’s design principles for reusability and efficiency. Appian’s documentation strongly discourages duplication, favoring shared objects instead, making this the least effective option.

Conclusion: Creating a common objects application (B) is the recommended design. It centralizes reusable processes, forms, and other components, minimizing code duplication across teams while ensuring consistency and scalability for the large-scale acquisition application. This leverages Appian’s application architecture for shared resources, aligning with Lead Developer best practices for multi-team projects.

design_errors.csv → Errors in start forms, task forms, record lists, enabled environments

devops_infrastructure.csv → Metrics such as the total time spent evaluating a plug-in function

login-audit.csv → Inbound requests using HTTP basic authentication

Comprehensive and Detailed In-Depth Explanation:

Appian provides various log files to monitor and troubleshoot platform issues, accessible through the Administration Console or exported as CSV files. These logs capture different aspects of system performance, security, and user interactions. The Appian Monitoring and Troubleshooting Guide details the purpose of each log file, enabling accurate matching.

design_errors.csv → Errors in start forms, task forms, record lists, enabled environments:The design_errors.csv log file is specifically designed to track errors related to the design and runtime behavior of Appian objects such as start forms, task forms, and record lists. It also includes information about issues in enabled environments, making it the appropriate match. This log helps developers identify and resolve UI or configuration errors, aligning with its purpose of capturing design-time and runtime issues.

devops_infrastructure.csv → Metrics such as the total time spent evaluating a plug-in function:The devops_infrastructure.csv log file provides infrastructure and performance metrics for Appian Cloud instances. It includes data on system performance, such as the time spent evaluating plug-in functions, which is critical for optimizing custom integrations. This matches the description, as it focuses on operational metrics rather than errors or security events, consistent with Appian’s infrastructure monitoring approach.

login-audit.csv → Inbound requests using HTTP basic authentication:The login-audit.csv log file tracks user authentication and login activities, including details about inbound requests using HTTP basic authentication. This log is used to monitor security events, such as successful and failed login attempts, making it the best fit for this description. Appian’s security logging emphasizes audit trails for authentication, aligning with this use case.

Unused Description:

Number of enabled environments: This description is not matched to any log file. While it could theoretically relate to system configuration logs, none of the listed files (design_errors.csv, devops_infrastructure.csv, login-audit.csv) are specifically designed to report the number of enabled environments. This might be tracked in a separate administrative report or configuration log not listed here.

Matching Rationale:

Each description is either used once or not at all, as specified. The matches are based on Appian’s documented log file purposes: design_errors.csv for design-related errors, devops_infrastructure.csv for performance metrics, and login-audit.csv for authentication details.

The unused description suggests the question allows for some descriptions to remain unmatched, reflecting real-world variability in log file content.

Comprehensive and Detailed In-Depth Explanation:

As an Appian Lead Developer, managing stakeholder engagement and ensuring smooth project progress are critical responsibilities. The scenario describes a product owner whose decreasing involvement is causing delays, which requires a proactive and collaborative approach rather than an immediate escalation to replacement. Let’s analyze each option:

A. An additional daily stand-up meeting: While daily stand-ups are a core Agile practice to align the team, adding another one specifically to secure the product owner’s time is inefficient. Appian’s Agile methodology (aligned with Scrum) emphasizes that stand-ups are for the development team to coordinate, not to force stakeholder availability. The product owner’s irritation might increase with additional meetings, making this less effective.

B. A risk management meeting with your program manager: This is a correct choice. Appian Lead Developer documentation highlights the importance of risk management in complex projects (e.g., customer management systems). Delays due to lack of product owner involvement constitute a project risk. Escalating this to the program manager ensures visibility and allows for strategic mitigation, such as resource reallocation or additional support, without directly confronting the product owner in a way that could damage the relationship. This aligns with Appian’s project governance best practices.

C. A sprint retrospective with the product owner and development team: This is also a correct choice. The sprint retrospective, as per Appian’s Agile guidelines, is a key ceremony to reflect on what’s working and what isn’t. Including the product owner fosters collaboration and provides a safe space to address their reduced involvement and its impact on ticket delays. It encourages team accountability and aligns with Appian’s focus on continuous improvement in Agile development.

D. A meeting with the sponsor to discuss the product owner’s performance and request a replacement: This is premature and not recommended as a first step. Appian’s Lead Developer training emphasizes maintaining strong stakeholder relationships and resolving issues collaboratively before escalating to drastic measures like replacement. This option risks alienating the product owner and disrupting the project further, which contradicts Appian’s stakeholder management principles.

Conclusion: The best approach combines B (risk management meeting) to address the immediate risk of delays with a higher-level escalation and C (sprint retrospective) to collaboratively resolve the product owner’s engagement issues. These align with Appian’s Agile and leadership strategies for Lead Developers.

As a user, if I update an object of type "Customer", the value of the given field should be displayed on the "Company" Record List. → Database Complex View

As a user, if I update an object of type "Customer", a simple data transformation needs to be performed on related objects of the same type (namely, all the customers related to the same company). → Database Trigger

As a user, if I update an object of type "Customer", some complex data transformations need to be performed on related objects of type "Customer", "Company", and "Contract". → Database Stored Procedure

As a user, if I update an object of type "Customer", some simple data transformations need to be performed on related objects of type "Company", "Address", and "Contract". → Write to Data Store Entity smart service

Comprehensive and Detailed In-Depth Explanation:

Appian integrates with external databases to handle data updates and transformations, offering various tools depending on the complexity and context of the task. The scenarios involve updating a "Customer" object and triggering actions on related data, requiring careful selection of the best tool. Appian’s Data Integration and Database Management documentation guides these decisions.

As a user, if I update an object of type "Customer", the value of the given field should be displayed on the "Company" Record List → Database Complex View:This scenario requires displaying updated customer data on a "Company" Record List, implying a read-only operation to join or aggregate data across tables. A Database Complex View (e.g., a SQL view combining "Customer" and "Company" tables) is ideal for this. Appian supports complex views to predefine queries that can be used in Record Lists, ensuring the updated field value is reflected without additional processing. This tool is best for read operations and does not involve write logic.

As a user, if I update an object of type "Customer", a simple data transformation needs to be performed on related objects of the same type (namely, all the customers related to the same company) → Database Trigger:This involves a simple transformation (e.g., updating a flag or counter) on related "Customer" records after an update. A Database Trigger, executed automatically on the database side when a "Customer" record is modified, is the best fit. It can perform lightweight SQL updates on related records (e.g., via a company ID join) without Appian process overhead. Appian recommends triggers for simple, database-level automation, especially when transformations are confined to the same table type.

As a user, if I update an object of type "Customer", some complex data transformations need to be performed on related objects of type "Customer", "Company", and "Contract" → Database Stored Procedure:This scenario involves complex transformations across multiple related object types, suggesting multi-step logic (e.g., recalculating totals or updating multiple tables). A Database Stored Procedure allows you to encapsulate this logic in SQL, callable from Appian, offering flexibility for complex operations. Appian supports stored procedures for scenarios requiring transactional integrity and intricate data manipulation across tables, making it the best choice here.

As a user, if I update an object of type "Customer", some simple data transformations need to be performed on related objects of type "Company", "Address", and "Contract" → Write to Data Store Entity smart service:This requires simple transformations on related objects, which can be handled within Appian’s process model. The "Write to Data Store Entity" smart service allows you to update multiple related entities (e.g., "Company", "Address", "Contract") based on the "Customer" update, using Appian’s expression rules for logic. This approach leverages Appian’s process automation, is user-friendly for developers, and is recommended for straightforward updates within the Appian environment.

Matching Rationale:

Each tool is used once, covering the spectrum of database integration options: Database Complex View for read/display, Database Trigger for simple database-side automation, Database Stored Procedure for complex multi-table logic, and Write to Data Store Entity smart service for Appian-managed simple updates.

Appian’s guidelines prioritize using the right tool based on complexity and context, ensuring efficiency and maintainability.

Comprehensive and Detailed In-Depth Explanation:

As an Appian Lead Developer in a Post-Production Maintenance phase, troubleshooting a failed integration (HTTP 500 Internal Server Error) requires a systematic approach to isolate the root cause—whether it’s Appian-side, API-side, or environmental. A 500 error typically indicates an issue on the server (API) side, but the developer must confirm Appian’s contribution and collaborate with the customer. The goal is to select three steps that efficiently diagnose the specific scenario while adhering to Appian’s best practices. Let’s evaluate each option:

A. Send the same payload to the test API to ensure the issue is not related to the API environment:This is a critical step. Replicating the failure by sending the exact payload (from the failed Production call) to a test API environment helps determine if the issue is environment-specific (e.g., Production-only configuration) or inherent to the payload/API logic. Appian’s Integration troubleshooting guidelines recommend testing in a non-Production environment first to isolate variables. If the test API succeeds, the Production environment or API state is implicated; if it fails, the payload or API logic is suspect. This step leverages Appian’s Integration object logging (e.g., request/response capture) and is a standard diagnostic practice.

B. Send a test case to the Production API to ensure the service is still up and running:While verifying Production API availability is useful, sending an arbitrary test case risks further Production disruption during maintenance and may not replicate the specific scenario. A generic test might succeed (e.g., with simpler data), masking the issue tied to the complex JSON. Appian’s Post-Production guidelines discourage unnecessary Production interactions unless replicating the exact failure is controlled and justified. This step is less precise than analyzing existing behavior (C) and is not among the top three priorities.

C. Analyze the behavior of subsequent calls to the Production API to ensure there is no global issue, and ask the customer to analyze the API logs to understand the nature of the issue:This is essential. Reviewing subsequent Production calls (via Appian’s Integration logs or monitoring tools) checks if the 500 error is isolated or systemic (e.g., API outage). Since Appian can’t access API server logs, collaborating with the customer to review their logs is critical for a 500 error, which often stems from server-side exceptions (e.g., unhandled data). Appian Lead Developer training emphasizes partnership with API owners and using Appian’s Process History or Application Monitoring to correlate failures—making this a key troubleshooting step.

D. Obtain the JSON sent to the API and validate that there is no difference between the expected JSON format and the sent one:This is a foundational step. The complex JSON payload is central to the integration, and a 500 error could result from malformed data (e.g., missing fields, invalid types) that the API can’t process. In Appian, you can retrieve the sent JSON from the Integration object’s execution logs (if enabled) or Process Instance details. Comparing it against the API’s documented schema (e.g., via Postman or API specs) ensures Appian’s output aligns with expectations. Appian’s documentation stresses validating payloads as a first-line check for integration failures, especially in specific scenarios.

E. Ensure there were no network issues when the integration was sent:While network issues (e.g., timeouts, DNS failures) can cause integration errors, a 500 Internal Server Error indicates the request reached the API and triggered a server-side failure—not a network issue (which typically yields 503 or timeout errors). Appian’s Connected System logs can confirm HTTP status codes, and network checks (e.g., via IT teams) are secondary unless connectivity is suspected. This step is less relevant to the 500 error and lower priority than A, C, and D.

Conclusion: The three best steps are A (test API with same payload), C (analyze subsequent calls and customer logs), and D (validate JSON payload). These steps systematically isolate the issue—testing Appian’s output (D), ruling out environment-specific problems (A), and leveraging customer insights into the API failure (C). This aligns with Appian’s Post-Production Maintenance strategies: replicate safely, analyze logs, and validate data.

Comprehensive and Detailed In-Depth Explanation:

Configuring a webhook connection from Jira to Appian requires setting up a mechanism for Jira to push ticket change notifications to Appian in real-time. This involves creating an endpoint in Appian to receive the webhook and configuring Jira to send the data. Appian’s Integration Best Practices and Web API documentation provide the framework for this process.

Option A (Create a Web API object and set up the correct security):This is a required step. In Appian, a Web API object serves as the endpoint to receive incoming webhook requests from Jira. You must define the API structure (e.g., HTTP method, input parameters) and configure security (e.g., basic authentication, API key, or OAuth) to validate incoming requests. Appian recommends using a service account with appropriate permissions to ensure secure access, aligning with the need for a controlled webhook receiver.

Option B (Configure the connection in Jira specifying the URL and credentials):This is essential. In Jira, you need to set up a webhook by providing the Appian Web API’s URL (e.g., https:// /suite/webapi/) and the credentials or authentication method (e.g., API key or basic auth) that match the security setup in Appian. This ensures Jira can successfully send ticket change events to Appian.

Option C (Create a new API Key and associate a service account):This is necessary for secure authentication. Appian recommends using an API key tied to a service account for webhook integrations. The service account should have permissions to process the incoming data (e.g., write to a process or data store) but not excessive privileges. This step complements the Web API security setup and Jira configuration.

Option D (Give the service account system administrator privileges):This is unnecessary and insecure. System administrator privileges grant broad access, which is overkill for a webhook integration. Appian’s security best practices advocate for least-privilege principles, limiting the service account to the specific objects or actions needed (e.g., executing the Web API).

Option E (Create an integration object from Appian to Jira to periodically check the ticket status):This is incorrect for a webhook scenario. Webhooks are push-based, where Jira notifies Appian of changes. Creating an integration object for periodic polling (pull-based) is a different approach and not required for the stated requirement of Jira informing Appian via webhook.

These three steps (A, B, C) establish a secure, functional webhook connection without introducing unnecessary complexity or security risks.

Read barcode values from images containing barcodes and QR codes. → Smart Service plug-in

Display an externally hosted geolocation/mapping application’s interface within Appian to allow users of Appian to see where a customer (stored within Appian) is located. → Web-content field

Display an externally hosted geolocation/mapping application’s interface within Appian to allow users of Appian to select where a customer is located and store the selected address in Appian. → Component plug-in

Generate a barcode image file based on values entered by users. → Function plug-in

Comprehensive and Detailed In-Depth Explanation:

Appian plug-ins extend functionality by integrating custom Java code into the platform. The four approaches—Web-content field, Component plug-in, Smart Service plug-in, and Function plug-in—serve distinct purposes, and each requirement must be matched to the most appropriate one based on its use case. Appian’s Plug-in Development Guide provides the framework for these decisions.

Read barcode values from images containing barcodes and QR codes → Smart Service plug-in:This requirement involves processing image data to extract barcode or QR code values, a task that typically occurs within a process model (e.g., as part of a workflow). A Smart Service plug-in is ideal because it allows custom Java logic to be executed as a node in a process, enabling the decoding of images and returning the extracted values to Appian. This approach integrates seamlessly with Appian’s process automation, making it the best fit for data extraction tasks.

Display an externally hosted geolocation/mapping application’s interface within Appian to allow users of Appian to see where a customer (stored within Appian) is located → Web-content field:This requires embedding an external mapping interface (e.g., Google Maps) within an Appian interface. A Web-content field is the appropriate choice, as it allows you to embed HTML, JavaScript, or iframe content from an external source directly into an Appian form or report. This approach is lightweight and does not require custom Java development, aligning with Appian’s recommendation for displaying external content without interactive data storage.

Display an externally hosted geolocation/mapping application’s interface within Appian to allow users of Appian to select where a customer is located and store the selected address in Appian → Component plug-in:This extends the previous requirement by adding interactivity (selecting an address) and data storage. A Component plug-in is suitable because it enables the creation of a custom interface component (e.g., a map selector) that can be embedded in Appian interfaces. The plug-in can handle user interactions, communicate with the external mapping service, and update Appian data stores, offering a robust solution for interactive external integrations.

Generate a barcode image file based on values entered by users → Function plug-in:This involves generating an image file dynamically based on user input, a task that can be executed within an expression or interface. A Function plug-in is the best match, as it allows custom Java logic to be called as an expression function (e.g., pluginGenerateBarcode(value)), returning the generated image. This approach is efficient for single-purpose operations and integrates well with Appian’s expression-based design.

Matching Rationale:

Each approach is used once, as specified, covering the spectrum of plug-in types: Smart Service for process-level tasks, Web-content field for static external display, Component plug-in for interactive components, and Function plug-in for expression-level operations.

Appian’s plug-in framework discourages overlap (e.g., using a Smart Service for display or a Component for process tasks), ensuring the selected matches align with intended use cases.

Comprehensive and Detailed In-Depth Explanation:

As an Appian Lead Developer, designing a complex integration to a RESTful API for updating a case in a legacy system requires a structured approach to ensure reliability, performance, and alignment with business needs. The integration involves sending a JSON payload (implied by the context) and handling responses, so the focus is on technical and functional prerequisites. Let’s evaluate each option:

A. Define the HTTP method that the integration will use:This is a primary prerequisite. RESTful APIs use HTTP methods (e.g., POST, PUT, GET) to define the operation—here, updating a case likely requires PUT or POST. Appian’s Connected System and Integration objects require specifying the method to configure the HTTP request correctly. Understanding the API’s method ensures the integration aligns with its design, making this essential for design. Appian’s documentation emphasizes choosing the correct HTTP method as a foundational step.

B. Understand the content of the expected body, including each field type and their limits:This is also critical. The JSON payload for updating a case includes fields (e.g., text, dates, numbers), and the API expects a specific structure with field types (e.g., string, integer) and limits (e.g., max length, size constraints). In Appian, the Integration object requires a dictionary or CDT to construct the body, and mismatches (e.g., wrong types, exceeding limits) cause errors (e.g., 400 Bad Request). Appian’s best practices mandate understanding the API schema to ensure data compatibility, making this a key prerequisite.

C. Understand whether this integration will be used in an interface or in a process model:While knowing the context (interface vs. process model) is useful for design (e.g., synchronous vs. asynchronous calls), it’s not a prerequisite for the integration itself—it’s a usage consideration. Appian supports integrations in both contexts, and the integration’s design (e.g., HTTP method, body) remains the same. This is secondary to technical API details, so it’s not among the top three prerequisites.

D. Understand the different error codes managed by the API and the process of error handling in Appian:This is essential. RESTful APIs return HTTP status codes (e.g., 200 OK, 400 Bad Request, 500 Internal Server Error), and the customer’s API likely documents these for failure scenarios (e.g., invalid data, server issues). Appian’s Integration objects can handle errors via error mappings or process models, and understanding these codes ensures robust error handling (e.g., retry logic, user notifications). Appian’s documentation stresses error handling as a core design element for reliable integrations, making this a primary prerequisite.

E. Understand the business rules to be applied to ensure the business logic of the data:While business rules (e.g., validating case data before sending) are important for the overall application, they aren’t a prerequisite for designing the integration itself—they’re part of the application logic (e.g., process model or interface). The integration focuses on technical interaction with the API, not business validation, which can be handled separately in Appian. This is a secondary concern, not a core design requirement for the integration.

Conclusion: The three prerequisites are A (define the HTTP method), B (understand the body content and limits), and D (understand error codes and handling). These ensure the integration is technically sound, compatible with the API, and resilient to errors—critical for a complex RESTful API integration in Appian.

Comprehensive and Detailed In-Depth Explanation:

As an Appian Lead Developer, integrating an Appian Cloud instance with a customer’s self-managed (on-premises) environment requires addressing network connectivity, security, and Appian’s cloud architecture constraints. The provided endpoint (https://internal.network/api/api/ping) is a REST API on an internal network, inaccessible directly from Appian Cloud due to firewall restrictions and lack of public exposure. Let’s evaluate each option:

A. Expose the API as a SOAP-based web service:Converting the REST API to SOAP isn’t a practical recommendation. The customer has provided a REST endpoint, and Appian fully supports REST integrations via Connected Systems and Integration objects. Changing the API to SOAP adds unnecessary complexity, development effort, and risks for the customer, with no benefit to Appian’s integration capabilities. Appian’s documentation emphasizes using the API’s native format (REST here), making this irrelevant.

B. Deploy the API/service into Appian Cloud:Deploying the customer’s API into Appian Cloud is infeasible. Appian Cloud is a managed PaaS environment, not designed to host customer applications or APIs. The API resides in the customer’s self-managed environment, and moving it would require significant architectural changes, violating security and operational boundaries. Appian’s integration strategy focuses on connecting to external systems, not hosting them, ruling this out.

C. Add Appian Cloud’s IP address ranges to the customer network’s allowed IP listing:This approach involves whitelisting Appian Cloud’s IP ranges (available in Appian documentation) in the customer’s firewall to allow direct HTTP/HTTPS requests. However, Appian Cloud’s IPs are dynamic and shared across tenants, making this unreliable for long-term integrations—changes in IP ranges could break connectivity. Appian’s best practices discourage relying on IP whitelisting for cloud-to-on-premises integrations due to this limitation, favoring secure tunnels instead.

D. Set up a VPN tunnel:This is the correct recommendation. A Virtual Private Network (VPN) tunnel establishes a secure, encrypted connection between Appian Cloud and the customer’s self-managed network, allowing Appian to access the internal REST API (https://internal.network/api/api/ping). Appian supports VPNs for cloud-to-on-premises integrations, and this approach ensures reliability, security, and compliance with network policies. The customer’s IT team can configure the VPN, and Appian’s documentation recommends this for such scenarios, especially when dealing with internal endpoints.

Conclusion: Setting up a VPN tunnel (D) is the best recommendation. It enables secure, reliable connectivity from Appian Cloud to the customer’s internal API, aligning with Appian’s integration best practices for cloud-to-on-premises scenarios.