There's no single feature that is responsive to all of these functional needs. You'll need to do some work, possibly quite a bit of work, both to build this overall process orchestration and to make it resilient to failures and limits issues, which is probably harder.
User in Salesforce triggers logic (Apex, Flow,...)
Logic makes a callout to external system
External system does its magic (can take hours)
External system notifies Salesforce using Platform Event that job has succeeded Salesforce fetched result data from External System Salesforce resumes logic stopped in 2.
You can do this with Flow, for sure. However, you'll be subject to the limits on paused and resuming Flow interviews (1,000 resumes per hour) and the unusual limits regime that comes from the fact that Flows are resumed in batches that share transaction limits, which may or may not be compatible with your application's scale needs. Additionally, Flow resumes are not 100% real time, which also may or may not be compatible with your expectations, and you might not be able to get the kind of instrumentation or error monitoring you need.
You could also do it with Apex, through a combination of, e.g.,
- A trigger to start the process.
- A Queueable to run the callout.
- A custom object to persist process state during external system processing
- A Platform Event trigger to resume the process by consuming the custom object.
- Possibly additional components depending on the scope and complexity of the automation.
- Some kind of solution to monitor errors, dangling transactions, etc., and surface them for admin resolution.
Send Platform event from External system after long-running job without storing credentials in Backend (Connected App?)
You can't do that unless you're willing to use webhook authentication on a REST API endpoint exposed on a public Site, which I would strongly recommend against. I would use JWT authentication to avoid storing credentials.
