Want to pass your Salesforce Certified Identity and Access Management Designer IDENTITY-AND-ACCESS-MANAGEMENT-DESIGNER exam in the very first attempt? Try Pass2lead! It is equally effective for both starters and IT professionals.
VCE
A company wants to provide its employees with a custom mobile app that accesses Salesforce. Users are required to download the internal native IOS mobile app from corporate intranet on their mobile device. The app allows flexibility to access other Non Salesforce internal applications once users authenticate with Salesforce. The apps self- authorize, and users are permitted to use the apps once they have logged into Salesforce.
How should an identity architect meet the above requirements with the privately distributed mobile app?
A. Use connected app with OAuth and Security Assertion Markup Language (SAML) to access other Non Salesforce internal apps.
B. Configure Mobile App settings in connected app and Salesforce as identity provider for non-Salesforce internal apps.
C. Use Salesforce as an identity provider (IdP) to access the mobile app and use the external IdP for other non-Salesforce internal apps.
D. Create a new hybrid mobile app and use the connected app with OAuth to authenticate users for Salesforce and non-Salesforce internal apps.
Ttie executive sponsor for an organization has asked if Salesforce supports the ability to embed a login widget into its service providers in order to create a more seamless user experience.
What should be used and considered before recommending it as a solution on the Salesforce Platform?
A. OpenID Connect Web Server Flow. Determine if the service provider is secure enough to store the client secret on.
B. Embedded Login. Identify what level of UI customization will be required to make it match the service providers look and feel.
C. Salesforce REST apis. Ensure that Secure Sockets Layer (SSL) connection for the integration is used.
D. Embedded Login. Consider whether or not it relies on third party cookies which can cause browser compatibility issues.
How should an identity architect automate provisioning and deprovisioning of users into Salesforce from an external system?
A. Call SOAP API upsertQ on user object.
B. Use Security Assertion Markup Language Just-in-Time (SAML JIT) on incoming SAML assertions.
C. Run registration handler on incoming OAuth responses.
D. Call OpenID Connect (OIDC)-userinfo endpoint with a valid access token.