New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Identity and Access Management Designer Identity-and-Access-Management-Architect Dumps PDF

Page: 9 / 18
Question 36

A Salesforce customer is implementing Sales Cloud and a custom pricing application for its call center agents. An Enterprise single sign-on solution is used to authenticate and sign-in users to all applications. The customer has the following requirements:

1. The development team has decided to use a Canvas app to expose the pricing application to agents.

2. Agents should be able to access the Canvas app without needing to log in to the pricing application.

Which two options should the identity architect consider to provide support for the Canvas app to initiate login for users?

Choose 2 answers

Options:

A.

Select "Enable as a Canvas Personal App" in the connected app settings.

B.

Enable OAuth settings in the connected app with required OAuth scopes for the pricing application.

C.

Configure the Canvas app as a connected app and set Admin-approved users as pre-authorized.

D.

Enable SAML in the connected app and Security Assertion Markup Language (SAML) Initiation Method as Service Provider Initiated.

Question 37

Universal Containers (UC) is using Active Directory as its corporate identity provider and Salesforce as its CRM for customer care agents, who use SAML based sign sign-on to login to Salesforce. The default agent profile does not include the Manage User permission. UC wants to dynamically update the agent role and permission sets.

Which two mechanisms are used to provision agents with the appropriate permissions?

Choose 2 answers

Options:

A.

Use Login Flow in User Context to update role and permission sets.

B.

Use Login Flow in System Context to update role and permission sets.

C.

Use SAML Just-m-Time (JIT) Handler class run as current user to update role and permission sets.

D.

Use SAML Just-in-Time (JIT) handler class run as an admin user to update role and permission sets.

Question 38

Universal Containers is implementing Salesforce Identity to broker authentication from its enterprise single sign-on (SSO) solution through Salesforce to third party applications using SAML.

What rote does Salesforce Identity play in its relationship with the enterprise SSO system?

Options:

A.

Identity Provider (IdP)

B.

Resource Server

C.

Service Provider (SP)

D.

Client Application

Question 39

Universal containers(UC) wants to integrate a third-party reward calculation system with salesforce to calculate rewards. Rewards will be calculated on a schedule basis and update back into salesforce. The integration between Salesforce and the reward calculation system needs to be secure. Which are the recommended best practices for using Oauth flows in this scenario? Choose 2 answers

Options:

A.

Oauth refresh token flow

B.

Oauth SAML bearer assertion flow

C.

Oauthjwt bearer token flow

D.

Oauth Username-password flow

Page: 9 / 18
Exam Name: Salesforce Certified Identity andAccess Management Architect (SU24)
Last Update: Dec 22, 2024
Questions: 243
Identity-and-Access-Management-Architect pdf

Identity-and-Access-Management-Architect PDF

$25.5  $84.99
Identity-and-Access-Management-Architect Engine

Identity-and-Access-Management-Architect Testing Engine

$28.5  $94.99
Identity-and-Access-Management-Architect PDF + Engine

Identity-and-Access-Management-Architect PDF + Testing Engine

$40.5  $134.99