- Email support@dumps4free.com
A global company is using the Salesforce Platform as an Identity Provider and needs to integrate a third-party application with its Experience Cloud customer portal. Which two features should be utilized to provide users with login and identity services for the third-party application?
Choose 2 answers
A. Use the App Launcher with single sign-on (SSO).
B. External a Data source with Named Principal identity type.
C. Use a connected app.
D. Use Delegated Authentication.
Universal containers (UC) uses a legacy Employee portal for their employees to collaborate and post their ideas. UC decides to use salesforce ideas for voting and better tracking purposes. To avoid provisioning users on Salesforce, UC decides to push ideas posted on the Employee portal to salesforce through API. UC decides to use an API user using Oauth Username - password flow for the connection. How can the connection to salesforce be restricted only to the employee portal server?
A. Add the Employee portals IP address to the Trusted IP range for the connected App
B. Use a digital certificate signed by the employee portal Server.
C. Add the employee portals IP address to the login IP range on the user profile.
D. Use a dedicated profile for the user the Employee portal uses.
Universal Containers (UC) is using a custom application that will act as the Identity Provider and will generate SAML assertions used to log in to Salesforce. UC is considering including custom parameters in the SAML assertion. These attributes contain sensitive data and are needed to authenticate the users. The assertions are submitted to salesforce via a browser form post. The majority of the users will only be able to access Salesforce via UC's corporate network, but a subset of admins and executives would be allowed access from outside the corporate network on their mobile devices. Which two methods should an Architect consider to ensure that the sensitive data cannot be tampered with, nor accessible to anyone while in transit?
A. Use the Identity Provider's certificate to digitally sign and Salesforce's Certificate to encrypt the payload.
B. Use Salesforce's Certificate to digitally sign the SAML Assertion and a Mobile Device Management client on the users' mobile devices.
C. Use the Identity provider's certificate to digitally Sign and the Identity provider's certificate to encrypt the payload.
D. Use a custom login flow to retrieve sensitive data using an Apex callout without including the attributes in the assertion.
In an SP-Initiated SAML SSO setup where the user tries to access a resource on the Service Provider, What HTTP param should be used when submitting a SAML Request to the Idp to ensure the user is returned to the intended resourse after authentication?
A. RedirectURL
B. RelayState
C. DisplayState
D. StartURL
A farming enterprise offers smart farming technology to its farmer customers, which includes a variety of sensors for livestock tracking, pest monitoring, climate monitoring etc. They plan to store all the data in Salesforce. They would also like to ensure timely maintenance of the Installed sensors. They have engaged a salesforce Architect to propose an appropriate way to generate sensor Information In Salesforce. Which OAuth flow should the architect recommend?
A. OAuth 2.0 Asset Token Flow
B. OAuth 2.0 Device Authentication Row
C. OAuth 2.0 JWT Bearer Token Flow
D. OAuth 2.0 SAML Bearer Assertion Flow
| Page 1 out of 9 Pages |