Salesforce Identity and Access Management Designer exam : Amit Chaudhary

Salesforce Identity and Access Management Designer exam
by: Amit Chaudhary
blow post content copied from  Apex Hours
click here to view original post

A Salesforce Certified Identity and Access Management Designer assesses the architecture environment and requirements and designs sound and scalable technical solutions on the Force.com platform that meet Single Sign On (SSO) requirements. The architect has experience communicating solutions and design trade-offs to business stakeholders. The candidate has a current Salesforce Developer or Platform App Builder credential, and is interested in demonstrating his/her expertise as an Identity and Access Management Designer.

NOTE: Please follow Salesforce official document for any future reference.

In this post we are only share our exam experience with some study notes and some important link for study. As usual before I started my preparation, I have prepared a document and noted down all the points and advice mentioned in Salesforce Documentation. Here is course outline with some important link.

Course Outline

The Salesforce Identity and Access Management Designer exam covers the following topics –

Identity Management Concepts: 28%

• Describe the role(s) an identity provider and service provider play in an access control solution.
• Describe common methods for how to trust connections that are established between two systems and the methodologies used to describe trust between an identity provider and service provider.
• Given a scenario, articulate whether it describes an authentication, authorization, or accounting scenario and what Salesforce feature should be used to accomplish the task.
• Given a scenario, recommend the appropriate method for provisioning users in Salesforce, and other third-party services (SOAP/REST API, SAML JIT, Identity Connect, User Provisioning for Connected Apps, etc.).
• Describe the risks to enterprise security that federated Single Sign-on solutions aim to address.
• Given a scenario, troubleshoot common points of failure that may be encountered in a Single Sign-on solution (SAML, OAuth, etc.).

Accepting Third-Party Identity in Salesforce: 22%

• Describe the components of an identity management solution where Salesforce is accepting identity from a third party.
• Given a scenario, recommend the appropriate authentication mechanism when Salesforce needs to accept Third-Party Identity (Enterprise Directory, Social, Community, etc.).
• Given a scenario, recommend the appropriate method of SAML initiation to fulfill the requirements (SP-init, IdP-init.).
• Describe the components of a Delegated Authentication solution.
• Describe the risks of implementing delegated authentication.

Salesforce as an Identity Provider: 23%

• Given a scenario, determine the most appropriate flow type to recommend when implementing an OAuth solution where Salesforce is providing identity to a third party (for example, User-Agent, Web Server, JWT, etc.).
• Describe the various implementation concepts of OAuth (for example; scopes, secrets, tokens, refresh tokens, token expiration, token revocation, etc.).
• Describe the role(s) Connected Apps play when Salesforce needs to provide identity to a third-party system.
• Given a scenario, recommend the Salesforce technologies that should be used to provide identity to the third-party system (Canvas, Connected Apps, App Launcher, etc.).

Access Management Best Practices: 15%

• Describe the risks that Two-Factor Authentication mechanisms aim to mitigate.
• Given a scenario, determine the most appropriate Two-Factor Authentication mechanism for an identity solution.
• Given a scenario, identify the risks and mitigation strategies that session security and Two-Factor Authentication enable (for example; High Assurance Sessions, 2FA, etc.).

Salesforce Identity: 7%

• Given a scenario, recommend the most appropriate Salesforce license type(s) to support the identity requirements.
• Describe the role(s) Identity Connect plays in an Identity Management solution.

Community (Partner and Customer): 5%

• Describe the capabilities for customizing the registration experience for external communities (for example; Branding options, self-registration, communications, etc.).

Further Learning

For Further Learning Please check Apex Hours playlist.

1. Login Flows in Salesforce
2. Multi-Factor Authentication in Salesforce (MFA)
3. Single Sign-On
   1. Service Provider Initiated SAML Flow
   2. Identity Provider Initiated SSO Flow
   3. OpenID Connect (OIDC) Flow in Salesforce
   4. Delegated Authentication Flow in Salesforce
   5. Decision Guid
   6. SAML Login Flows | Single Sign On in Salesforce
   7. OpenID Connect in Salesforce Demo.
   8. SAML Single Sign-On for Canvas App
4. Identity Flow : OAuth 2.0
   1. Authorisation Code With Secret 
(Web Server flow)
   2. Implicit Grant (User-Agent) Flow
   3. Authorisation Code with PKCE Flow
   4. JWT / SAML Assertion Bearer Flows
   5. Username-Password Flow

The post Salesforce Identity and Access Management Designer exam appeared first on Apex Hours.

March 14, 2021 at 08:49AM
Click here for more details...

=============================
The original post is available in Apex Hours by Amit Chaudhary
this post has been published as it is through automation. Automation script brings all the top bloggers post under a single umbrella.
The purpose of this blog, Follow the top Salesforce bloggers and collect all blogs in a single place through automation.
============================