Free Certified Identity and Access Management Architect Exam Braindumps (page: 31)

Page 30 of 62

The CIO of universal containers(UC) wants to start taking advantage of the refresh token capability for the UC applications that utilize Oauth 2.0. UC has listed an architect to analyze all of the applications that use Oauth flows to. See where refresh Tokens can be applied. Which two OAuth flows should the architect consider in their evaluation? Choose 2 answers

  1. Web server
  2. Jwt bearer token
  3. User-Agent
  4. Username-password

Answer(s): A,C



customer service representatives at Universal containers (UC) are complaining that whenever they click on links to case records and are asked to login with SAML SSO, they are being redirected to the salesforce home tab and not the specific case record. What item should an architect advise the identity team at UC to investigate first?

  1. My domain is configured and active within salesforce.
  2. The salesforce SSO settings are using http post
  3. The identity provider is correctly preserving the Relay state
  4. The users have the correct Federation ID within salesforce.

Answer(s): C



Universal containers (UC) is successfully using Delegated Authentication for their salesforce users. The service supporting Delegated Authentication is written in Java. UC has a new CIO that is requiring all company Web services be RESR-ful and written in . NET. Which two considerations should the UC Architect provide to the new CIO? Choose 2 answers

  1. Delegated Authentication will not work with a.net service.
  2. Delegated Authentication will continue to work with rest services.
  3. Delegated Authentication will continue to work with a.net service.
  4. Delegated Authentication will not work with rest services.

Answer(s): C,D



Universal containers(UC) has implemented SAML-BASED single Sign-on for their salesforce application and is planning to provide access to salesforce on mobile devices using the salesforce1 mobile app. UC wants to ensure that single Sign-on is used for accessing the salesforce1 mobile app. Which two recommendations should the architect make? Choose 2 answers

  1. Use the existing SAML SSO flow along with user agent flow.
  2. Configure the embedded Web browser to use my domain URL.
  3. Use the existing SAML SSO flow along with Web server flow
  4. Configure the salesforce1 app to use the my domain URL

Answer(s): A,D






Post your Comments and Discuss Salesforce Certified Identity and Access Management Architect exam with other Community members:

Certified Identity and Access Management Architect Discussions & Posts