Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Salesforce
  5. Certified Identity and Access Management Architect

Salesforce Certified Identity and Access Management Architect Exam Questions
Salesforce Certified Identity and Access Management Architect (Page 7 )

Updated On: 16-Feb-2026
Page 7 of 51
PDF with 248 Questions

Universal Containers (UC) has decided to use Salesforce as an Identity Provider for multiple external applications. UC wants to use the salesforce App Launcher to control the Apps that are available to individual users. Which three steps are required to make this happen?

  1. Add each connected App to the App Launcher with a Start URL.
  2. Set up an Auth Provider for each External Application.
  3. Set up Salesforce as a SAML Idp with My Domain.
  4. Set up Identity Connect to Synchronize user data.
  5. Create a Connected App for each external application.

Answer(s): A,C,E



An Architect has configured a SAML-based SSO integration between Salesforce and an external Identity provider and is ready to test it. When the Architect attempts to log in to Salesforce using SSO, the Architect receives a SAML error. Which two optimal actions should the Architect take to troubleshoot the issue?

  1. Ensure the Callback URL is correctly set in the Connected Apps settings.
  2. Use a browser that has an add-on/extension that can inspect SAML.
  3. Paste the SAML Assertion Validator in Salesforce.
  4. Use the browser's Development tools to view the Salesforce page's markup.

Answer(s): B,C



Universal Containers (UC) is implementing Salesforce and would like to establish SAML SSO for its users to log in. UC stores its corporate user identities in a Custom Database. The UC IT Manager has heard good things about Salesforce Identity Connect as an Idp, and would like to understand what limitations they may face if they decided to use Identity Connect in their current environment. What limitation Should an Architect inform the IT Manager about?

  1. Identity Connect will not support user provisioning in UC's current environment.
  2. Identity Connect will only support Idp-initiated SAML flows in UC's current environment.
  3. Identity Connect will only support SP-initiated SAML flows in UC's current environment.
  4. Identity connect is not compatible with UC's current identity environment.

Answer(s): A



Universal Containers (UC) wants to build a few applications that leverage the Salesforce REST API. UC
has asked its Architect to describe how the API calls will be authenticated to a specific user. Which
two mechanisms can the Architect provide? Choose 2 Answers

  1. Authentication Token
  2. Session ID
  3. Refresh Token
  4. Access Token

Answer(s): C,D



Universal Containers (UC) has implemented SSO according to the diagram below. uses SAML while Salesforce Org 1 uses OAuth 2.0. Users usually start their day by first attempting to log into Salesforce Org 2 and then later in the day, they will log into either the Financial System or CPQ system depending upon their job position. Which two systems are acting as Identity Providers?

  1. Financial System
  2. Pingfederate
  3. Salesforce Org 2
  4. Salesforce Org 1

Answer(s): B,D






Post your Comments and Discuss Salesforce Certified Identity and Access Management Architect exam dumps with other Community members:

Join the Certified Identity and Access Management Architect Discussion