Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Salesforce
  5. Certified Identity and Access Management Architect

Salesforce Certified Identity and Access Management Architect Exam Questions
Salesforce Certified Identity and Access Management Architect (Page 9 )

Updated On: 16-Feb-2026
Page 9 of 51
PDF with 248 Questions

A group of users try to access one of Universal Containers' Connected Apps and receive the following error message: " Failed: Not approved for access." What is the most likely cause of this issue?

  1. The Connected App settings "All users may self-authorize" is enabled.
  2. The Salesforce Administrators have revoked the OAuth authorization.
  3. The Users do not have the correct permission set assigned to them.
  4. The User of High Assurance sessions are required for the Connected App.

Answer(s): C



Containers (UC) has decided to implement a federated single Sign-on solution using a third-party Idp. In reviewing the third-party products, they would like to ensure the product supports the automated provisioning and deprovisioning of users. What are the underlining mechanisms that the UC Architect must ensure are part of the product?

  1. SOAP API for provisioning; Just-in-Time (JIT) for Deprovisioning.
  2. Just-In-time (JIT) for Provisioning; SOAP API for Deprovisioning.
  3. Provisioning API for both Provisioning and Deprovisioning.
  4. Just-in-Time (JIT) for both Provisioning and Deprovisioning.

Answer(s): D



Under which scenario Web Server flow will be used?

  1. Used for web applications when server-side code needs to interact with APIS.
  2. Used for server-side components when page needs to be rendered.
  3. Used for mobile applications and testing legacy Integrations.
  4. Used for verifying Access protected resources.

Answer(s): A



architect is troubleshooting some SAML-based SSO errors during testing. The Architect confirmed that all of the Salesforce SSO settings are correct. Which two issues outside of the Salesforce SSO settings are most likely contributing to the SSO errors the Architect is encountering? Choose 2 Answers

  1. The Identity Provider is also used to SSO into five other applications.
  2. The clock on the Identity Provider server is twenty minutes behind Salesforce.
  3. The Issuer Certificate from the Identity Provider expired two weeks ago.
  4. The default language for the Identity Provider and Salesforce are Different.

Answer(s): B,C



Universal Containers (UC) has a Desktop application to collect leads for marketing campaigns. UC wants to extend this application to integrate with Salesforce to create leads. Integration between the desktop application and salesforce should be seamless. What Authorization flow should the Architect recommend?

  1. JWT Bearer Token flow
  2. Web Server Authentication Flow
  3. User Agent Flow
  4. Username and Password Flow

Answer(s): C






Post your Comments and Discuss Salesforce Certified Identity and Access Management Architect exam dumps with other Community members:

Join the Certified Identity and Access Management Architect Discussion