Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Salesforce
  5. Certified Identity and Access Management Designer

Salesforce Certified Identity and Access Management Designer Exam
Certified Identity and Access Management Designer (Page 6 )

Updated On: 9-Feb-2026
Page 6 of 48
PDF with 230 Questions

An Identity and Access Management (IAM) architect istasked with unifying multiple B2C Commerce sites and an Experience Cloud community with a single identity. The solution needs to support more than 1,000 logins per minute.

What should the IAM do to fulfill this requirement?

  1. Configure both the communityand the commerce sites as OAuth2 RPs (relying party) with an external identity provider.
  2. Configure community as a Security Assertion Markup Language (SAML) identity provider and enable Just-in-Time Provisioning to B2C Commerce.
  3. Create a default account for capturing all ecommerce contacts registered on the community because personAccount is not supported for this case.
  4. Confirm performance considerations with Salesforce Customer Support due to high peaks.

Answer(s): D



Universal containers (UC) would like to enable SAML-BASED SSO for a salesforce partner community. UC has an existing ldap identity store and a third-party portal. They would like to use the existing portal as the primary site these users access, but also want to allow seamless access to the partner community.
What SSO flow should an architect recommend?

  1. User-Agent
  2. IDP-initiated
  3. Sp-Initiated
  4. Web server

Answer(s): B



A leading fitness tracker company is getting ready to launch a customer community. The company wants its customers to login to the community and connect their fitness device to their profile. Customers should be able to obtain exercise details and fitness recommendation In thecommunity.

Which should be used to satisfy this requirement?

  1. Named Credentials
  2. Login Flows
  3. OAuth Device Plow
  4. Single Sign-On Settings

Answer(s): C



Containers (UC) has an existing Customer Community. UC wants to expand the self- registration capabilities such that customers receive a different community experience based on the data they provide during the registration process.
What is the recommended approach an Architect Should recommend to UC?

  1. Create an After Insert Apex trigger on the user object to assign specific custom permissions.
  2. Create separate login flows corresponding to the different community user personas.
  3. Modify the Community pages to utilize specific fields on the User and Contact records.
  4. Modify the existing Communities registration controller to assign different profiles.

Answer(s): C



What information does the 'Relaystate' parameter contain in sp-Initiated Single Sign-on?

  1. Reference to a URL redirect parameter at the identityprovider.
  2. Reference to a URL redirect parameter at the service provider.
  3. Reference to the login address URL of the service provider.
  4. Reference to the login address URL of the identity Provider.

Answer(s): B






Post your Comments and Discuss Salesforce Certified Identity and Access Management Designer exam prep with other Community members:

Join the Certified Identity and Access Management Designer Discussion