Exam4Training

Mow should an identity architect ensure the Active Directory groups are reflected correctly when a user accesses Salesforce?

Northern Trail Outfitters manages application functional permissions centrally as Active Directory groups. The CRM_Superllser andCRM_Reportmg_SuperUser groups should respectively give the user the SuperUser and Reportmg_SuperUser permission set in Salesforce. Salesforce is the service provider to a Security Assertion Markup Language (SAML) identity provider.

Mow should an identity architect ensure the Active Directory groups are reflected correctly when a user accesses Salesforce?
A . Use the Apex Just-in-Time handler to query standard SAML attributes and set permission sets.
B. Use the Apex Just-in-Time handler to query custom SAML attributes and set permission sets.
C. Use a login flow to query custom SAML attributes and set permission sets.
D. Use a login flow to query standard SAML attributes and set permission sets.

Answer: B

Exit mobile version