What Oauth flows should be considered to support this requirement?
Universal Containers (UC) wants to build a custom mobile app for their field reps to create orders in salesforce. After the first time the users log in, they must be able to access salesforce upon opening the mobile app without being prompted to log in again. What Oauth flows should...
What should an identity architect recommend to configure the requirement with limited changes to the third-party app?
A third-party app provider would like to have users provisioned via a service endpoint before users access their app from Salesforce. What should an identity architect recommend to configure the requirement with limited changes to the third-party app?A . Use a connected app with user provisioning flow. B. Create Canvas...
What is the most recommended and secure OAuth scope setting that an Architect should recommend?
Universal Containers (UC) is planning to deploy a custom mobile app that will allow users to get e-signatures from its customers on their mobile devices. The mobile app connects to Salesforce to upload the e-signature as a file attachment and uses OAuth protocol for both authentication and authorization. What is...
Which two are valid choices for digital certificates when setting up two-way SSL between Salesforce and an external system. Choose 2 answers
Which two are valid choices for digital certificates when setting up two-way SSL between Salesforce and an external system. Choose 2 answersA . Use a trusted CA-signed certificate for salesforce and a trusted CA-signed cert for the external system B. Use a trusted CA-signed certificate for salesforce and a self-signed...
Which solution is recommended to meet this requirement?
An insurance company has a connected app in its Salesforce environment that is used to integrate with a Google Workspace (formerly knot as G Suite). An identity and access management (IAM) architect has been asked to implement automation to enable users, freeze/suspend users, disable users, and reactivate existing users in...
Which two options should an architect recommend?
Universal containers (UC) employees have salesforce access from restricted ip ranges only, to protect against unauthorised access. UC wants to rollout the salesforce1 mobile app and make it accessible from any location. Which two options should an architect recommend? Choose 2 answersA . Relax the ip restriction in the connect...
What should an identity architect recommend to optimize license usage and reduce maintenance overhead?
Universal Containers (UC) operates in Asia, Europe and North America regions. There is one Salesforce org for each region. UC is implementing Customer 360 in Salesforce and has procured External Identity and Customer Community licenses in all orgs. Customers of UC use Community to track orders and create inquiries. Customers...
Which two considerations should the architect keep in mind?
A security architect is rolling out a new multi-factor authentication (MFA) mandate, where all employees must go through a secure authentication process before accessing Salesforce. There are multiple Identity Providers (IdP) in place and the architect is considering how the "Authentication Method Reference" field (AMR) in the Login History can...
Which two options should an architect recommend to UC?
Universal containers (UC) wants users to authenticate into their salesforce org using credentials stored in a custom identity store. UC does not want to purchase or use a third-party Identity provider. Additionally, UC is extremely wary of social media and does not consider it to be trust worthy. Which two...
How can the Architect meet these requirements?
Universal Containers (UC) has a strict requirement to authenticate users to Salesforce using their mainframe credentials. The mainframe user store cannot be accessed from a SAML provider. UC would also like to have users in Salesforce created on the fly if they provide accurate mainframe credentials. How can the Architect...