Exam4Training

What should a Solution Architect recommend?

A university is considering using Experience Cloud so its students can interact with advisors who have Service Cloud licenses. The university would like to offer the easiest path for existing students to log in while still maintaining security. They have an on-premises Active Directory identity provider and use Google Workspace (formerly known as G Suite) for student email addresses.

What should a Solution Architect recommend?
A . Implement Social Sign On with Openld Connect and Google Workspace as Auth Provider.
B . Implement Active Directory and Salesforce Identity for SAML delegated Single Sign On.
C . Implement Aloha template for students to access email with Salesforce Authenticator app.
D . Implement OAuth 2.0 authentication protocol with Google Workspace as Service Provider.

Answer: A

Explanation:

✑ A is correct because implementing Social Sign On with OpenID Connect and Google Workspace as Auth Provider is a simple and secure way to allow existing students to log in to Experience Cloud using their Google Workspace credentials1. This also eliminates the need for creating and managing separate user accounts in Experience Cloud.

✑ B is incorrect because implementing Active Directory and Salesforce Identity for SAML delegated Single Sign On would require the university to set up and maintain a SAML identity provider and configure it with Salesforce Identity. This would be more complex and costly than using Social Sign On with Google Workspace2.

✑ C is incorrect because implementing Aloha template for students to access email with Salesforce Authenticator app would not meet the requirement of using the existing Google Workspace email addresses. Aloha template is a pre-built template for Experience Cloud that provides email functionality, but it does not integrate with Google Workspace3. Salesforce Authenticator app is a mobile app that provides two-factor authentication, but it does not integrate with Google Workspace either.

✑ D is incorrect because implementing OAuth 2.0 authentication protocol with Google Workspace as Service Provider would not meet the requirement of using the easiest path for existing students to log in. OAuth 2.0 is a protocol that allows users to authorize third-party applications to access their data, but it does not provide authentication or single sign on functionality.

References:

✑ 1: https://help.salesforce.com/s/articleView?id=sf.networks_auth_provider_openid_connect.htm&type=5

✑ 2: https://help.salesforce.com/s/articleView?id=sf.identity_provider_saml.htm&type=5

✑ 3: https://help.salesforce.com/s/articleView?id=sf.networks_templates_aloha.htm&typ e=5

✑ : https://help.salesforce.com/s/articleView?id=sf.security_authenticator_app.htm&ty pe=5

✑ : https://help.salesforce.com/s/articleView?id=sf.remoteaccess_oauth_web_server_flow.htm&type=5

Exit mobile version