FND Group
Home
About Us
CERTIFICATIONS
  • ADMIN
  • ARCHITECT
  • C0NSULTANT
  • DESIGNER
  • DEVELOPER
  • SPECIALIST
PRACTICE
FND Group
Home
About Us
CERTIFICATIONS
  • ADMIN
  • ARCHITECT
  • C0NSULTANT
  • DESIGNER
  • DEVELOPER
  • SPECIALIST
PRACTICE
More
  • Home
  • About Us
  • CERTIFICATIONS
    • ADMIN
    • ARCHITECT
    • C0NSULTANT
    • DESIGNER
    • DEVELOPER
    • SPECIALIST
  • PRACTICE
  • Home
  • About Us
  • CERTIFICATIONS
    • ADMIN
    • ARCHITECT
    • C0NSULTANT
    • DESIGNER
    • DEVELOPER
    • SPECIALIST
  • PRACTICE

Identity and Access Management ARCHITECT STUDY GUIDE

IDENTITY MANAGEMENT CONCEPTS

  • Describe the role(s) an identity provider and service provider play in an access control solution.
  • Describe common methods for how trust connections are established between two systems and the methodologies used to describe trust between an identity provider and service provider.
  • Given a scenario, articulate whether it describes an authentication, authorization, or accounting scenario and what Salesforce feature should be used to accomplish the task.
  • Given a scenario, recommend the appropriate method for provisioning users in Salesforce and other third-party services (SOAP/REST API, SAML JIT, Identity Connect, User Provisioning for Connected Apps, etc.).
  • Describe the risks to enterprise security that federated Single Sign-on solutions aim to address.
  • Given a scenario, troubleshoot common points of failure that may be encountered in a Single Sign-on solution (SAML, OAuth, etc.).

ACCEPTING THIRD-PARTY IDENTITY

  • Describe the components of an identity management solution where Salesforce is accepting identity from a third party.
  • Given a scenario, recommend the appropriate authentication mechanism when Salesforce needs to accept Third-Party Identity (Enterprise Directory, Social, Community, etc.).
  • Given a scenario, recommend the appropriate method of SAML initiation to fulfill the requirements (SP-init, IdP-init.).
  • Describe the components of a Delegated Authentication solution.
  • Describe the risks of implementing delegated authentication.

SALESFORCE AS AN IDENTITY PROVIDER

  • Given a scenario, determine the most appropriate flow type to recommend when implementing an OAuth solution where Salesforce is providing identity to a third party (for example, User Agent, Web Server, JWT, etc.).
  • Describe the various implementation concepts of OAuth (for example; scopes, secrets, tokens, refresh tokens, token expiration, token revocation, etc.).
  • Describe the role(s) Connected Apps play when Salesforce needs to provide identity to a third-party system.
  • Given a scenario, recommend the Salesforce technologies that should be used to provide identity to the third-party system (Canvas, Connected Apps, App Launcher, etc.).

ACCESS MANAGEMENT BEST PRACTICES

  • Describe the risks that Two-Factor Authentication mechanisms aim to mitigate.
  • Given a scenario, determine the most appropriate Two-Factor Authentication mechanism for an identity solution.
  • Given a scenario, identify the risks and mitigation strategies that session security and Two-Factor Authentication enable (for example; High Assurance Sessions, 2FA, etc.).

SALESFORCE IDENTITY

  • Given a scenario, recommend the most appropriate Salesforce license type(s) to support the identity requirements.
  • Describe the role(s) Identity Connect plays in an Identity Management solution.

COMMUNITY (PARTNER AND CUSTOMER)

  • Describe the capabilities for customizing the registration experience for external communities (for example; Branding options, self-registration, communications, etc.).

Copyright © 2023 FND Group - All Rights Reserved.

  • About Us
  • GUIDES
  • BLOG
  • CONTACT US