The Salesforce Certified Identity and Access Management Designer credential is designed for Identity professionals who want to demonstrate their knowledge, skills, and abilities in assessing identity architecture and designing secure, high-performance access management solutions on the Lightning Platform. The Identity professional is also effective at communicating technical solutions to business and technical stakeholders.
An Identity professional should be able to do the following in order to pass the exam:
· Design an identity architecture that may span multiple platforms and include integration and authentication across systems.
· Articulate system design considerations, benefits, and recommendations for identity architecture.
· Apply general identity and access management best practices to Salesforce implementations.
A Salesforce Certified Identity and Access Management Designer is able to assess the environment and requirements to design secure and scalable identity management solutions on the Lightning Platform. The designer has experience designing and implementing complex identity and access management strategies as well as communicating the solution and design trade-offs to business and technical stakeholders alike.
The Salesforce Certified Identity and Access Management Designer candidate has the experience, skills, knowledge, and ability to:
· Describe the configuration requirements of delegated authentication in Salesforce.
· Describe the configuration requirements of SAML in Salesforce.
· Distinguish the difference between Identity Provider Initiated SAML and Service Provider Initiated SAML and when to use each.
· Describe how trust is established between an Identity Provider and a Service Provider.
· Determine the general identity federation capabilities that are available for a given project.
· Explain high-level concepts and flows of OAuth.
· Explain high-level concepts and flows of SAML.
· Explain high-level concepts and flows of OpenID Connect.
· Explain Social Sign-On in the context of Salesforce.
· Explain authentication mechanisms for Communities.
· Identify the cause and resolve common failure conditions for SSO in Salesforce.
· Explain why a solid SSO strategy is important for enterprise security.
· Describe why Two-Factor Authentication is important and strategies for implementing it in Salesforce.
· Explain the use of Login Flows.
· Determine the applicable use cases for Identity Connect.
· Describe when and how to implement App Launcher.
· Determine appropriate user lifecycle management techniques (automated user provisioning, just-in-time provisioning, manual account creation, etc.) for a given project.
A candidate for this exam will likely need assistance in:
· Configuring Salesforce to support SSO.
· Configuring Salesforce for automated user lifecycle management via user provisioning and Connected Apps.
· Configuring Salesforce to support Social Sign-On and Registration.
A candidate for this exam is not expected to know:
· Specific IDP technology capabilities outside of Salesforce.
The Salesforce Identity and Access Management Designer exam measures a candidate’s knowledge and skills related to the following objectives.
Identity Management Concepts: 17%
Accepting Third-Party Identity in Salesforce: 21%
Salesforce as an Identity Provider: 17%
Access Management Best Practices: 15%
Salesforce Identity: 12%
Community (Partner and Customer): 18%
Please use these exams to supplement your Salesforce Certification Study! Always check out relevant trail on Trailhead to increase your chances to ace the certification test.
