fbpx

Salesforce Identity and Access Management Architect

Certification Guide

The Identity and Access Management Architect Certification targets identity experts aiming to showcase their proficiency in evaluating identity infrastructure, crafting secure access management solutions on the Customer 360 platform, and adeptly communicating technical strategies to both business and technical audiences.

Key Facts

The exam is made up of 60 multiple choice questions

120 minutes to complete

The passing score is 67%

There are no prerequisites

Cost is USD $400 and the retake is $200 if you are unsuccessful

This information will assist you if you’re interested in becoming Identity and Access Management Architect certified and includes an overview of the core topics in the exam.

There are 6 areas of knowledge that are covered by the Salesforce Identity and Access Management Architect certification.


Objective

Weighting

Identity Management Concepts

17%

Accepting Third-Party Identity in Salesforce

21%

Salesforce as an Identity Provider

17%

Salesforce as an Identity Provider

15%

Salesforce Identity

12%

Community (Partner and Customer)

18%

Identity and Access Management Architect Topic Weighting Chart

Identity and Access Management Architect
Certification Contents

The following are the core topic areas of the Identity and Access Management Architect

certification and what you’re expected to know:

Identity Management Concepts

This topic includes the following objectives:

  • Describe common authentication patterns and understand the differences between each one.


  • Describe the building blocks that are part of an identity solution (authentication, authorization, & accountability) and how you enable those building blocks using Salesforce features.


  • Describe how trust is established between two systems.


  • Given a customer's business requirements, determine how to import data into Marketing Cloud.


  • Given a customer's business requirements, determine how to import data into Marketing Cloud.


Accepting Third-Party Identity in Salesforce

This topic includes the following objectives:

  • Given a use case, describe when Salesforce is used as a Service Provider.


  • Given a scenario, recommend the most appropriate way to provision users from identity stores in B2E and B2C scenarios.


  • Given a scenario, recommend the appropriate authentication mechanism when Salesforce needs to accept 3rd Party Identity (Enterprise Directory, Social, Community, etc.).


  • Given a scenario, identify the ways that users can be provisioned in Salesforce to enable SSO and apply access rights.


  • Given a scenario, identify the auditing and monitoring approaches available on the platform, and describe the tools that are available to diagnose IdP issues.

Salesforce as an Identity Provider

This topic includes the following objectives:

  • Given a scenario, identify the most appropriate OAuth flow (Web based, JWT, User agent, Device auth flow).


  • Given a scenario, recommend appropriate Scope and Configuration of the connected App for Authorization.


  • Describe the various implementation concepts of OAuth (scopes, secrets, tokens, refresh tokens, token expiration, token revocation, etc.).


  • Given a scenario, recommend the Salesforce technologies that should be used to provide identity to the 3rd party system. (Canvas, Connected Apps, App Launcher, etc.).


CRM workflow tools

Access Management Best Practices

This topic includes the following objectives:

  • Given a set of requirements, determine the most appropriate methods of multi-factor authentication to use, and the right type of session they should yield.


  • Given a scenario, how should you best assign roles, profiles, and permission sets to a user during the SSO process, how would you keep these assignments up to date.


  • Given a scenario, describe what tools you can apply to audit and verify the activity/user during and after login.


  • Given a scenario, identify the configuration settings for a Connected app.

Salesforce Identity

This topic includes the following objectives:

  • Given a set of requirements, identify the role Identity Connect product plays in a Salesforce Identity implementation.


  • Given a scenario identify if Salesforce Customer 360 Identity fits into a fully developed Customer 360 solution.


  • Give a set of requirements, recommend the most appropriate Salesforce license type(s).


Salesforce Customer 360

Community (Partner and Customer)

This topic includes the following objectives:

  • Describe the capabilities for customizing the user experience for Experience Cloud (Branding options, authentication options, identity verification self-registration, communications, password reset etc.).


  • Given a set of requirements, determine the best way to support external identity providers in communities and leverage the right user/contact model to support community user experience.


  • Given a requirement, understand the advantages and limitations of External Identity solutions and associated licenses.


  • Given a scenario, determine when to use embedded login.


To prepare successfully for the certification exam, we recommend to work through our

Identity and Access Management Architect Study Guide and Identity and Access Management Architect Practice Exams

Identity and Access Management

Architect Study Guide

Every topic objective explained thoroughly. The most efficient way to study the key concepts in the exam.


Identity and Access Management

Architect Practice Exams

Test yourself with complete practice exams or focus on a particular topic with the topic exams. Find out if you are ready for the exam.


Copyright 2024 -  www.FocusOnForce.com

Copyright 2024 -  www.FocusOnForce.com

@

Not recently active