Salesforce Certified Identity and Access Management Designer — Question 11
Universal Containers wants to implement Single Sign-on for a Salesforce org using an external Identity Provider and corporate identity store.
What type of authentication flow is required to support deep linking?
Answer options
- A. Service-Provider-initiated SSO
- B. Web Server OAuth SSO flow
- C. Identity-Provider-initiated SSO
- D. StartURL on Identity Provider
Correct answer: A
Explanation
The correct answer is A, Service-Provider-initiated SSO, which allows users to access specific resources directly after authentication. Option B, Web Server OAuth SSO flow, is not suitable for deep linking as it focuses on OAuth token exchanges rather than SSO. Option C, Identity-Provider-initiated SSO, involves the identity provider initiating the login, which does not support deep linking. Option D, StartURL on Identity Provider, is not a complete authentication flow, but rather a configuration aspect.