Salesforce Certified Identity and Access Management Designer — Question 29

Universal Containers (UC) has implemented an SP-initiated SAML flow between an external IdP and Salesforce. A user at UC is attempting to log in to Salesforce mobile app for the first time and is being prompted for Salesforce credentials instead of being shown the IdP login page.
What is the likely cause of the issue?

Answer options

• A. The "Redirect to Identity Provider” option has NOT been selected in the My Domain configuration.
• B. The "Redirect to Identity Provider" option has NOT been selected on the SAML configuration.
• C. The user has NOT been granted the “Enable Single Sign-on” permission.
• D. The user has NOT configured the Salesforce mobile app to use My Domain for login.

Correct answer: D

Explanation

The correct answer is D because the Salesforce mobile app must be configured to use My Domain for the SAML flow to work correctly. If this is not set up, the user will not be redirected to the IdP login page. Options A and B are incorrect since they pertain to the My Domain and SAML configurations, which are not the cause of the problem in this specific scenario. Option C is also incorrect because the issue is related to the app configuration rather than the user's permissions.