Question 1

Northern Trail Outfitters is implementing a busmess-to-business (B2B) collaboration site using SalesforceExperience Cloud. The partners will authenticate with an existing identity provider and the solution will utilizeSecurity Assertion Markup Language (SAML) to provide single sign-on to Salesforce. Delegatedadministration will be used in the Expenence Cloud site to allow the partners to administer their users' access.How should a partner identity be provisioned in Salesforce for this solution?

Options :

A : Create only a contact.

B : Create a contactless user.

C : Create a user and a related contact.

D : Create a person account.

Answer: C

Question 2

A service provider (SP) supports both Security Assertion Markup Language (SAML) and OpenID Connect(OIDC).When integrating this SP with Salesforce, which use case is the determining factor when choosing OIDC orSAML?

Options :

A : OIDC is more secure than SAML and therefore is the obvious choice.

B : The SP needs to perform API calls back to Salesforce on behalf of the user after the user logs in to the service provider.

C : If the user has a session on Salesforce, you do not want them to be prompted for a username and password when they login to the SP.

D : They are equivalent protocols and there is no real reason to choose one over the other.

Answer: B

Question 3

Universal containers (UC) is building a mobile application that will make calls to the salesforce REST API.Additionally UC would like to provide the optimal experience for its mobile users. Which two OAuth scopesshould UC configure in the connected App? Choose 2 answers

Options :

A : Refresh token

B : API

C : full

D : Web

Answer: A,B

Question 4

Universal containers (UC) wants to integrate a Web application with salesforce. The UC team hasimplemented the Oauth web-server Authentication flow for authentication process. Which two considerationsshould an architect point out to UC? Choose 2 answers

Options :

A : The web application should be hosted on a secure server.

B : The web server must be able to protect consumer privacy

C : The flow involves passing the user credentials back and forth.

D : The flow will not provide an Oauth refresh token back to the server.

Answer: A,B

Question 5

Universal containers wants to build a custom mobile app connecting to salesforce using Oauth, and would liketo restrict the types of resources mobile users can access. What Oauth feature of Salesforce should be used toachieve the goal?

Options :

A : Access Tokens

B : Mobile pins

C : Refresh Tokens

D : Scopes

Answer: D

Free Plat-Arch-203 Mock Exam – Practice Online Confidently

Buying Options: