New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Okta Certified Administrator Exam - Topic 7 Question 19 Discussion

Actual exam question for Okta's Okta Certified Administrator exam
Question #: 19
Topic #: 7
[All Okta Certified Administrator Questions]

Which is a / are best-practice(s) in a SAML 2.0 situation?

Solution: To not use SAML 2.0 and Provisioning via the same App instance in Okta, but integrate the same SP custom domain via two different app instances in Okta, one for SSO, via SAML 2.0 in this case, and one for provisioning on users

Show Suggested Answer Hide Answer
Suggested Answer: B

by Timothy at May 04, 2022, 05:50 AM

Limited Time Offer

25%

Off

Get Premium Okta Certified Administrator Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Shawnee
4 months ago
Good point, but I wonder if it complicates the setup too much.
upvoted 0 times
...
Dorthy
4 months ago
Seems a bit overkill to me, why not just use one instance?
upvoted 0 times
...
Mari
4 months ago
Wow, I didn't realize that was a best practice!
upvoted 0 times
...
Telma
5 months ago
I disagree, using the same instance could simplify things.
upvoted 0 times
...
Diane
5 months ago
That makes total sense, separating SSO and provisioning is key!
upvoted 0 times
...
Felton
5 months ago
I feel like we went over this in our last session. Using different app instances makes sense, but I wonder if there are other considerations we should keep in mind.
upvoted 0 times
...
Dulce
5 months ago
I'm a bit confused about the specifics of SAML 2.0. I know we shouldn't mix SSO and provisioning, but I can't recall why it's so critical.
upvoted 0 times
...
Telma
5 months ago
I think we practiced a similar question about SAML configurations, and I recall that keeping SSO and provisioning separate was emphasized as a good strategy.
upvoted 0 times
...
Patria
5 months ago
I remember we discussed how using separate app instances for SSO and provisioning can help avoid conflicts, but I'm not entirely sure if that's the only best practice.
upvoted 0 times
...
Leah
5 months ago
Okay, I think I've got this. The key is the phrase "automatically consent," which suggests a contract of adhesion where the terms are non-negotiable. I'm going to go with B.
upvoted 0 times
...
Dierdre
5 months ago
Okay, I think the key here is looking for a network type that has redundant paths but doesn't have a protocol in place to prevent broadcast storms, like STP. That points me towards option D as the right answer.
upvoted 0 times
...

Save Cancel