Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Salesforce Certified Platform Identity and Access Management Architect (Plat-Arch-203) Exam - Topic 5 Question 53 Discussion

A service provider (SP) supports both Security Assertion Markup Language (SAML) and OpenID Connect (OIDC).When integrating this SP with Salesforce, which use case is the determining factor when choosing OIDC or SAML?
B) The SP needs to perform API calls back to Salesforce on behalf of the user after the user logs in to the service provider.
A) OIDC is more secure than SAML and therefore is the obvious choice.
C) If the user has a session on Salesforce, you do not want them to be prompted for a username and password when they login to the SP.
D) They are equivalent protocols and there is no real reason to choose one over the other.

Salesforce Certified Platform Identity and Access Management Architect (Plat-Arch-203) Exam - Topic 5 Question 53 Discussion

Actual exam question for Salesforce's Salesforce Certified Platform Identity and Access Management Architect (Plat-Arch-203) exam
Question #: 53
Topic #: 5
[All Salesforce Certified Platform Identity and Access Management Architect (Plat-Arch-203) Questions]

A service provider (SP) supports both Security Assertion Markup Language (SAML) and OpenID Connect (OIDC).

When integrating this SP with Salesforce, which use case is the determining factor when choosing OIDC or SAML?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Margurite at Oct 19, 2024, 04:57 PM

Limited Time Offer

25%

Off

Get Premium Salesforce Certified Platform Identity and Access Management Architect (Plat-Arch-203) Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Adolph
6 months ago
OIDC is more modern, but SAML has its strengths too.
upvoted 0 times
...
Elly
6 months ago
Definitely need to avoid that login prompt if already signed in!
upvoted 0 times
...
Cherilyn
7 months ago
Wait, are they really equivalent? That sounds off.
upvoted 0 times
...
Tori
7 months ago
I think SAML is still pretty secure though.
upvoted 0 times
...
Esteban
7 months ago
OIDC is better for API calls, right?
upvoted 0 times
...
Hildegarde
7 months ago
I thought they were similar, but I guess there are specific use cases that might make one better than the other, especially with Salesforce integration.
upvoted 0 times
...
Natalya
8 months ago
I feel like SAML is more traditional for single sign-on, but I can't recall if that makes it better than OIDC in this scenario.
upvoted 0 times
...
Ahmed
8 months ago
I think I read somewhere that if the user is already logged into Salesforce, we want a seamless experience, so maybe that's why we would choose OIDC?
upvoted 0 times
...
Dorothy
8 months ago
I remember discussing that OIDC is often preferred for API calls, but I'm not sure if that's the only factor.
upvoted 0 times
...
Erinn
8 months ago
If the user already has a session on Salesforce, we don't want to prompt them for credentials again. That's an important consideration.
upvoted 0 times
...
Micah
8 months ago
The key here is the need for the SP to perform API calls back to Salesforce on behalf of the user. That's the determining factor.
upvoted 0 times
...
Wilbert
8 months ago
OIDC is more secure, so that seems like the obvious choice. But I'll need to double-check the details to be sure.
upvoted 0 times
...
Chu
8 months ago
Okay, let's see. The question is asking about integrating with Salesforce, so I'll need to consider the specific requirements there.
upvoted 0 times
...
Margurite
8 months ago
Hmm, this is a tricky one. I'll need to think carefully about the use case and the differences between OIDC and SAML.
upvoted 0 times
...
Estrella
1 year ago
OIDC is the 'new kid on the block,' but SAML has been around longer. It's like choosing between the latest smartphone or a classic car - both have their merits.
upvoted 0 times
Richelle
11 months ago
A: B) The SP needs to perform API calls back to Salesforce on behalf of the user after the user logs in to the service provider.
upvoted 0 times
...
Karan
12 months ago
B: C) If the user has a session on Salesforce, you do not want them to be prompted for a username and password when they login to the SP.
upvoted 0 times
...
Gilberto
12 months ago
A: B) The SP needs to perform API calls back to Salesforce on behalf of the user after the user logs in to the service provider.
upvoted 0 times
...
...
Irving
1 year ago
I'm just glad I don't have to remember all these acronyms on a daily basis. I'll stick to the coffee and let the IT folks handle the technical stuff.
upvoted 0 times
...
Theron
1 year ago
I disagree with option D. There are significant differences between OIDC and SAML, and the choice should be based on the specific requirements of the integration.
upvoted 0 times
Alpha
12 months ago
User 3: Option D is not accurate, there are definitely differences between OIDC and SAML that should be taken into account.
upvoted 0 times
...
Ciara
1 year ago
User 2: I agree, the SP needing to perform API calls back to Salesforce after the user logs in is a key consideration.
upvoted 0 times
...
Rosalind
1 year ago
User 1: I think option B is the determining factor when choosing OIDC or SAML.
upvoted 0 times
...
...
Paris
1 year ago
Option C is also important to consider. If the user is already logged in to Salesforce, you want a seamless login experience with the service provider.
upvoted 0 times
Delisa
1 year ago
A: Exactly, no one wants to keep entering their credentials multiple times.
upvoted 0 times
...
Socorro
1 year ago
B: I agree, it's all about making it easy for the user.
upvoted 0 times
...
Arthur
1 year ago
A: Option C is definitely important to consider. Seamless login experience is key.
upvoted 0 times
...
...
Wilda
1 year ago
OIDC is not necessarily more secure than SAML. The choice depends on the specific use case, as the question states. Option B seems to be the most relevant factor here.
upvoted 0 times
Gussie
1 year ago
C) If the user has a session on Salesforce, you do not want them to be prompted for a username and password when they login to the SP.
upvoted 0 times
...
Hoa
1 year ago
B) The SP needs to perform API calls back to Salesforce on behalf of the user after the user logs in to the service provider.
upvoted 0 times
...
Nguyet
1 year ago
A) OIDC is more secure than SAML and therefore is the obvious choice.
upvoted 0 times
...
...
Kati
1 year ago
But what about the user session on Salesforce? Wouldn't we want to avoid prompting them for username and password?
upvoted 0 times
...
Kanisha
1 year ago
I agree with Deonna. If that's the case, then OIDC would be the better choice.
upvoted 0 times
...
Deonna
1 year ago
I think the determining factor should be if the SP needs to perform API calls back to Salesforce.
upvoted 0 times
...

Save Cancel