Learn how to enable deep linking when implementing SSO for a Salesforce org using an external Identity Provider and corporate identity store. Discover the required authentication flow.
Table of Contents
Question
Universal Containers wants to implement Single Sign-on for a Salesforce org using an external Identity Provider and corporate identity store.
What type of authentication flow is required to support deep linking?
A. Service-Provider-initiated SSO
B. Web Server OAuth SSO flow
C. Identity-Provider-initiated SSO
D. StartURL on Identity Provider
Answer
A. Service-Provider-initiated SSO
Explanation
Identity-Provider-initiated SSO is the correct authentication flow required to support deep linking when implementing Single Sign-On for a Salesforce org using an external Identity Provider and corporate identity store.
In this flow, the user starts at the Identity Provider, logs in, and is redirected to Salesforce with a SAML assertion. The SAML assertion contains the authenticated user’s information and the intended Salesforce URL (deep link). Salesforce processes the assertion and redirects the user to the specified deep link within the application.
This approach allows users to access specific Salesforce pages or records directly from the Identity Provider without additional login prompts, providing a seamless SSO experience with deep linking capabilities.
Salesforce Certified Identity and Access Management Designer certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Salesforce Certified Identity and Access Management Designer exam and earn Salesforce Certified Identity and Access Management Designer certification.