
Define authentication versus authorization, and explain how SAML, OAuth 2.0, and OpenID Connect enable single sign-on with IDP and SP for enterprise and consumer applications.
Configure single sign-on to Salesforce using Okta as the identity provider by setting up a free Okta account, adding the Salesforce integration, and enabling SAML on both Okta and Salesforce.
Learn to log in to Salesforce via IdP-initiated single sign-on with Okta, acting as identity provider and Salesforce as service provider, using a SAML assertion.
Demonstrates IdP-initiated SSO from Okta to Salesforce, with setting up Okta Verify MFA, app access, and login history confirming a SAML IdP initiated flow.
Configure google as a Salesforce managed authentication provider and add it to the login page, covering provider selection, blank credentials, and the ssl registration handler.
Configure delegated authentication in Salesforce by delegating user credentials to an external system like Active Directory, enabling single sign on, and using the delegated gateway URL to validate credentials.
Learn about OAuth tokens—authorization code, access token, refresh token, and ID token—and how they enable web server flows, token exchange, and OpenID Connect authentication.
Master Salesforce MFA essentials and its differences from two-factor authentication. Explore verification methods, including authenticator apps, security keys, and SMS or email for external users, plus temporary verification codes.
Enable multi-factor authentication by configuring the identity verification page and forcing MFA for logins, then assign MFA via permission sets or profiles and link Salesforce Authenticator, Google Authenticator, or Authy.
Master step up authentication by raising session security to high assurance for sensitive actions, using accepted verification methods such as MFA, Salesforce Authenticator, TOTP, or security keys.
Enable event monitoring to access the login event type and download hourly or daily CSV event log files via the event log file browser or REST API.
Explore Salesforce editions and licensing, including standard, lightning platform, and experience cloud licenses. Understand permission set licenses and feature licenses, and how they differ in granting access.
Enable digital experiences, create and publish an Experience Cloud site, assign a custom profile to members, activate, and brand the community from setup to builder.
Learn to enable self-registration in Experience Cloud and compare default, Visualforce, configurable, and Experience Builder page types for sign-up, including business accounts and person accounts.
Customize the experience cloud login page and theme branding with Experience Builder, adjusting logo, background, colors, fonts, images, layout, and CSS overrides.
Welcome to the Salesforce Identity and Access Management Architect Course!
I have designed and built this course based on the latest exam guide objectives of the Salesforce Identity and Access Management Architect cert.
For every topic of the exam guide objective, I have included an explanation video based on a slide deck, and some topics have a demo video where I showcase the objective in my Salesforce developer environment.
I am sharing all the slides in PDF so that you could download them and read them offline, and I am also including a lot of reference links in each lecture that you can refer to. These references include links to:
YouTube videos
Trailhead modules
Sources I have used to build the slides
Salesforce documentation related to the topic
Salesforce guides and eBooks
Finally, I have been there, I spent hours and hours preparing for this exam, I dissected each and every topic of the exam guide, and took tons of notes, just like I did when preparing for my other certifications. I am sure that after completing this course, visiting all links that I included, and after practicing on the Salesforce environment, you will pass this exam, and you will become a Salesforce Certified Identity and Access Management Architect!
Good Luck!
Walid