Identity and Access Management Designer Certification

Last certification to complete mine Salesforce Certified System Architect part of the CTA pyramid. And one which I was scared about, as I heard horror stories. No one died because of it – most likely – but the topic is pretty narrow and if Salesforce has to come up with 70+ questions, they must be pretty detailed.

But finally I found time to study for it and enjoyed the possibilities of Salesforce.

Where to study from

I started with Trailhead, obviously. It links to all relevant help articles and at the end I had a feeling I read each of them several times.

Next I checked the blog post from Gemma, all the different flows‘ drawings are awesome and I understood them more than from the help. I would check more in which of them you can use the refresh token and I skipped most of the developer part of it including all those source codes and XML files structure. Gemma also links the Resource Guide which is awesome resource including some hands-on activities.

Maciej’s post is probably even better and I think he distilled the most important parts of this exam including sample questions.

What I learnt

In the interviews I’m doing with people around Salesforce, the most common feedback is, that certification might make sense because you have to learn something new. And this certification wasn’t exception, I learnt that:

  • login flows can be incredible powerful, including assigning permission sets or removing them based on something you find on the fly;
  • single sign on – to Salesforce or from Salesforce to other systems – can save users some nerves and is pretty easy to set up. Including App Launcher as a way to get quick link to other applications;
  • My Domain is incredible – which I already know – and I don’t understand why some organisation still don’t have it or why Salesforce doesn’t push it more (as they wanted a year ago). Branding, a bit of extra security and the same URL even when their instance is migrated;
  • OAuth flows are cool and better than username/password combination;
  • Connected App and the possibility to create users in external systems based on Salesforce users – wow;
  • Lightning Login in case you don’t want to use SSO but still want to make users‘ life easier and add some 2FA;
  • Identity Connect sounds like a must feature for every company, sad it is a paid add-on. I’m not happy with JIT provisioning of users as it is usually too late.

Leave a Reply