Passing the Salesforce Certified Identity and Access Management Designer exam

 

#TheJourneyToCTA has been long and arduous so far. 

In late 2016, I wanted to get this cert so that I can get the coveted title of “System Architect”. After that I would have been just 2 more certs away from getting the title of “Application Architect” and being eligible for the CTA board exam. I think I like this route better instead of the erstwhile CTA multiple choice exam. 

In any case, I took the exam in October with very little preparation and failed. I had a few implementations of SSO under my belt by this time but some questions really stumped me and I was overthinking almost every question. It might have been a narrow margin who knows.  After that I put this to the side and focused on work. Towards the end of the year, I went back home to India to spend X’mas with the family.

Early this year I was lucky enough to fly to Destination Success in Vegas and I got some training in the Marketing Cloud side of things. But even when I was bored on those long flights, I would read material about SSO and OAuth. After that detour, I was back and ready to take my revenge on this exam. This time I studied for about 10-14 hours (especially one doc which I read countless times) but focused on the core stuff and this time the exam was a lot easier and I breezed through it and passed and I got my shiny cert. It also fetched me the System Architect cert and I am now 13x certified. 

How to study:

I will not call this exam hard but the topics sure are tricky. It is hard to understand some concepts unless you have some good experience working with things like SSO and OAuth. One is used for authentication(Identity) and the other is for Authorization (access) which is exactly what this exam is all about.

Somehow this exam has a reputation of being hard but just like the Advanced Developer / Platform Dev II multiple choice exams, you either know an answer or you don’t. The key is experience and a deep study of the core concepts and that will do it. 

Firstly for this exam, you need to look at the study guide

There are 60 questions and the passing score is 65% which means that if you are sure of about 40 questions then you should be good. I felt this guide was pretty accurate in terms of the weight-age assigned to the different study topics. 

The following are the most important concepts to know for the exam.

  • Service Provider (SP) v/s Identity Provider (IdP) initiated SSO and when to use each one.
  • My Domain (Pretty important topic) – You better know this in and out. Try to think of this – When is a My domain really required in a SSO implementation?
  • SAML 2.0
  • Benefits of using a SSO solution
  • How do 2 systems establish trust in a SSO implementation
  • Delegated Authentication v/s federated authentication
  • Connected Apps (You should know how to configure and all the settings and what they do)
  • How to administer Connected Apps and how to revoke access?
  • OAuth 2.0 with Salesforce and the different flows. You need to know this document inside out. (I read this atleast 10 times before the exam). 
  • https://developer.salesforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com
  • OAuth related stuff to know:
    • When to use a given flow?
    • What is an access token?
    • What is a refresh token?
    • What is scope and when to use which? (Understand this well)
    • Different parameters passed during the OAuth request and response.
    • What is the client id and secret?
    • How to protect a session ID against interception?
    • What is a callback URL?
  • Salesforce Canvas and the App Launcher
  • Two Factor Authentication (Read anything and everything about this)
  • High Assurance sessions and how to configure them.
  • Salesforce Identity Connect
  • Customer and Partner Communities – Pay special attention to Registration Handlers. 
  • Social Sign On

If you know the above topics from a Salesforce perspective, then you will ace this exam. 

These are the important links in addition to the OAuth link given above (You have to read that many many many times!!!)

  1. The Inkling book is the best source of preparation. If you go through all the material there, you will pass and that’s that.
  2. Trailhead Trail for Identity:
    1. https://trailhead.salesforce.com/en/trails/identity
  3. Identity Implementation Guide
  4. Canvas Developer’s Guide  (I skimmed through and you should keep this for the last in case you are running out of time)
  5. Configure a Salesforce Authentication Provider
  6. Salesforce SSO with ADFS (Very important!!!)
  7. https://developer.salesforce.com/page/How_to_Implement_Single_Sign-On_with_Force.com
  8. https://developer.salesforce.com/page/Single_Sign-On_for_Desktop_and_Mobile_Applications_using_SAML_and_OAuth
  9. Tips for SSO implementations. 
  10. SSO Implemenation Guide
  11. Finally, going back to the Inkling book – Pay special attention to the example scenarios especially around the Hub and Spoke SSO model. 

I think the above study material should be sufficient to vanquish this exam. Remember, it is not hard but if you try to take it without the necessary preparation, you will fail and it is as simple as that. But if you give yourself time and go through the above topics thoroughly, you will pass this exam with ease as I found out.

So don’t be afraid, make a good plan and tackle these topics one by one and try to get some hands on experience.

All the very best and as always please let me know if you have any questions. Thanks for reading!