Salesforce Certified Identity and Access Management Practice

What is the significance of combining OAuth and SAML for single sign-on in Salesforce?

• A. OAuth means users can connect to apps
• B. SAML authenticates users
• C. Authentication and Authorisation are separated, so SAML can be run instead of asking for a username and password
• D. Apps now use web browsers to authenticate instead of code

The correct answer is: Authentication and Authorisation are separated, so SAML can be run instead of asking for a username and password

Combining OAuth and SAML for single sign-on (SSO) in Salesforce offers significant advantages, particularly in how authentication and authorization are managed. SAML (Security Assertion Markup Language) serves to authenticate users, establishing their identity and ensuring they are who they claim to be. On the other hand, OAuth (Open Authorization) focuses on granting third-party applications limited access to a user's resources without exposing their credentials. The significance of this combination lies in the separation of authentication and authorization. By leveraging SAML for authentication, users can log in once and gain access to multiple applications without needing to enter their credentials repeatedly. This seamless integration enables organizations to enhance security by reducing the risks associated with password sharing or phishing while streamlining the user experience. Furthermore, this separation allows for the flexibility to run SAML assertions to authenticate users without direct interaction, minimizing the reliance on traditional username and password combinations. This enhances security protocols and user convenience, as sessions can be managed more effectively, and users are often verifiably authenticated through a trusted identity provider. Thus, the chosen answer effectively highlights this crucial aspect of the integration of OAuth and SAML in providing a secure and user-friendly single sign-on experience in Salesforce.