Universal Containers (UC) has a classified information system that its call center team uses only when they are working on a case with a record type "Classified". They are only allowed to access the system when they own an open "Classified" case, and their access to the system is removed at all other times. They would like to implement SAML SSO eith Salesforce as the Idp, and automatically allow or deny the staff's access to the classified information system based on whether they currently own an open "Classified" case record when they try to access the system using SSO. What is the recommended solution for automatically allowing or denying the access to the classified information system based on the open "classified" case record criteria?

How should an Architect automatically redirect users to the login page of the external Identity provider when using an SP - Initiated SAML flow with Salesforce as a Service Provider?

Universal Containers (UC) has an e - commerce website where customers can buy products, make payments and manage their accounts. UC decides to build a Customer Community on Salesforce and wants to allow the customers to access the community from their accounts without logging in again. UC decides to implement an SP - initiated SSO using a SAML - compliant Idp. In this scenario where Salesforce is the Service Provider, which two activities must be performed in Salesforce to make SP - initiated SSO work? Choose 2 answers

Universal Containers (UC) has a custom, internal - only, mobile billing application for users who are commonly out of the office. The app is configured as a connected App in Salesforce. Due to the nature of this app, UC would like to take the appropriate measures to properly secure access to the app. Which two are recommendations to make the UC? Choose 2 answers

What information does the 'Relaystate' parameter contain in sp - Initiated Single Sign - on?