Communities Flashcards
What steps are required to enable self-registration for a B2C portal using person accounts in Salesforce, and why are these steps necessary?
- Enable person accounts in Salesforce Setup: This allows self-registration as individuals rather than as contacts under business accounts.
- Enable access to the person account record type: The person account record type must be assigned to user profiles to ensure proper functionality.
- Leave the Account field empty on the Login & Registration page: This ensures the creation of person account records when users self-register.
External Identity License
- User Profile:
-Provides access to the External Identity User Profile, which defines a specific set of object permissions.
-These permissions can be assigned to a customer or partner.
2.Access:
-Grants access to standard objects (e.g., Account, Contact, Asset).
Includes access to 10 custom objects.
-Provides extra data storage and API requests.
-Offers features such as Chatter and Files.
Contactless User Feature Overview
Lightweight User Directory
The contactless users feature can be utilized to maintain user records for customers or partners without their contact information.
For example, it can be used to maintain users only for identity and authentication.
Creating Contactless Users
A contactless user can be created by creating a user record using Apex, SOAP, or Bulk API 2.0.
Self-registration can be set up for contactless users.
External Identity License Dependency
The contactless users feature is only available with the External Identity license.
This can limit the Experience Cloud features available to site users.
Upgrade and Downgrade Options
A contactless user can be upgraded to a community license by updating their user record with Apex, SOAP, or Bulk API.
A user with a community license can be downgraded to a contactless user.
What are the four login page types available for creating a branded login experience in Salesforce?
Default Page
A standard login page provided by Salesforce.
Login Discovery Page
Allows users to input identifiers like email or username before directing them to the appropriate login method.
Experience Builder Page
A customizable login page created using the Experience Cloud Builder.
Visualforce Page
A login page fully customized using Visualforce.
What are Headless Identity APIs in Salesforce, and how are they used?
Headless Identity APIs
These APIs can be utilized to use Salesforce Customer Identity for authentication while maintaining control of the user experience in an off-platform or third-party app.
How does Passwordless Login work in Salesforce?
Passwordless Login
This can be configured by creating a custom Login Discovery page to allow users to sign up and log in using an email address or phone number.
It also enables users to register identity verification methods.
What is Embedded Login in Salesforce, and how does it work?
Embedded Login
This allows integrating Salesforce login capabilities into an external website owned by the company.
Customers see a login form on the external website, and it can be used as an SSO alternative on external web pages.
What is Identity Verification in the context of Passwordless Login, and what methods are supported?
Supported Verification Methods
- Email
- SMS
- Time-Based One-Time Password (TOTP)
- Physical U2F Security Key
- Salesforce Authenticator
Customization
A custom identity verification page can be created using Visualforce, and the process can be customized with Apex.
Access
The custom verification page can be made publicly accessible and set as the default page in Workspaces | Administration.
How is self-registration configured in Salesforce?
To set up self-registration, navigate to the Login & Registration page of the Administration workspace.
Select the option to allow customers and partners to self-register.
What are the available Self-Registration Page Types in Salesforce?
Self-Registration Page
The available page types are:
- Default Page
- Visualforce Page
- Configurable Self-Reg Page
- Experience Builder Page
What is the name and role of the Controller in self-registration?
The self-registration Apex controller, CommunitiesSelfRegController, can be customized to define how customers and partners register.
It works regardless of the page type selected.
How are new users saved during self-registration in Salesforce?
- New users can be saved as contacts of a business account that can be selected.
- Alternatively, they can be saved as individual person accounts by leaving the Account field blank.
How can the self-registration page in Salesforce be customized?
Page Customization
- The default self-registration page can be customized using Visualforce.
- A custom Visualforce page can be created from scratch.
- The Configurable Self-Reg Page focuses on functionality.
- The Experience Builder Page focuses on branding.
What are Login Flows in Salesforce, and how are they configured?
Custom login flows can be built to display personalized alerts or collect/update information for users.
Configuration
- Create a flow using Flow Builder.
- Assign the flow to specific profiles in the Login Flows setup.
- Users with assigned profiles must complete the flow upon login.
What is a Registration Handler in Salesforce, and how is it configured with an Authentication Provider?
A Registration Handler is an Apex class that implements the Auth.RegistrationHandler interface. It is responsible for creating or updating Salesforce user records based on data from external authentication providers.
When configuring an Authentication Provider (AuthProvider) in Salesforce, a Registration Handler can be specified to process the incoming user data. Salesforce can also automatically generate a Registration Handler template, which can be customized to meet specific requirements.
How can the EXP-ID be implemented for login URLs?
The EXP-ID can be used in login implementations to define the login URL dynamically. For example, setting the EXP-ID to “EMPLOYEE” can direct users to https://cosmic.my.site.com/?expid=EMPLOYEE. This ensures that the branding and login experience dynamically match the user’s context.
How is the EXP-ID applied in OAuth and SAML authorization flows?
The EXP-ID can be included as a parameter in OAuth and SAML flows to render dynamic branding. For instance, the authorization request URL can include the EXP-ID, such as site-url/services/oauth2/authorize/cosmic_computing_ai, to dynamically display branding specific to the “Cosmic Computing AI” brand during login.
When is Embedded Login used in Salesforce, and is Salesforce the IDP or SP?
Embedded Login is used to integrate Salesforce login capabilities into an external website. It serves as a Single Sign-On (SSO) alternative when the external website does not support SSO standards like SAML or OAuth. In this setup, Salesforce acts as the Identity Provider (IDP).
How is Embedded Login configured in Salesforce?
Embedded Login is enabled for an Experience Cloud site through the Login & Registration page in the Administration workspace. Configuration steps include:
1. Creating a connected app.
2. Configuring the Experience Cloud site and external website.
3. Enabling resource sharing across domains.
4. Adding login and logout functions to handle user actions.
What are the considerations and limitations of Embedded Login?
Embedded Login relies on third-party cookies, which are often blocked or restricted in modern browsers. This can prevent the login button from appearing. It is supported on browsers that allow Lightning Experience, including Chrome, Firefox, Safari, and Edge. However, Salesforce recommends using redirect-based OAuth 2.0 flows for better compatibility and security.
What is the correct URL format to use the Experience ID (EXP-ID) for dynamic branding in OAuth flows?
The correct URL format is:
site-url/services/oauth2/authorize/expid_value
This ensures dynamic branding by rendering login page images and content based on the EXP-ID value provided.
What are the different login page types in Salesforce, and what are their key considerations?
The login page types in Salesforce are:
Default Page – A simple login page with basic styling.
Login Discovery Page – Used to configure passwordless login, allowing users to log in with their email address or phone number.
Experience Builder Page – Quickly creates and styles a page to match the company’s brand.
Visualforce Page – Allows complete customization of a login page from scratch.
Special considerations include ensuring compatibility with branding requirements and user preferences for login methods.
