Start tracking your progress
Trailhead Home
Trailhead Home

Maintain Your Identity and Access Management Certification for Spring '19

Learning Objectives

After completing this unit, you’ll be able to:

  • Describe key features available in Identity and Access Management design as of Spring ’19.

Salesforce Certification—Special Maintenance Policy

If you currently hold the Salesforce Identity and Access Management Designer credential, you do not need to complete this module by the previously posted April 10th certification maintenance deadline. Instead, your Salesforce certification will automatically be maintained into the next release cycle.

There is no action required, and your certification will not expire. Your certification status will be updated by April 10, 2020. We'll send you an email confirmation to let you know when we've updated your status.

Of course, we know you want to keep your skills up to date and learn about the latest features. This module contains lots of great info about the latest release, which you can explore without worrying about deadlines. Salesforce introduced a number of great feature enhancements. Let’s take a look at some of the more important ones.

Enable and Let Users Log In with Their Email, Phone Number, or Any Identifier You Choose

With the Spring ’19 update, in just a few clicks, you can deploy login pages that simplify how external users log in to your community. With the Login Discovery feature, you can let your external users identify themselves using something other than a username, such as a phone number. Instead of a password, they can verify their identity with a code sent to their email or mobile device. And, if your org is enabled with multiple Identity Providers (IdPs), login is a one-step process—users bypass verification altogether.

Create an Identity-First Login Page with My Domain Login Discovery

Configure My Domain with Login Discovery to simplify the login process for users. This login process is sometimes called interview-based or identity-first login. Instead of requiring users to log in with a username and password, the My Domain Login Discovery page prompts them to enter a unique identifier, such as an email address or phone number. Then users are prompted to authenticate based on the identifier they supply. If they’re configured for SSO, they don’t even have to choose. My Domain Login Discovery sends them directly to the identity provider (IdP) login page to authenticate.

Get More Security with a Refreshed Password Blocklist

With the Spring ’19 update, we refreshed the password blocklist to give your org added security. 

Create Lightweight Contactless External Identity Users

Reduce the overhead of managing external identity users by creating users without contact information. Without contacts, you don’t have to worry about keeping user and contact records in sync. You can simply maintain a user database for identity purposes. You can add contacts later if you decide that you want them—for example, when the user becomes a qualified lead. You can also remove contacts from existing users to make the most of your community licenses.

Authenticate Your Users with Certificates

With the Spring ’19 update, Salesforce now provides certificate-based authentication. Using either Salesforce Setup or API, you can upload unique PEM-encoded X.509 digital certificates to authenticate individual users to your org.