Salesforce Certified Identity and Access Management Practice

The method used for single sign-on (SSO) in Salesforce is Identity Federation. This approach allows users to authenticate once and gain access to multiple applications without needing to log in separately for each one. Identity Federation leverages standard protocols such as SAML (Security Assertion Markup Language) to facilitate this seamless login experience, enabling organizations to integrate Salesforce with external identity providers.

When employing Identity Federation, Salesforce can receive authentication assertions from an external identity provider, which allows users to access Salesforce using credentials managed by that provider. This not only improves user experience by reducing the number of logins required but also enhances security by centralizing authentication within a trusted identity provider.

The other methods listed are not suited for single sign-on. Session Management deals with maintaining user sessions and does not provide the cross-application access required for SSO. Community Access focuses on allowing external users to access Salesforce community sites, while Data Sharing Rules pertain to the sharing of data records within Salesforce and do not involve authentication or access management at a higher level. Thus, Identity Federation stands out as the appropriate method for implementing single sign-on in Salesforce.