Salesforce Certified Identity and Access Management Practice Exam 2024 - Free Identity and Access Management Practice Questions and Study Guide

The Web Server OAuth Authentication Flow is the correct answer because it allows a Canvas app to authenticate and obtain a session token without prompting the user for their credentials. The other options are incorrect because - User-Agent OAuth Authentication Flow: This flow requires the user to enter their credentials in a popup window, which is not ideal for a Canvas app. - Refresh Token OAuth Authentication Flow: This flow is used for obtaining new access tokens after the initial authentication. It is not the primary flow used for initial authentication in Canvas apps. - JSON Web Token (JWT) OAuth Authentication Flow: This flow is used for server-to-server integration and is not suitable for Canvas apps, which are user-facing applications.