Salesforce Business Analyst Certification Practice Exam

The ability to reset a Single Sign-On (SSO) user password is typically reserved for the admin. Admins have the broadest set of permissions and access controls within Salesforce, which includes managing user credentials. This ensures that sensitive actions like password resets are handled securely and appropriately by trusted personnel.

While other roles may have certain privileges, their capabilities often do not extend to resetting passwords for SSO users. For example, SSO managers may oversee the authentication processes but may not have rights to change user passwords. Similarly, users above an SSO user in the role hierarchy typically have permissions that are more about data access and visibility rather than user management. While it's true that certain permission sets can grant elevated access, the most straightforward and common approach is through an admin, who is responsible for overall user management and security policies within the organization.