Explanation:

In a SAML SSO configuration, enabling My Domain in Salesforce is a critical prerequisite for a number of key identity and access features. One such feature is the App Launcher (A), which allows users to access external applications (e.g., Google Workspace, Box, Concur) through Connected Apps configured for SAML-based SSO. The App Launcher relies on the custom domain provided by My Domain to support SP-initiated SSO, meaning users can log into Salesforce and click on a tile to be signed into external apps seamlessly.

Another key benefit that My Domain enables is Resource Deep Linking (B). This capability allows users to directly access specific Salesforce resources—such as a particular record, dashboard, or page—by following a deep link, even if they are not yet authenticated. In SAML-based SSO, My Domain ensures that these unauthenticated deep links correctly trigger the SAML login flow, authenticate the user, and then return them directly to the intended resource after login. Without My Domain, Salesforce cannot route these deep links properly, and users would be redirected to a generic login page instead.

In contrast, SSO from Salesforce Mobile App (C) and Login Forensics (D) are not enabled specifically or directly by My Domain. The mobile app does support SSO, but this requires additional configuration beyond just enabling My Domain. Similarly, Login Forensics refers to audit and login history analysis, which is available through Salesforce Shield or setup audit logs, and is not dependent on My Domain.