Systems and methods for single sign-in for multiple accounts
Abstract
Systems and methods which facilitate single user sign-in for multiple accounts are shown. Embodiments create a single user base which maps users to multiple accounts. The use of a single set of credentials by the user is provided for according to embodiments irrespective of the applications associated with the various accounts having very different security protocols. A system hosting the shared user base preferably provides a single authentication point for multiple services. Embodiments an authenticator string, as may be passed between a client and bridge server and/or client and application, in order to enable user access, detect attacks with respect to a client conversation, etcetera. In addition to providing a shared user base for single sign-in, embodiments provide additional shared functionality and/or functionality not available from the applications themselves.
Claims
exact text as granted — not AI-modified1 . A method comprising:
receiving, at a bridge server, a login request from one of a plurality of users, wherein each of said plurality of users are associated with a same entity and each have respective user credentials; validating, by said bridge server, user credentials of said user requesting said login; identifying, by said bridge server, a secure application account of said entity that is associated with at least one secure application; determining, by said bridge server, entity credentials that grant the entity certain rights to said entity's secure application account; mapping, by said bridge server, said user credentials to said entity credentials; and managing, by said bridge server, interaction of said user with said at least one secure application for performing activity involving use of the secure application account on behalf of said entity, wherein said managing comprises providing at least one value-added service not available from unmapped use of the entity credentials.
2 . A system comprising:
a bridge server disposed in a communication path between at least one client device and at least one secure application; wherein said bridge server is communicatively coupled to a bridge database containing information mapping, for each of a plurality of users who each have respective user credentials and are associated with a same entity having entity credentials that grant the entity certain rights to a secure application account of said entity, said user credentials to said entity credentials; and wherein said bridge server is configured to facilitate access by said plurality of users to said at least one secure application for conducting activity involving use of the secure application account through use of said entity credentials, while maintaining unique identification of each of said users who are so accessing the at least one secure application.
3 . A method comprising:
receiving, at a bridge server, a login request from one of a plurality of users, wherein each of said plurality of users are associated with a same entity and each have respective user credentials; validating, by said bridge server, user credentials of said user requesting said login; identifying, by said bridge server, a secure application account of said entity that is associated with at least one secure application; determining, by said bridge server, entity credentials that grant the entity certain rights to said entity's secure application account; mapping, by said bridge server, said user credentials to said entity credentials, wherein said mapping comprises determining what of said certain rights that are granted to the entity are granted to said user; and managing, by said bridge server, interaction of said user with said at least one secure application for performing activity involving use of the secure application account on behalf of said entity consistent with the determined rights that the user is granted.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.