Please download the dossier by clicking on the dossier button x
×

Multi-factor authentication for managed applications using single sign-on technology

  • US 10,187,374 B2
  • Filed: 10/29/2015
  • Issued: 01/22/2019
  • Est. Priority Date: 10/29/2015
  • Status: Active Grant
First Claim
Patent Images

1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, the program, when executed by the at least one computing device, being configured to cause the at least one computing device to at least:

  • receive an authentication request for a first client application executed in a client device;

    receive data generated by a single sign-on credential from the client device as part of a single sign-on process, the single sign-on credential being configured to be used by a plurality of client applications of the client device;

    verify the data generated by the single sign-on credential;

    determine whether at least one supplementary authentication factor is required from a second client application by;

    determining a version of an operating system of the client device; and

    determining that the at least one second authentication factor should be requested when the version of the operating system corresponds to a particular operating system version;

    when the at least one supplementary authentication factor is required, and prior to sending an authentication token to the first client application;

    request the at least one supplementary authentication factor from the second client application;

    receive the at least one supplementary authentication factor from the second client application; and

    verify the at least one supplementary authentication factor prior to allowing the first client application to be authenticated in the single sign-on process;

    in response to verifying the data generated by the single sign-on credential and verifying the at least one supplementary authentication factor from the second client application, generate the authentication token; and

    send the authentication token to the first client application.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×