×

Mapping tenat groups to identity management classes

  • US 10,372,483 B2
  • Filed: 01/20/2014
  • Issued: 08/06/2019
  • Est. Priority Date: 01/20/2014
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • mapping, by a system including a processor, groups of a plurality of tenants to identity management classes corresponding to respective roles that grant respective permissions for performing tasks with respect to at least one application, the at least one application accessible by the plurality of tenants, wherein the identity management classes are associated with hierarchical delegation information that specifies delegation rights among members of the identity management classes; and

    in response to a request by a first member of a first of the identity management classes to perform delegation with respect to a second member of one of the identity management classes, determining, by the system based on the delegation rights specified in the hierarchical delegation information for the first identity management class, whether the first member is allowed to perform the delegation with respect to the second member,wherein to perform the delegation with respect to the second member includes at least one of enrolling the second member in a particular identity management class, modifying information of the second member in the particular identity management class, and removing the second member from the particular identity management class, andwherein a first group and a second group of the groups of the plurality of tenants have a same role, but are mapped to different identity management classes having different delegation rights, wherein the delegation rights of each of the members of the identity management classes specify rights of each of the members of the identity management class to perform delegation with respect to further members of the identity management class.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×