PROVIDING THIRD PARTY AUTHENTICATION IN AN ON-DEMAND SERVICE ENVIRONMENT

US 20130086670A1
Filed: 10/02/2012
Published: 04/04/2013
Est. Priority Date: 10/04/2011
Status: Active Grant

First Claim

Patent Images

1. A method for logging a user into an online host system, the method comprising:

receiving a login request from a web browser application of a client device, wherein the login request identifies the online host system;

in response to receiving the login request, initiating a single sign-on routine that involves an online third party system;

thereafter, obtaining third party user data from the online third party system, wherein the obtained third party user data is associated with the user and is maintained by the online third party system;

modifying, in accordance with the obtained third party user data, host system records maintained by the online host system; and

thereafter, automatically logging the user into the online host system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for logging a user into an online host system begins by receiving a login request from a web browser application of a client device, wherein the login request identifies the online host system. The method continues by initiating a single sign-on routine that involves an online third party system and by obtaining third party user data from the online third party system, wherein the obtained third party user data is associated with the user and is maintained by the online third party system. Host system records maintained by the online host system are modified in accordance with the obtained third party user data. Thereafter, the user is automatically logged into the online host system.

142 Citations

20 Claims

1. A method for logging a user into an online host system, the method comprising:
- receiving a login request from a web browser application of a client device, wherein the login request identifies the online host system;
  
  in response to receiving the login request, initiating a single sign-on routine that involves an online third party system;
  
  thereafter, obtaining third party user data from the online third party system, wherein the obtained third party user data is associated with the user and is maintained by the online third party system;
  
  modifying, in accordance with the obtained third party user data, host system records maintained by the online host system; and
  
  thereafter, automatically logging the user into the online host system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein automatically logging the user into the online host system is performed in the absence of any user-entered credentials for the online host system.
  - 3. The method of claim 1, further comprising:
    - generating a host system session for the user after automatically logging the user into the online host system; and
      
      sending a redirect to the web browser application of the client device, wherein the redirect identifies a resource maintained and provided by the online host system.
  - 4. The method of claim 1, wherein the login request is received from the web browser application of the client device at a time when the user is not logged into the online host system.
  - 5. The method of claim 1, further comprising:
    - sending a token request to the online third party system, wherein sending the token request occurs after initiating the single sign-on routine and before obtaining the third party user data;
      
      in response to sending the token request, receiving an authentication token from the online third party system; and
      
      thereafter, sending a data request for the third party user data to the online third party system, wherein the data request includes the received authentication token.
  - 6. The method of claim 1, wherein the third party user data comprises at least one of:
    - profile information for the user;
      
      a username of the user;
      
      a password of the user;
      
      an image that represents the user;
      
      a name of the user;
      
      biographical information of the user;
      
      an email address of the user;
      
      a telephone number of the user;
      
      a physical address of the user;
      
      a facsimile number of the user;
      
      a location associated with the user;
      
      a title of the user;
      
      a department associated with the user;
      
      a company name associated with the user;
      
      a locale setting of the user;
      
      a language setting of the user;
      
      an endpoint URL for retrieving additional information about the user; and
      
      information related to user access privileges.
  - 7. The method of claim 1, wherein:
    - the online host system comprises a customer relationship management (CRM) system;
      
      the host system records comprise CRM data records; and
      
      the modifying comprises updating at least one of the CRM data records with the obtained third party user data.
  - 8. The method of claim 1, further comprising:
    - determining that the obtained third party user data is mapped to an existing user of the online host system; and
      
      in response to the determining, identifying at least one existing host system record associated with the existing user of the online host system;
      
      wherein the modifying comprises updating the at least one existing host system record with at least some of the obtained third party user data.
  - 9. The method of claim 1, further comprising:
    - determining that the obtained third party user data is not mapped to any existing user of the online host system;
      
      in response to the determining, creating a new user profile for the online host system; and
      
      creating a new host system record linked to the new user profile;
      
      wherein the modifying comprises populating the new host system record with at least some of the obtained third party user data.

10. A non-transitory computer-readable storage medium with executable instructions stored thereon, wherein the executable instructions instruct a processor to perform a method comprising:
- receiving a login request to log a user into an online host system;
  
  in response to receiving the login request, sending a token request to an online third party system;
  
  in response to sending the token request, receiving an authentication token from the online third party system;
  
  using the received authentication token to obtain third party user data from the online third party system, wherein the obtained third party user data is associated with the user and is maintained by the online third party system;
  
  determining that the obtained third party user data is not mapped to any existing user of the online host system; and
  
  in response to the determining, creating a new user profile for the online host system, the new user profile being linked to the user.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The computer-readable storage medium of claim 10, wherein the method further comprises:
    - creating a new host system record linked to the new user profile; and
      
      populating the new host system record with at least some of the obtained third party user data.
  - 12. The computer-readable storage medium of claim 11, wherein:
    - the online host system comprises a customer relationship management (CRM) system; and
      
      the new host system record comprises a CRM data record for the user.
  - 13. The computer-readable storage medium of claim 11, wherein the method further comprises:
    - logging the user into the online host system after creating the new host system record.
  - 14. The computer-readable storage medium of claim 10, wherein the method further comprises:
    - initiating a single sign-on routine to log the user into the online third party system, wherein the initiating occurs after receiving the login request and before sending the token request.
  - 15. The computer-readable storage medium of claim 10, wherein the third party user data comprises at least one of:
    - profile information for the user;
      
      a username of the user;
      
      a password of the user;
      
      an image that represents the user;
      
      a name of the user;
      
      biographical information of the user;
      
      an email address of the user;
      
      a telephone number of the user;
      
      a physical address of the user;
      
      a facsimile number of the user;
      
      a location associated with the user;
      
      a title of the user;
      
      a department associated with the user;
      
      a company name associated with the user;
      
      a locale setting of the user;
      
      a language setting of the user;
      
      an endpoint URL for retrieving additional information about the user; and
      
      information related to user access privileges.

16. A method for logging a user into an online host system, the method comprising:
- receiving a login request from a web browser application of a client device, wherein the login request identifies the online host system;
  
  in response to receiving the login request, redirecting the web browser application to an online third party system;
  
  thereafter, receiving a callback from the web browser application;
  
  in response to receiving the callback, obtaining third party user data from the online third party system, wherein the obtained third party user data is associated with the user and is maintained by the online third party system;
  
  when the obtained third party user data is mapped to an existing user of the online host system, identifying an existing host system record associated with the existing user and updating the identified existing host system record in accordance with the obtained third party user data;
  
  when the obtained third party user data is not mapped to any existing user of the online host system, creating a new user profile for the user, creating a new host system record associated with the new user profile, and populating the new host system record with at least some of the obtained third party user data; and
  
  thereafter, automatically logging the user into the online host system.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method of claim 16, further comprising:
    - generating a host system session for the user after automatically logging the user into the online host system; and
      
      redirecting the web browser application to a resource maintained and provided by the online host system.
  - 18. The method of claim 16, further comprising:
    - sending a token request to the online third party system, wherein sending the token request occurs in response to receiving the callback and before obtaining the third party user data;
      
      in response to sending the token request, receiving an authentication token from the online third party system; and
      
      thereafter, sending a data request for the third party user data to the online third party system, wherein the data request includes the received authentication token.
  - 19. The method of claim 16, wherein the online host system comprises one of a plurality of tenants supported by a multi-tenant database system.
  - 20. The method of claim 16, wherein the online third party system initiates generation of the callback when the user is logged into the online third party system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Salesforce.com, Inc.
Original Assignee
Salesforce.com, Inc.
Inventors
Vangpat, Alan, Mortimore, Charles, Rao, Prathima

Granted Patent

US 8,844,013 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/8
CPC Class Codes

G06F 21/41   where a single sign-on prov...

H04L 63/0815   providing single-sign-on or...

H04L 63/102   Entity profiles

H04L 9/3213   using tickets or tokens, e....

PROVIDING THIRD PARTY AUTHENTICATION IN AN ON-DEMAND SERVICE ENVIRONMENT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

142 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

PROVIDING THIRD PARTY AUTHENTICATION IN AN ON-DEMAND SERVICE ENVIRONMENT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

142 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others