System and Method for Multi-Tenant SSO With Dynamic Attribute Retrieval
First Claim
1. A system for multi-tenant single sign-on (SSO) identity management with dynamic attribute retrieval, the system comprising:
- at least one service provider comprising a service provider SSO module, the at least one service provider configured to provide at least one software service;
at least one service provider plug-in corresponding to the at least one service provider, the at least one service provider plug-in operably connected to the at least one service provider via the service provider SSO module; and
,a service automation platform communicatively coupled to the service provider plug-in and the service provider, the service automation platform further comprising a single sign-on (SSO) dispatcher.
7 Assignments
0 Petitions
Accused Products
Abstract
A system and method for multi-tenant single sign-on (SSO) identity management with dynamic attribute retrieval, the system includes at least one service provider, at least one service provider plug-in, and a service automation platform. A method for multi-tenant SSO identity management with dynamic attribute retrieval, includes the steps of receiving a link to a service provider at an SSO dispatcher, the SSO dispatcher identifying a service, requesting at the SSO dispatcher, user attributes for the at least one service provider, assembling at a service provider handler implementation, a response query, retrieving identity provider credentials from the service automation platform, signing at the SSO dispatcher, a package for a user'"'"'s authentication, and redirecting the package to the service provider.
-
Citations
17 Claims
-
1. A system for multi-tenant single sign-on (SSO) identity management with dynamic attribute retrieval, the system comprising:
-
at least one service provider comprising a service provider SSO module, the at least one service provider configured to provide at least one software service; at least one service provider plug-in corresponding to the at least one service provider, the at least one service provider plug-in operably connected to the at least one service provider via the service provider SSO module; and
,a service automation platform communicatively coupled to the service provider plug-in and the service provider, the service automation platform further comprising a single sign-on (SSO) dispatcher. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for multi-tenant SSO identity management with dynamic attribute retrieval, the method utilizing a system comprising at least one service provider, at least one service provider plug-in, and a service automation platform, the method comprising the steps:
-
a. activating a link to a service provided by the at least one service provider; b. receiving at an SSO dispatcher, the link, the SSO dispatcher identifying the service provided by the at least one service provider; c. requesting at the SSO dispatcher, user attributes for the at least one service provider from a service provider handler; d. assembling at a service provider handler implementation, a response query with the user attributes, the user attributes assembled according to a user attributes schema and service provider settings; e. checking at the SSO dispatcher, whether the response query is a success, and if successful, proceeding to the next step, and if unsuccessful, displaying a message; f. checking at the SSO dispatcher, whether the response query includes identification of an identity provider, and if the response query does not include identification of an identity provider, retrieving public identity provider credentials from the service automation platform, and if the response query is successful, proceeding to the next step; g. determining at the SSO dispatcher, whether the response query identifies a managed identity provider, or an exclusive identity provider, and requesting the respective identity provider'"'"'s credentials identified herein; h. signing at the SSO dispatcher, a package for a user'"'"'s authentication with the credentials; i. redirecting at the SSO dispatcher, the package to the service provider. - View Dependent Claims (13, 14, 15, 16, 17)
-
Specification