Cross Cloud Application Access
First Claim
1. A computer-implemented method for a security endpoint of a non-isolated computing environment, the method comprising:
- receiving a login request related to an application, wherein the application operates in the non-isolated computing environment, and wherein the login request corresponds to a user of the application;
sending a lookup query to a directory service, wherein the lookup query includes information related to an identity of the user;
receiving a lookup response from the directory service;
in response to the lookup response indicating that the user belongs to the non-isolated computing environment;
requesting an authentication credential from a client device of the user,validating the authentication credential, and in response to successful validation of the authentication credential, providing an identity token to the client device; and
in response to the lookup response indicating that the user belongs to one of a plurality of isolated computing environments, redirecting the client device to a security endpoint of the one of the plurality of isolated computing environments.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer-implemented method for a security endpoint of a non-isolated computing environment includes receiving a login request related to an application within that environment. The login request corresponds to a user of the application. The method includes sending a lookup query, including information related to an identity of the user, to a directory service. The method includes receiving a lookup response from the directory service. The method includes, in response to the lookup response indicating that the user belongs to the non-isolated computing environment, requesting an authentication credential from a client device of the user, validating the authentication credential, and in response to successful validation of the authentication credential, providing an identity token to the client device. The method includes, in response to the lookup response indicating that the user belongs to an isolated computing environment, redirecting the client device to a security endpoint of the isolated computing environment.
15 Citations
20 Claims
-
1. A computer-implemented method for a security endpoint of a non-isolated computing environment, the method comprising:
-
receiving a login request related to an application, wherein the application operates in the non-isolated computing environment, and wherein the login request corresponds to a user of the application; sending a lookup query to a directory service, wherein the lookup query includes information related to an identity of the user; receiving a lookup response from the directory service; in response to the lookup response indicating that the user belongs to the non-isolated computing environment; requesting an authentication credential from a client device of the user, validating the authentication credential, and in response to successful validation of the authentication credential, providing an identity token to the client device; and in response to the lookup response indicating that the user belongs to one of a plurality of isolated computing environments, redirecting the client device to a security endpoint of the one of the plurality of isolated computing environments. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A security endpoint of a non-isolated computing environment, the security endpoint comprising:
-
a computer-readable storage device configured to store computer-executable instructions; and a processing device configured to execute the computer-executable instructions, which upon execution by the processing device, control the system to perform; receiving a login request related to an application, wherein the application operates in the non-isolated computing environment, and wherein the login request corresponds to a user of the application; sending a lookup query to a directory service, wherein the lookup query includes information related to an identity of the user; receiving a lookup response from the directory service; in response to the lookup response indicating that the user belongs to the non-isolated computing environment; requesting an authentication credential from a client device of the user, validating the authentication credential, and in response to successful validation of the authentication credential, providing an identity token to the client device; and in response to the lookup response indicating that the user belongs to one of a plurality of isolated computing environments, redirecting the client device to a security endpoint of the one of the plurality of isolated computing environments. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification