Unified user login
First Claim
1. A computer-implemented method comprising:
- receiving a login request from a user to access an account, wherein the login request is associated with a user identifier;
parsing the user identifier to determine a domain;
determining automatically whether the login request is associated with a known identity provider based at least in part on the determined domain;
directing the user to the known identity provider for authentication responsive to determining, based at least in part on the determined domain, that the login request is associated with the known identity provider;
receiving assertion data and information responsive to the known identity provider authenticating the user;
verifying assertion data using an online verification service;
determining whether the user is associated with an existing account after verifying the assertion data;
responsive to the verification of the assertion data and the determination that the user is not associated with the existing account, creating a new account for the user and logging the user into the new account; and
responsive to the verification of the assertion data and the determination that the user is associated with the existing account, logging the user into the account.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for enabling, on any website, a unified user login that supports login through multiple known identity providers and, if necessary, the website'"'"'s legacy login are disclosed. In one example, the system comprises a login receiver module, an identity provider determination module, a legacy account module, a federated account module and a login module. The login receiver module receives a login request associated with a user identifier. The identity provider determination module determines whether the login request is associated with a known identity provider. The legacy account module performs legacy account creation and/or legacy login verification when the address is not associated with any known identity provider. Otherwise, the federated account module performs federated account creation and/or federated login verification. The login module logs the user into the account responsive to one or more of verification and account creation.
29 Citations
15 Claims
-
1. A computer-implemented method comprising:
-
receiving a login request from a user to access an account, wherein the login request is associated with a user identifier; parsing the user identifier to determine a domain; determining automatically whether the login request is associated with a known identity provider based at least in part on the determined domain; directing the user to the known identity provider for authentication responsive to determining, based at least in part on the determined domain, that the login request is associated with the known identity provider; receiving assertion data and information responsive to the known identity provider authenticating the user; verifying assertion data using an online verification service; determining whether the user is associated with an existing account after verifying the assertion data; responsive to the verification of the assertion data and the determination that the user is not associated with the existing account, creating a new account for the user and logging the user into the new account; and responsive to the verification of the assertion data and the determination that the user is associated with the existing account, logging the user into the account. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer program product comprising a non-transitory computer readable medium encoding instructions that, in response to execution by a computing device, cause the computing device to perform operations comprising:
-
receiving a login request from a user to access an account, wherein the login request is associated with a user identifier; parsing the user identifier to determine a domain; determining automatically whether the login request is associated with a known identity provider based at least in part on the determined domain, wherein the determined domain is associated with one known identity provider at most; directing the user to the known identity provider for authentication responsive to determining, based at least in part on the determined domain, that the login request is associated with the known identity provider; receiving assertion data and information responsive to the known identity provider authenticating the user; verifying assertion data using an online verification service; determining whether the user is associated with an existing account after verifying the assertion data; responsive to the verification of the assertion data and the determination that the user is not associated with the existing account, creating a new account for the user and logging the user into the new account; and responsive to the verification of the assertion data and the determination that the user is associated with the existing account, logging the user into the account. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A system for user login, the system comprising:
-
a login receiver module operable to receive a login request from a user to access an account, wherein the login request is associated with a user identifier; an identity provider determination module operable to parse the user identifier to determine a domain, and determine whether the login request is associated with a known identity provider based at least in part on the determined domain, wherein the determined domain is associated with one known identity provider at most; a legacy account module operable to perform one or more of legacy account creation and legacy login verification responsive to a determination that the determined domain is not associated with any known identity provider; a federated account module operable to perform one or more of federated account creation and federated login verification responsive to a determination, based at least in part on the determined domain, that the determined domain is associated with the known identity provider, the federated account module including an account upgrader module operable to determine whether the existing account is associated with a legacy password and, responsive to determining that the existing account is associated with the legacy password, deleting the legacy password; and a login module operable to log the user into the account responsive to one or more of verification by the legacy account module or the federated account module and account creation by the legacy account module or the federated account module, the login module communicatively coupled to receive one or more of verification and account creation from one or more of the legacy account module and the federated account module. - View Dependent Claims (12, 13, 14, 15)
-
Specification