Customizable sign-on service
First Claim
1. A non-transitory computer-readable medium having stored contents that cause a computing system of a sign-on service to:
- authorize, by the configured computing system, a user based on a match between sign-on information that is received for the user and stored sign-on information in an account of the user with the sign-on service;
determine, by the configured computing system, and for a second service that is a customer of the sign-on service and with which the user is interacting, that the second service is authorized to modify information stored by the sign-on service;
provide, by the configured computing system, a credential to the second service that is generated by the sign-on service to represent the user based at least in part on the authorizing of the user;
after the providing of the credential, receive, by the configured computing system, a request from the second service to modify information for the user that is stored by the sign-on service in the account of the user, wherein the received request includes the credential; and
modify, by the configured computing system and based on the credential included in the received request, the information for the user that is stored by the sign-on service in the account of the user.
0 Assignments
0 Petitions
Accused Products
Abstract
Techniques are described for providing customizable sign-on functionality, such as via an access manager system that provides single sign-on functionality and other functionality to other services for use with those services'"'"' users. The access manager system may maintain various sign-on and other account information for various users, and provide single sign-on functionality for those users using that maintained information on behalf of multiple unrelated services with which those users interact. The access manager may allow a variety of types of customizations to single sign-on functionality and/or other functionality available from the access manager, such as on a per-service basis via configuration by an operator of the service, such as co-branding customizations, customizations of information to be gathered from users, customizations of authority that may be delegated to other services to act on behalf of users, etc., and with the customizations that are available being determined specifically for that service.
-
Citations
24 Claims
-
1. A non-transitory computer-readable medium having stored contents that cause a computing system of a sign-on service to:
-
authorize, by the configured computing system, a user based on a match between sign-on information that is received for the user and stored sign-on information in an account of the user with the sign-on service; determine, by the configured computing system, and for a second service that is a customer of the sign-on service and with which the user is interacting, that the second service is authorized to modify information stored by the sign-on service; provide, by the configured computing system, a credential to the second service that is generated by the sign-on service to represent the user based at least in part on the authorizing of the user; after the providing of the credential, receive, by the configured computing system, a request from the second service to modify information for the user that is stored by the sign-on service in the account of the user, wherein the received request includes the credential; and modify, by the configured computing system and based on the credential included in the received request, the information for the user that is stored by the sign-on service in the account of the user. - View Dependent Claims (2, 3, 4)
-
-
5. A computer-implemented method comprising:
-
authorizing, by one or more configured computing systems providing an access manager system, a user based on identifying information received for the user; determining, by the one or more configured computing systems, that a first service is authorized to participate in modifying information stored by the access manager system; providing, by the one or more configured computing systems, a credential representing the user for later use on behalf of the user; after the providing of the credential, receiving, by the one or more configured computing systems, a request for the first service to modify information for the user that is stored by the access manager system, wherein the received request includes the credential; and modifying, by the one or more configured computing systems and based on the credential included in the received request, the information for the user that is stored by the access manager system. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A system comprising:
-
one or more processors of one or more computing systems; and a memory including instructions that, upon execution by the one or more processors, cause the system to; send one or more messages to a sign-on service to determine that a user is authorized in response to one or more first interactions by the user with a service separate from the sign-on service, and to cause the sign-on service to determine that the service is authorized to participate in modifying information stored by the sign-on service; receive a credential from the sign-on service that represents the user; and in response to one or more second interactions by the user with the service, send one or more additional messages to the sign-on service to cause a modification of information for the user that is stored by the sign-on service, the sent one or more additional messages including the credential to provide verification of authority to perform the modification on behalf of the user. - View Dependent Claims (19, 20, 21, 22, 23, 24)
-
Specification