Toggle between accounts

US 9,553,868 B2
Filed: 05/19/2015
Issued: 01/24/2017
Est. Priority Date: 05/02/2013
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

providing, by a service, a first mechanism by which users of the service may sign on to the service using native authentication of the service;

providing, by the service, a second mechanism by which users of the service may sign on to the service using a third-party single-sign-on provider;

storing, at the service, data that identifies a plurality of teams;

storing, at the service, data that identifies at least one administrator of each of the plurality of teams;

enabling an administrator of each team of the plurality of teams to access and use a tool to specify which sign-on options, of a plurality of sign-on options made available by the service, are assigned to members of the team to which the administrator belongs;

wherein the plurality of sign-on options includes at least a particular sign-on option in which both the first mechanism and the second mechanism may be used; and

wherein the method is performed by one or more computing devices.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques are described for enabling administrators of teams that use a particular service to specify which sign-on options, of multiple possible sign-on options, are assigned to the members of the teams to which the administrators belong. For example, an administrator may assign a first sign-on option, which only allows users to use native authentication, to one set of members of the team. At the same time, the administrator may assign a second sign-on option, which only allows users to use third-party single-sign-on authentication, to another set of members of the same team.

Citations

20 Claims

1. A method comprising:
- providing, by a service, a first mechanism by which users of the service may sign on to the service using native authentication of the service;
  
  providing, by the service, a second mechanism by which users of the service may sign on to the service using a third-party single-sign-on provider;
  
  storing, at the service, data that identifies a plurality of teams;
  
  storing, at the service, data that identifies at least one administrator of each of the plurality of teams;
  
  enabling an administrator of each team of the plurality of teams to access and use a tool to specify which sign-on options, of a plurality of sign-on options made available by the service, are assigned to members of the team to which the administrator belongs;
  
  wherein the plurality of sign-on options includes at least a particular sign-on option in which both the first mechanism and the second mechanism may be used; and
  
  wherein the method is performed by one or more computing devices.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein an administrator of a particular team of the plurality of teams uses the tool to specify that the particular sign-on option is assigned to particular members of the particular team;
    - and wherein the method further comprises;
      
      while the particular sign-on option is assigned to the particular members, determining which of the particular members successfully used the second mechanism to sign on to the service.
  - 3. The method of claim 1, wherein an administrator of a particular team of the plurality of teams uses the tool to specify that the particular sign-on option is assigned to particular members of the particular team;
    - and wherein the method further comprises;
      
      while the particular sign-on option is assigned to the particular members, determining which of the particular members unsuccessfully attempted to use the second mechanism to sign on to the service.
  - 4. The method of claim 1, wherein the plurality of sign-on options includes another sign-on option in which only the second mechanism may be used.
  - 5. The method of claim 1, wherein an administrator of a particular team of the plurality of teams uses the tool to specify that the particular sign-on option is assigned to particular members of the particular team, wherein the plurality of sign-on options includes a second sign-on option in which only the second mechanism may be used, and wherein the method further comprises:
    - while the particular sign-on option is assigned to the particular members, determining a number of the particular members that successfully used the second mechanism to sign on to the service; and
      
      based on the number, automatically assigning the second sign-on option, instead of the particular sign-on option, to the particular members of the team.
  - 6. The method of claim 1, wherein an administrator of a particular team of the plurality of teams uses the tool to specify that the particular sign-on option is assigned to a particular member of the particular team, wherein the plurality of sign-on options includes a second sign-on option in which only the second mechanism may be used, and wherein the method further comprises:
    - while the particular sign-on option is assigned to the particular member, determining that the particular member successfully used the second mechanism to sign on to the service; and
      
      automatically assigning the second sign-on option, instead of the particular sign-on option, to the particular member.
  - 7. The method of claim 1, wherein the plurality of sign-on options further includes at least:
    - a first sign-on option in which only the first mechanism may be used to sign-on to the service; and
      
      a second sign-on option in which only the second mechanism may be used to sign-on to the service.
  - 8. The method of claim 1, further comprising:
    - determining, for a particular member, a sign-on option, of the plurality of sign-on options, assigned to the particular member, based on a role to which the particular member is assigned;
      
      wherein a plurality of members, from one or more teams of the plurality of teams, are assigned to the role;
      
      wherein the particular sign-on option is assigned to the role.
  - 9. The method of claim 1 wherein the tool provides an interface that includes:
    - a control for receiving, from the administrator, data that indicates an address of a single-sign-on provider;
      
      a control for receiving, from the administrator, data required to authenticate a particular member at the single-sign-on provider; and
      
      a control to initiate a test.
  - 10. The method of claim 9 wherein the interface further comprises an element for indicating whether the test was successful.

11. One or more non-transitory storage media storing instructions which, when executed by one or more computing devices, cause performance of a method comprising the steps of:
- providing, by a service, a first mechanism by which users of the service may sign on to the service using native authentication of the service;
  
  providing, by the service, a second mechanism by which users of the service may sign on to the service using a third-party single-sign-on provider;
  
  storing, at the service, data that identifies a plurality of teams;
  
  storing, at the service, data that identifies at least one administrator of each of the plurality of teams;
  
  enabling an administrator of each team of the plurality of teams to access and use a tool to specify which sign-on options, of a plurality of sign-on options made available by the service, are assigned to members of the team to which the administrator belongs;
  
  wherein the plurality of sign-on options includes at least a particular sign-on option in which both the first mechanism and the second mechanism may be used; and
  
  wherein the method is performed by one or more computing devices.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The one or more non-transitory storage media of claim 11, wherein an administrator of a particular team of the plurality of teams uses the tool to specify that the particular sign-on option is assigned to particular members of the particular team;
    - and wherein the method further comprises;
      
      while the particular sign-on option is assigned to the particular members, determining which of the particular members successfully used the second mechanism to sign on to the service.
  - 13. The one or more non-transitory storage media of claim 11, wherein an administrator of a particular team of the plurality of teams uses the tool to specify that the particular sign-on option is assigned to particular members of the particular team;
    - and wherein the method further comprises;
      
      while the particular sign-on option is assigned to the particular members, determining which of the particular members unsuccessfully attempted to use the second mechanism to sign on to the service.
  - 14. The one or more non-transitory storage media of claim 11, wherein the plurality of sign-on options includes another sign-on option in which only the second mechanism may be used.
  - 15. The one or more non-transitory storage media of claim 11, wherein an administrator of a particular team of the plurality of teams uses the tool to specify that the particular sign-on option is assigned to particular members of the particular team, wherein the plurality of sign-on options includes a second sign-on option in which only the second mechanism may be used, and wherein the method further comprises:
    - while the particular sign-on option is assigned to the particular members, determining a number of the particular members that successfully used the second mechanism to sign on to the service; and
      
      based on the number, automatically assigning the second sign-on option, instead of the particular sign-on option, to the particular members of the team.
  - 16. The one or more non-transitory storage media of claim 11, wherein an administrator of a particular team of the plurality of teams uses the tool to specify that the particular sign-on option is assigned to a particular member of the particular team, wherein the plurality of sign-on options includes a second sign-on option in which only the second mechanism may be used, and wherein the method further comprises:
    - while the particular sign-on option is assigned to the particular member, determining that the particular member successfully used the second mechanism to sign on to the service; and
      
      automatically assigning the second sign-on option, instead of the particular sign-on option, to the particular member.
  - 17. The one or more non-transitory storage media of claim 11, wherein the plurality of sign-on options further includes at least:
    - a first sign-on option in which only the first mechanism may be used to sign-on to the service; and
      
      a second sign-on option in which only the second mechanism may be used to sign-on to the service.
  - 18. The one or more non-transitory storage media of claim 11, wherein the method further comprising:
    - determining, for a particular member, a sign-on option, of the plurality of sign-on options, assigned to the particular member, based on a role to which the particular member is assigned;
      
      wherein a plurality of members, from one or more teams of the plurality of teams, are assigned to the role;
      
      wherein the particular sign-on option is assigned to the role.
  - 19. The one or more non-transitory storage media of claim 11 wherein the tool provides an interface that includes:
    - a control for receiving, from the administrator, data that indicates an address of a single-sign-on provider;
      
      a control for receiving, from the administrator, data required to authenticate a particular member at the single-sign-on provider; and
      
      a control to initiate a test.
  - 20. The one or more non-transitory storage media of claim 19 wherein the interface further comprises an element for indicating whether the test was successful.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dropbox, Inc.
Original Assignee
Dropbox, Inc.
Inventors
Subramani, Anand, Allain, Francois Alexander
Primary Examiner(s)
Le, David

Application Number

US14/716,759
Publication Number

US 20150256533A1
Time in Patent Office

616 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06F 21/45   Structures or tools for the...

H04L 63/0815   providing single-sign-on or...

H04L 63/104   Grouping of entities

H04L 63/105   Multiple levels of security

H04L 63/20   for managing network securi...

Toggle between accounts

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Toggle between accounts

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links