Identity migration between organizations
First Claim
1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, wherein when executed the program causes the at least one computing device to at least:
- copy identity data corresponding to a plurality of user accounts of a first organization from a first data store managed by the first organization to a second data store managed by a second organization;
in response to receiving an update to the identity data for one of the plurality of user accounts, transmit the update to both the first data store and the second data store;
perform A/B testing with respect to a first authentication service operated by the first organization and a second authentication service operated by the second organization, the first authentication service being configured to authenticate a user using the identity data stored in the first data store, the second authentication service being configured to authenticate the user using the identity data stored in the second data store, the A/B testing comprising verifying an identity authentication process by comparing a first authentication response from the first authentication service and a second authentication response from the second authentication service;
reconfigure a sign-in process of a network site of the first organization to employ the second authentication service in place of the first authentication service, wherein reconfiguring the sign-in process is performed when the sign-in process fails to exceed a utilization threshold; and
purge the identity data stored from the first data store, wherein servers implementing the second authentication service are separated from servers hosting the network site by a firewall.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are various embodiments for identity data migration from one organization to another. Identity data corresponding to user accounts of a first organization are copied from a first data store managed by the first organization to a second data store managed by a second organization. A sign-in process of a network site of the first organization is reconfigured to employ an authentication service operated by the second organization. The authentication service is configured to authenticate a user of the network site using the identity data stored in the second data store.
20 Citations
18 Claims
-
1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, wherein when executed the program causes the at least one computing device to at least:
-
copy identity data corresponding to a plurality of user accounts of a first organization from a first data store managed by the first organization to a second data store managed by a second organization; in response to receiving an update to the identity data for one of the plurality of user accounts, transmit the update to both the first data store and the second data store; perform A/B testing with respect to a first authentication service operated by the first organization and a second authentication service operated by the second organization, the first authentication service being configured to authenticate a user using the identity data stored in the first data store, the second authentication service being configured to authenticate the user using the identity data stored in the second data store, the A/B testing comprising verifying an identity authentication process by comparing a first authentication response from the first authentication service and a second authentication response from the second authentication service; reconfigure a sign-in process of a network site of the first organization to employ the second authentication service in place of the first authentication service, wherein reconfiguring the sign-in process is performed when the sign-in process fails to exceed a utilization threshold; and purge the identity data stored from the first data store, wherein servers implementing the second authentication service are separated from servers hosting the network site by a firewall. - View Dependent Claims (2, 3, 4)
-
-
5. A system, comprising:
-
at least one computing device; and at least one application executable in the at least one computing device, wherein when executed the at least one application causes the at least one computing device to at least; copy identity data corresponding to a plurality of user accounts of a first organization from a first data store managed by the first organization to a second data store managed by a second organization; in response to receiving an update to the identity data for one of the plurality of user accounts, transmit the update to both the first data store and the second data store; perform A/B testing with respect to a first authentication service operated by the first organization and a second authentication service operated by the second organization, the first authentication service being configured to authenticate a user using the identity data stored in the first data store, the second authentication service being configured to authenticate the user using the identity data stored in the second data store, the A/B testing comprising verifying an identity authentication process by comparing a first authentication response from the first authentication service and a second authentication response from the second authentication service; reconfigure a sign-in process of a network site of the first organization to employ the second authentication service operated by the second organization in place of the first authentication service, wherein reconfiguring the sign-in process is performed when the sign-in process fails to exceed a utilization threshold; and purge the identity data stored from the first data store, wherein servers implementing the second authentication service are separated from servers hosting the network site by a firewall. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method, comprising:
-
copying, via at least one of one or more computing devices, identity data corresponding to a plurality of user accounts of a first organization from a first data store managed by the first organization to a second data store managed by a second organization; receiving, via at least one of the one or more computing devices, an update to the identity data for one of the plurality of user accounts, transmitting, via at least one of the one or more computing devices, the update to both the first data store and the second data store; performing, via at least one of the one or more computing devices, A/B testing with respect to a first authentication service operated by the first organization and a second authentication service operated by the second organization, the first authentication service being configured to authenticate a user using the identity data stored in the first data store, the second authentication service being configured to authenticate the user using the identity data stored in the second data store, the A/B testing comprising verifying an identity authentication process by comparing a first authentication response from the first authentication service and a second authentication response from the second authentication service; reconfiguring, via at least one of the one or more computing devices, a sign-in process of a network site of the first organization to employ the second authentication service operated by the second organization in place of the first authentication service, wherein reconfiguring the sign-in process is performed when the sign-in process fails to exceed a utilization threshold; and purging, via at least one of the one or more computing devices, the identity data stored from the first data store, wherein servers implementing the second authentication service are separated from servers hosting the network site by a firewall. - View Dependent Claims (15, 16, 17, 18)
-
Specification