GENERATING DERIVED CREDENTIALS FOR A MULTI-TENANT IDENTITY CLOUD SERVICE
First Claim
1. A non-transitory computer readable medium having instructions stored thereon that, when executed by a processor, cause the processor to provide cloud based identity management, the providing comprising:
- receiving a request to execute a job, wherein the job has a scheduled start time, or a timeframe to complete, that exceeds a validity time of a request access token;
generating the request access token corresponding to the job, the request access token comprising access privileges;
scheduling the job;
persisting the request access token;
triggering the job at the scheduled start time;
generating a derived access token based on the request access token, wherein the derived access token comprises the access privileges;
injecting the derived access token during runtime of the job; and
calling a microservice using the derived access token to execute the job.
1 Assignment
0 Petitions
Accused Products
Abstract
A multi-tenant system that provides cloud-based identity management receives a request to execute a job, where the job has a scheduled start time, or a timeframe to complete, that exceeds the validity time of a request access token. The system generates the request access token corresponding to the job, where the request access token has access privileges. The system schedules the job and persists the request access token. The system triggers the job at the scheduled start time and generates a derived access token based on the request access token, where the derived access token includes the access privileges. The system then injects the derived access token during runtime of the job and calls a microservice using the derived access token to execute the job.
-
Citations
20 Claims
-
1. A non-transitory computer readable medium having instructions stored thereon that, when executed by a processor, cause the processor to provide cloud based identity management, the providing comprising:
-
receiving a request to execute a job, wherein the job has a scheduled start time, or a timeframe to complete, that exceeds a validity time of a request access token; generating the request access token corresponding to the job, the request access token comprising access privileges; scheduling the job; persisting the request access token; triggering the job at the scheduled start time; generating a derived access token based on the request access token, wherein the derived access token comprises the access privileges; injecting the derived access token during runtime of the job; and calling a microservice using the derived access token to execute the job. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method to provide cloud based identity management, the method comprising:
-
receiving a request to execute a job, wherein the job has a scheduled start time, or a timeframe to complete, that exceeds a validity time of a request access token; generating the request access token corresponding to the job, the request access token comprising access privileges; scheduling the job; persisting the request access token; triggering the job at the scheduled start time; generating a derived access token based on the request access token, wherein the derived access token comprises the access privileges; injecting the derived access token during runtime of the job; and calling a microservice using the derived access token to execute the job. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system for providing cloud-based identity and access management, comprising:
-
a plurality of tenants; a plurality of microservices; and one or more processors that; receive a request to execute a job, wherein the job has a scheduled start time, or a timeframe to complete, that exceeds a validity time of a request access token; generate the request access token corresponding to the job, the request access token comprising access privileges; schedule the job; persist the request access token; trigger the job at the scheduled start time; generate a derived access token based on the request access token, wherein the derived access token comprises the access privileges; inject the derived access token during runtime of the job; and call a microservice using the derived access token to execute the job. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification