US 11,757,887 B2
Apparatuses, methods, and computer program products for centralized access permissions management of a plurality of application instances
Rachel De Paula Cavalcanti, Sydney (AU); Lavender Chan, Sydney (AU); Jieqing Huang, Sydney (AU); Kaustuv Mukherjee, Sydney (AU); Dipanjan Laha, Sydney (AU); Kieren Dight, Sydney (AU); and Katarzyna Galek, Buderim (AU)
Assigned to ATLASSIAN PTY LTD., Sydney (AU); and ATLASSIAN, INC., San Francisco, CA (US)
Filed by ATLASSIAN PTY LTD., Sydney (AU); and ATLASSIAN, INC., San Francisco, CA (US)
Filed on Jun. 15, 2021, as Appl. No. 17/347,930.
Prior Publication US 2022/0400112 A1, Dec. 15, 2022
Int. Cl. H04L 29/06 (2006.01); H04L 9/40 (2022.01); H04L 41/22 (2022.01)
CPC H04L 63/101 (2013.01) [H04L 63/102 (2013.01); H04L 63/105 (2013.01); H04L 41/22 (2013.01)] 21 Claims
OG exemplary drawing
 
1. An apparatus for programmatically managing access permissions for a plurality of application instances associated with an organization, the apparatus comprising at least one processor and at least one non-transitory memory including program code, the at least one non-transitory memory and the program code configured to, with the at least one processor, cause the apparatus to:
receive an access application instance request associated with an application instance, the application instance associated with an organization and the access application instance request comprising a user email address identifier associated with a user;
parse the user email address identifier for an email domain;
query a permissions repository for a domain permissions profile based on the parsed email domain;
in an instance wherein a domain permissions profile is returned by the query, determine whether the returned domain permissions profile comprises a product role associated with the requested application instance;
in an instance wherein the domain permissions profile comprises a product role associated with the requested application instance, provide the user with access to the application instance based on a role-based domain access permission corresponding to the product role; and
in an instance wherein the domain permissions profile does not comprise a product role associated with the requested application instance,
cause rendering of a request product access user interface to a visual display of a computing device associated with the access application instance request;
receive a request product access request associated with the requested application instance in response to user interaction with the request product access user interface;
generate a request product access notification associated with the requested application instance, the request product access notification comprising the user email address identifier; and
transmit the request product access notification to at least one admin user associated with the organization.