	US 11,991,164 B2
	Access to federated identities on a shared kiosk computing device
Kavitha Chandramohan, Ontario (CA); and Johannes Stockmann, Woodinville, WA (US)
Filed by Okta, Inc., San Francisco, CA (US)
Filed on Jun. 13, 2023, as Appl. No. 18/334,292.
Application 18/334,292 is a continuation of application No. 17/118,426, filed on Dec. 10, 2020, granted, now 11,716,316.
Prior Publication US 2023/0328052 A1, Oct. 12, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); H04L 67/143 (2022.01)

CPC H04L 63/0815 (2013.01) [H04L 63/0442 (2013.01); H04L 63/0861 (2013.01); H04L 63/0876 (2013.01); H04L 63/108 (2013.01); H04L 67/143 (2013.01)]

20 Claims

1. A computer-implemented method for managing access to third-party applications at a first device, the computer-implemented method comprising:

establishing, at the first device, a federated identity for a user of a second device, wherein the first device is associated with an identity provider (IdP) system, and wherein the federated identity is usable by the IdP system for managing access by the user to a plurality of third-party applications;

receiving, from the second device, a first message requesting authentication of the user with the IdP system, wherein a signature of the first message is based at least in part on credentials of the user, and wherein the credentials are stored on the second device and are associated with the federated identity of the user;

responsive to the first message, authenticating the user with the IdP system based at least in part on the signature; and

transmitting, to the second device, a second message comprising session data for establishing an application session for the user with a third-party application of the plurality of third-party applications, wherein transmission of the second message is based at least in part on authenticating the user with the IdP system.