| CPC H04L 63/0815 (2013.01) | 20 Claims |
|
1. A method, comprising:
receiving, by a customer identity and access management (CIAM) system and from a user device associated with a first user, a request to access resources for a second application, wherein the request indicates an identifier for a first application that was previously provided to the user device to access resources for the first application;
determining, by the CIAM system, using a relational data structure, and based on the identifier for the first application, one or more application identifiers and one or more security account identifiers associated with the first user, wherein the relational data structure comprises a plurality of entries associated with a plurality of users, wherein each of the plurality of entries is associated with a single user and comprises one or more application identifiers, a security account identifier, and a global identifier (ID);
based on providing the one or more application identifiers associated with the first user to a second application back-end system, generating, by the CIAM system, a signed token indicating permissions that the first user is entitled to for the second application; and
providing, by the CIAM and to the user device, the signed token, wherein the signed token is used by the user device to access the resources associated with the second application back-end system.
|