US 12,105,788 B2
Single sign-on across multiple application instances, such as electronic medical record system instances
Shivudu Bhuvanagiri, Seattle, WA (US); Soumya Sanyal, Seattle, WA (US); Christopher J. Hasz, Seattle, WA (US); Neil W. Black, Seattle, WA (US); Aaron Martin, Seattle, WA (US); and Sebastian Jayaraj, Seattle, WA (US)
Assigned to Praia Health Inc., Chicago, IL (US)
Filed by Providence St. Joseph Health, Seattle, WA (US)
Filed on Jan. 31, 2022, as Appl. No. 17/589,084.
Claims priority of provisional application 63/293,969, filed on Dec. 27, 2021.
Prior Publication US 2023/0205862 A1, Jun. 29, 2023
Int. Cl. H04L 9/40 (2022.01); G06F 21/41 (2013.01); G16H 10/60 (2018.01)
CPC G06F 21/41 (2013.01) [G16H 10/60 (2018.01); H04L 63/0815 (2013.01); H04L 63/083 (2013.01)] 16 Claims
OG exemplary drawing
 
1. A method in a computing system, comprising:
for a user, at a first time, receiving an externally-created sign-in name and a password;
in response to the receiving at the first time:
expanding the received sign-in name to include text identifying an application instance;
hashing the received password to obtain a hash result; and
creating persistent state for the user comprising:
the expanded sign-in name;
a representation of the received password, the representation of the received password including the hash result; and
an identifier by which the user is known to the application instance;
at a second time later than the first time, receiving from the user the externally-created sign-in name and the password;
verifying the user by:
expanding the sign-in name received at the second time to include text identifying an application instance;
hashing the password received at the second time to obtain a hash result; and
verifying that the expanded sign-in name and hash password match the persistent state created for the user; and
in response to the verifying, using the identifier by which the user is known to the application instance to authenticate the user to the application instance.