| CPC H04L 63/102 (2013.01) [H04L 63/0815 (2013.01); H04L 63/083 (2013.01)] | 20 Claims |
|
1. A method for configuring and managing applications at an identity management system, comprising:
determining, at a first cloud platform of the identity management system, first information for an application associated with a plurality of capabilities, wherein the first information is usable by a second cloud platform of the identity management system for configuring the plurality of capabilities via the first cloud platform;
communicating the first information from the first cloud platform to the second cloud platform via a first application programming interface (API) associated with the second cloud platform;
obtaining second information from a first user of the second cloud platform, the second information comprising a first request to configure the application for an account of the application that is associated with the first user;
outputting a second request for the first user to log into a first user profile of the account of the application, wherein the second request is output by the first cloud platform in response to the first request being redirected from the second cloud platform to the first cloud platform in accordance with an authentication flow for the application;
obtaining third information from the first user in response to the second request, wherein the third information is obtained at the first cloud platform and includes a user credential associated with the first user profile and an indication to grant the second cloud platform access to an API credential, and wherein the API credential is associated with at least a permission that enables the second cloud platform to configure at least a capability of the plurality of capabilities in the application via the first cloud platform;
communicating the API credential from the first cloud platform to the second cloud platform via the first API in response to obtaining the third information;
configuring the capability in the application via an API call from the second cloud platform to an endpoint of the first cloud platform, wherein the API call is authenticated with the API credential in accordance with the first information; and
storing the API credential at the second cloud platform for performing one or more actions in accordance with at least the capability.
|