| CPC H04L 9/32 (2013.01) [H04L 9/088 (2013.01); H04L 9/30 (2013.01)] | 20 Claims |
|
1. A method for managing sessions with an application server via an identity management system, comprising:
receiving, via an application protocol interface (API) of a cloud service of the identity management system, a first request for user access to an account of the application server, wherein the first request is associated with a first user of the account;
transmitting, via the API and in response to the first request, a second request for a secrets service associated with the identity management system to encrypt a password associated with the first user to a public key of a keypair, wherein the first request includes an indication of the public key;
receiving, via the API and in response to the second request, a first message comprising the encrypted password, wherein the first message is received from the secrets service;
transmitting, via the API in response to the first message, a second message comprising at least the encrypted password, wherein the second message is transmitted to an end-client that is associated with the identity management system and that has access to a private key of the keypair; and
establishing, at the end-client on behalf of the first user, a session for the account of the application server, wherein establishing the session is based at least in part on the end-client having access to the private key.
|