&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
          function printpage()
          {
          window.print()
          }
        </script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=12463959.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 12,463,959 B2</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Cloud-based secrets management credential store</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Michael J. Gaffney,  Perry Hall, MD (US);  Todd Knight,  Tucson, AZ (US);  James Lambert,  Milford, MA (US);  Jeff Mitchell,  Boston, MA (US); and  Louis Carl Ruch,  Vashon, WA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  HashiCorp,  San Francisco, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  HashiCorp,  San Francisco, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Jun.  10, 2022, as Appl. No. 17/837,976.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Prior Publication US 2023/0403265 A1, Dec.  14, 2023</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>H04L 29/06</b></i> (2006.01); <i><b>H04L 9/40</b></i> (2022.01); <i><b>H04L 67/141</b></i> (2022.01); <i><b>H04L 67/143</b></i> (2022.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>H04L 63/083</b></i> (2013.01)&#xa0;[<i><b>H04L 63/101</b></i> (2013.01); <i><b>H04L 63/20</b></i> (2013.01); <i><b>H04L 67/141</b></i> (2013.01); <i><b>H04L 67/143</b></i> (2013.01)]</td>
            <td class="table_data" align="right"><b>20 Claims</b></td>
          </tr>
        </table>
        <center><img src="US12463959-20251104-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root"><b>1</b>. A dynamic credentialing system for accessing and using one or more networked services of a cloud computing infrastructure by a user of a client computer, the accessing and using being enabled by one or more secrets accessed from a secrets management system, the dynamic credentialing system comprising:<div class="claim_text">an identity-based access management system accessible by the client computer via an application programming interface (API), the identity-based access management system comprising a non-transitory machine-readable medium storing instructions that, when executed by at least one processor, cause the processor to receive a request for a session via the API to use a specific service of the one or more networked services, the identity-based access management system having a target service configured to receive the request, the identity-based access management system further comprising a credential store that includes a credential library that receives and stores credentials for authorizing and enabling the session with the specific service of the one or more networked services via a lease generated by the secrets management system to one or more credentials based on the one or more secrets accessed from the secrets management system, the target service being further configured to receive the authorizing credentials and forward the credentials to the client computer via the API to enable the client computer to access and use the one or more networked services of the cloud computing infrastructure for the session,</div>
                <div class="claim_text">wherein the identity-based access management system is further configured such that only lease metadata for the credential is retained by the identity-based access management system, and</div>
                <div class="claim_text">wherein an internal scheduler of the identity-based access management system is configured to periodically renew the lease for the credential while the session is active, and wherein, upon termination of the session, the identity-based access management system is further configured to programmatically call the secrets management system to revoke the lease for the credential.</div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>