| CPC H04L 63/0807 (2013.01) [H04L 63/0815 (2013.01); H04L 63/0884 (2013.01); H04L 63/102 (2013.01)] | 20 Claims |
|
1. A method of providing access to digital resources using multiple user identities, the method comprising:
receiving, by an application connector, from a client application, a first set of authentication tokens that authorize a user of the client application to acquire target data provided by a server application, wherein the first set of authentication tokens uniquely identifies a first organization to which the user belongs;
receiving, by the application connector, from the client application, a second set of authentication tokens that authorize the user to access a connected application, wherein the second set of authentication tokens uniquely identifies a second organization to which the user belongs;
validating that the identified first and second organizations are a same organization;
sending, from the application connector, to the server application, a first request to acquire the target data provided by the server application, the first request including the first set of authentication tokens and an identifier of the target data;
receiving, by the application connector, from the server application, the target data; and
sending the target data from the application connector to the connected application in a second request that also includes the second set of authentication tokens;
wherein:
the first set of authentication tokens includes a customer identifier that uniquely identifies the first organization to the server application;
the second set of authentication tokens includes a tenant identifier that uniquely identifies the second organization to the connected application;
validating that the identified first and second organizations are the same organization further comprises validating a mapping between the customer identifier and the tenant identifier; and
the application connector receives the mapping from a configuration application.
|