Abstract: A technique includes creating, by a computer, a sandboxed user account on the computer, where creating the sandboxed user account includes generating credentials for the sandboxed user account. The technique includes creating, by the computer, an operating system session and executing a single sign on (SSO) tool in the operating system session in association with the sandboxed user account. In response to a request that is associated with another user account to start up an application, authorizing, by the computer, use of the application by the other user account based on credentials that are associated with the other user account and starting up the application by the computer. Starting up the application includes using the SSO tool to inject SSO credentials for the other user account based on policy authorization into the application such that the application is executed in association with the sandboxed user account.

Abstract: A technique includes creating, by a computer, a sandboxed user account on the computer, where creating the sandboxed user account includes generating credentials for the sandboxed user account. The technique includes creating, by the computer, an operating system session and executing a single sign on (SSO) tool in the operating system session in association with the sandboxed user account. In response to a request that is associated with another user account to start up an application, authorizing, by the computer, use of the application by the other user account based on credentials that are associated with the other user account and starting up the application by the computer. Starting up the application includes using the SSO tool to inject SSO credentials for the other user account based on policy authorization into the application such that the application is executed in association with the sandboxed user account.