Abstract: Methods, systems, computer-readable media, and apparatuses method for performing single sign on for a user device to the Internet. A hosted desktop may monitor activity on one or more ports on a local host interface. The hosted desktop may detect a call to initiate a single-sign-on from the hosted desktop into a website. The website may be associated with a one-time-use token. A public key of the website may be retrieved based on verification of the one-time-use token. An identity token corresponding to a user may be obtained and the identity token may be encrypted based on the public key of the website. The encrypted identity token may be provided to the website to establish the single-sign-on on behalf of the user with the website.

Abstract: Methods, systems, computer-readable media, and apparatuses method for performing single sign on for a user device to the Internet. A hosted desktop may monitor activity on one or more ports on a local host interface. The hosted desktop may detect a call to initiate a single-sign-on from the hosted desktop into a website. The website may be associated with a one-time-use token. A public key of the website may be retrieved based on verification of the one-time-use token. An identity token corresponding to a user may be obtained and the identity token may be encrypted based on the public key of the website. The encrypted identity token may be provided to the website to establish the single-sign-on on behalf of the user with the website.

Abstract: Aspects of the disclosure relate to wrapping continuation tokens to support paging for multiple servers across different geolocations. An enterprise server may receive a first request for a plurality of records, and the first request for the plurality of records may request a quantity of records exceeding a page size limit. In response to receiving the first request, the enterprise server may retrieve a first set of records comprising a first number of records equal to the page size limit. The enterprise server may generate a first wrapped continuation token comprising location information identifying a geographic location of a first server where a next set of records is to be retrieved. Finally, the enterprise server may send, to the client device, the first set of records and the first wrapped continuation token, which may cause the client device to process the first set of records.

Abstract: Methods, systems, computer-readable media, and apparatuses method for performing single sign on for a user device to the Internet. User sign-in credentials including an identity token of the user are received by a hosted desktop from the user device, including an indication that the user is attempting to access a website. The website is authorized as a trusted website by a network authorization node, and the website is issued a one-time-use token. A web browser of the hosted desktop receives an application provided by the website to cause the web browser to call the hosted desktop to initiate single sign on. Authenticity of the one-time-use token is requested by a daemon process, and the website's public key is obtained. Upon verifying authenticity of the web site, the identity token of the user is passed to the website, to enable the website to establish single sign on with the user.

Abstract: Methods and systems for secure authentication of users based on unique device identifiers are described herein. A computing device may receive, from a user device, a device registration. The device registration may comprise authentication credentials, device information, and/or a public key. Based on the authentication credentials and/or the device information, a unique device identifier may be generated. A token may be generated based on the unique device identifier and sent to the user device. A request for content may be received from the user device. A nonce may be sent to the user device. The token and a signed version of the nonce may be received from the user device. The nonce may have been signed using a private key corresponding to the public key. Access to the content may be provided based on the token, the unique device identifier, and/or the signed version of the nonce.

Abstract: Methods and systems for secure authentication of users based on unique device identifiers are described herein. A computing device may receive, from a user device, a device registration. The device registration may comprise authentication credentials, device information, and/or a public key. Based on the authentication credentials and/or the device information, a unique device identifier may be generated. A token may be generated based on the unique device identifier and sent to the user device. A request for content may be received from the user device. A nonce may be sent to the user device. The token and a signed version of the nonce may be received from the user device. The nonce may have been signed using a private key corresponding to the public key. Access to the content may be provided based on the token, the unique device identifier, and/or the signed version of the nonce.

Abstract: Methods and devices for searching and aggregating data in a distributed cloud computing environment are provided. In some embodiments, a request from a client to perform a data transaction is received by a first server. The first server simultaneously spawns a plurality of threads, each thread sending to a different server of a plurality of servers the request to perform the data transaction. A response indicating whether the data transaction was performed by the server is received by the first server and from each server of the plurality of servers. In response to an indication that the data transaction was performed by one or more servers of the plurality of servers and when the data transaction is a get transaction: data corresponding to the data transaction is received by the first server and from the one more servers, the data received from the one or more servers is aggregated by the first server to form combined data, and the first server sends the combined data to the client.

Abstract: Methods, systems, computer-readable media, and apparatuses method for performing single sign on for a user device to the Internet. User sign-in credentials including an identity token of the user are received by a hosted desktop from the user device, including an indication that the user is attempting to access a website. The website is authorized as a trusted website by a network authorization node, and the website is issued a one-time-use token. A web browser of the hosted desktop receives an application provided by the website to cause the web browser to call the hosted desktop to initiate single sign on. Authenticity of the one-time-use token is requested by a daemon process, and the website's public key is obtained. Upon verifying authenticity of the web site, the identity token of the user is passed to the website, to enable the website to establish single sign on with the user.

Abstract: Methods, systems, computer-readable media, and apparatuses method for performing single sign on for a user device to the Internet. User sign-in credentials including an identity token of the user are received by a hosted desktop from the user device, including an indication that the user is attempting to access a website. The website is authorized as a trusted website by a network authorization node, and the website is issued a one-time-use token. A web browser of the hosted desktop receives an application provided by the website to cause the web browser to call the hosted desktop to initiate single sign on. Authenticity of the one-time-use token is requested by a daemon process, and the website's public key is obtained. Upon verifying authenticity of the web site, the identity token of the user is passed to the website, to enable the website to establish single sign on with the user.

Abstract: Aspects of the disclosure relate to wrapping continuation tokens to support paging for multiple servers across different geolocations. An enterprise server may receive a first request for a plurality of records, and the first request for the plurality of records may request a quantity of records exceeding a page size limit. In response to receiving the first request, the enterprise server may retrieve a first set of records comprising a first number of records equal to the page size limit. The enterprise server may generate a first wrapped continuation token comprising location information identifying a geographic location of a first server where a next set of records is to be retrieved. Finally, the enterprise server may send, to the client device, the first set of records and the first wrapped continuation token, which may cause the client device to process the first set of records.

Abstract: Aspects of the disclosure relate to wrapping continuation tokens to support paging for multiple servers across different geolocations. An enterprise server may receive a first request for a plurality of records, and the first request for the plurality of records may request a quantity of records exceeding a page size limit. In response to receiving the first request, the enterprise server may retrieve a first set of records comprising a first number of records equal to the page size limit. The enterprise server may generate a first wrapped continuation token comprising location information identifying a geographic location of a first server where a next set of records is to be retrieved. Finally, the enterprise server may send, to the client device, the first set of records and the first wrapped continuation token, which may cause the client device to process the first set of records.

Abstract: Methods, systems, computer-readable media, and apparatuses method for performing single sign on for a user device to the Internet. User sign-in credentials including an identity token of the user are received by a hosted desktop from the user device, including an indication that the user is attempting to access a website. The website is authorized as a trusted website by a network authorization node, and the website is issued a one-time-use token. A web browser of the hosted desktop receives an application provided by the website to cause the web browser to call the hosted desktop to initiate single sign on. Authenticity of the one-time-use token is requested by a daemon process, and the website's public key is obtained. Upon verifying authenticity of the web site, the identity token of the user is passed to the website, to enable the website to establish single sign on with the user.

Abstract: Methods, systems, computer-readable media, and apparatuses method for integrating a cloud service under development with a production cloud system that includes at least one production service. A first scope is assigned for use in testing the first cloud service under development with the production cloud system, in which the first scope restricts access of the first cloud service under development to the production cloud system. A first user of the production cloud system is assigned to the first scope. A second scope is assigned to services of the production cloud system, which does not restrict access of the services of the production cloud system. Access to the first cloud service under development and to the at least one production cloud service is provided to the first user. Other users of the production cloud system are not provided access to the first cloud service under development.

Abstract: Methods and devices for searching and aggregating data in a distributed cloud computing environment are provided. In some embodiments, a request from a client to perform a data transaction is received by a first server. The first server simultaneously spawns a plurality of threads, each thread sending to a different server of a plurality of servers the request to perform the data transaction. A response indicating whether the data transaction was performed by the server is received by the first server and from each server of the plurality of servers. In response to an indication that the data transaction was performed by one or more servers of the plurality of servers and when the data transaction is a get transaction: data corresponding to the data transaction is received by the first server and from the one more servers, the data received from the one or more servers is aggregated by the first server to form combined data, and the first server sends the combined data to the client.

Abstract: Aspects of the disclosure relate to wrapping continuation tokens to support paging for multiple servers across different geolocations. An enterprise server may receive a first request for a plurality of records, and the first request for the plurality of records may request a quantity of records exceeding a page size limit. In response to receiving the first request, the enterprise server may retrieve a first set of records comprising a first number of records equal to the page size limit. The enterprise server may generate a first wrapped continuation token comprising location information identifying a geographic location of a first server where a next set of records is to be retrieved. Finally, the enterprise server may send, to the client device, the first set of records and the first wrapped continuation token, which may cause the client device to process the first set of records.

Abstract: Methods, systems, computer-readable media, and apparatuses method for integrating a cloud service under development with a production cloud system that includes at least one production service. A first scope is assigned for use in testing the first cloud service under development with the production cloud system, in which the first scope restricts access of the first cloud service under development to the production cloud system. A first user of the production cloud system is assigned to the first scope. A second scope is assigned to services of the production cloud system, which does not restrict access of the services of the production cloud system. Access to the first cloud service under development and to the at least one production cloud service is provided to the first user. Other users of the production cloud system are not provided access to the first cloud service under development.

Abstract: The present invention is directed towards methods and systems for delivering applications from a desktop operating system. A delivery module may receive a request from a client device of a user for access to an application, and identify that a desktop session can host the requested application. An agent may extract presentation layer elements of the requested application from presentation layer elements of other components of the desktop session, and provide, via a presentation layer protocol, the isolated presentation layer elements in a first application session to the client device for display. The delivery module may receive a second request from the user for the application, identify that the application is hosted by the desktop session and delivered in the first application session, and provide a second application session of the application from the desktop session to the user responsive to the determination.

Abstract: The present invention is directed towards methods and systems for delivering applications from a desktop operating system. A delivery module may receive a request from a client device of a user for access to an application, and identify that a desktop session can host the requested application. An agent may extract presentation layer elements of the requested application from presentation layer elements of other components of the desktop session, and provide, via a presentation layer protocol, the isolated presentation layer elements in a first application session to the client device for display. The delivery module may receive a second request from the user for the application, identify that the application is hosted by the desktop session and delivered in the first application session, and provide a second application session of the application from the desktop session to the user responsive to the determination.