Abstract: The disclosed technology teaches correctly assembling a sequence of components for interacting with a user, including providing a sequence setup GUI with components that accept inputs and have input chain dependencies and outputs. The GUI supports construction of an executable sequence by connecting at least five of the components in a directed graph and tracing multiple paths through the components in the directed graph, resulting from at least one conditional branch at a first component, as the components are connected in the directed graph. Also taught is testing whether input chain dependencies of components under evaluation are satisfied when the components are invoked following any of the multiple paths and locating at least one error in use of a second component that results from failure to satisfy the input chain dependencies of the second component and reporting the error to a user, before executing the sequence and causing the error.

Abstract: The disclosed technology teaches aggregating 3rd-party risk measures during an authentication journey, including providing a risk measure aggregation node, a JSON transform, and a configuration for 3rd-party risk measures to request. Responsive to invocation of the risk measure aggregation node during the authentication journey, the method includes setting a timer for receipt of a configured 3rd-party risk measure, wherein expiration of the timer causes the risk measure aggregation node to stop waiting for a timed-out 3rd party risk measure provider and requesting the configured 3rd-party risk measures. Upon receiving at least some of the requested 3rd-party risk measures, included is applying the JSON transform to aggregate the returned 3rd-party risk measures into an aggregate score, and the risk measure aggregation node providing to another node in the authentication journey an aggregated score taking into account the configured 3rd-party risk measures received prior to expiration of the timer.

Abstract: The disclosed technology teaches initializing an application instance using a SaaS model in a project implemented on a cloud-based computing service, including running a configuration engine that links a service provider for SaaS application to set configuration parameters for the project and initializing the project in which an application instance will be built, then removing the authorization of the configuration engine to access the project and removing access to set the parameters. The technology also includes running a SaaS application infrastructure builder autonomously, without the service provider having access to the builder, to build the instance, and then delivering the application as a SaaS service.

Abstract: The disclosed technology teaches initializing an application instance using a SaaS model in a project implemented on a cloud-based computing service, including running a configuration engine that links a service provider for SaaS application to set configuration parameters for the project and initializing the project in which an application instance will be built, then removing the authorization of the configuration engine to access the project and removing access to set the parameters. The technology also includes running a SaaS application infrastructure builder autonomously, without the service provider having access to the builder, to build the instance, and then delivering the application as a SaaS service.

Abstract: The disclosed technology teaches tuning containers in pods, in a high availability environment that runs two or more pods to implement a service, while the containers are running, including instrumenting a tunable container to communicate application metrics to a tuning engine that runs in a pod and maintains current configuration state information for the container. The tuning engine accesses the application metrics and a rule that specifies tuning of resource configuration for the container. The rule combines variables in the metrics to determine whether an update should be applied to the container. The tuning engine determines a new resource configuration for the tunable container and updates the configuration state information for the container according to the new configuration. An update manager detects updating of the configuration state information and performs a rolling update of instances of the tunable container in the pods that implement the service.

Abstract: The technology disclosed relates to maintaining a cache of effective properties in an identity management system employing a graph. In particular, it relates to handling vertex/edge and/or graph topology updates in accordance with update notification requirements configured from a schema and, in conjunction with detecting updating of vertex/edge attributes and/or graph topology, recalculating effective attributes in accordance with the configured notification requirements.

Abstract: The disclosed technology teaches tuning containers in pods, in a high availability environment that runs two or more pods to implement a service, while the containers are running, including instrumenting a tunable container to communicate application metrics to a tuning engine that runs in a pod and maintains current configuration state information for the container. The tuning engine accesses the application metrics and a rule that specifies tuning of resource configuration for the container. The rule combines variables in the metrics to determine whether an update should be applied to the container. The tuning engine determines a new resource configuration for the tunable container and updates the configuration state information for the container according to the new configuration. An update manager detects updating of the configuration state information and performs a rolling update of instances of the tunable container in the pods that implement the service.

Abstract: The disclosed technology teaches correctly assembling a sequence of components for interacting with a user, including providing a sequence setup GUI with components that accept inputs and have input chain dependencies and outputs. The GUI supports construction of an executable sequence by connecting at least five of the components in a directed graph and tracing multiple paths through the components in the directed graph, resulting from at least one conditional branch at a first component, as the components are connected in the directed graph. Also taught is testing whether input chain dependencies of components under evaluation are satisfied when the components are invoked following any of the multiple paths and locating at least one error in use of a second component that results from failure to satisfy the input chain dependencies of the second component and reporting the error to a user, before executing the sequence and causing the error.

Abstract: The disclosed technology teaches tuning containers in pods, in a high availability environment that runs two or more pods to implement a service, while the containers are running, including instrumenting a tunable container to communicate application metrics to a tuning engine that runs in a pod and maintains current configuration state information for the container. The tuning engine accesses the application metrics and a rule that specifies tuning of resource configuration for the container. The rule combines variables in the metrics to determine whether an update should be applied to the container. The tuning engine determines a new resource configuration for the tunable container and updates the configuration state information for the container according to the new configuration. An update manager detects updating of the configuration state information and performs a rolling update of instances of the tunable container in the pods that implement the service.

Abstract: The disclosed technology teaches initializing an application instance using a SaaS model in a project implemented on a cloud-based computing service, including running a configuration engine that links a service provider for SaaS application to set configuration parameters for the project and initializing the project in which an application instance will be built, then removing the authorization of the configuration engine to access the project and removing access to set the parameters. The technology also includes running a SaaS application infrastructure builder autonomously, without the service provider having access to the builder, to build the instance, and then delivering the application as a SaaS service.

Abstract: The disclosed technology teaches safely attaching an access token to a browser-based request from a first app loaded by a webpage, without exposing the token to malicious code loaded by the webpage, providing an identity proxy that transparently determines which network requests to relay and a secrets management proxy that provides access tokens transparently to the requests. The identity proxy intercepts an access request from the first app to the resource server and relays the request via the secrets management proxy, which forwards the request to the resource server with an access token, receives a response from the resource server and forwards the response to the identity proxy for return to the first app. The secrets management proxy is implemented in an iFrame that has isolated storage subject to a browser-enforced same origin policy that makes the isolated storage used by the iFrame inaccessible to malicious code on the webpage.

Abstract: The disclosed technology teaches initializing an application instance using a SaaS model in a project implemented on a cloud-based computing service, including running a configuration engine that links a service provider for SaaS application to set configuration parameters for the project and initializing the project in which an application instance will be built, then removing the authorization of the configuration engine to access the project and removing access to set the parameters. The technology also includes running a SaaS application infrastructure builder autonomously, without the service provider having access to the builder, to build the instance, and then delivering the application as a SaaS service. The method further includes running a SaaS maintenance service, under sovereign control of a customer organization, to pull from the service provider and install in the project, maintenance updates for the instance, without exposing data secured by the customer organization to the service provider.