Patents Assigned to Okta, Inc.
  • Patent number: 9852286
    Abstract: An identity management system detects the occurrence of a trigger event, such as a time period expiration, or an action on the identity management system. The identity management system accordingly generates a new password for an account of a user on a third-party service and causes the account of the user on the third-party service to use the new password. The identity management system may also a mobile device management system to configure a client of the user with the new password.
    Type: Grant
    Filed: May 27, 2015
    Date of Patent: December 26, 2017
    Assignee: Okta, Inc.
    Inventors: Hector Aguilar-Macias, Reman P. Child, Xin Gu, Jonathan R. Todd, Thomas M. Belote
  • Patent number: 9548976
    Abstract: After an initial user sign-on with an identity provider, and in response to an intention of the user to use a third-party application executing on a client device of the user and requiring user sign-on, the identity provider provides a client script to the third-party application. The client script facilitates user and application authentication and invokes a trusted broker application that interacts with the identity provider to enable the user to use the third-party application. The use of the trusted broker application provided by the identity provider frees the authors of third-party applications from the need to modify their applications to explicitly sign in with the identify provider.
    Type: Grant
    Filed: May 4, 2015
    Date of Patent: January 17, 2017
    Assignee: Okta, Inc.
    Inventors: Thomas M. Belote, Hassen Karaa, Christine Wang, Vinoth Jayaraman
  • Patent number: 9191364
    Abstract: An on-premise software application (“OPA”) is communicated with according to an action received from outside a firewall. The action concerns user account information maintained by the OPA. The OPA is installed on a device located inside the firewall. The action is received from a management server located outside the firewall. The action includes a portion that adheres to a standardized format. An OPA interface request is generated based on the action. The OPA interface request includes the standardized portion. The OPA interface request is sent to an agent/OPA interface.
    Type: Grant
    Filed: December 4, 2013
    Date of Patent: November 17, 2015
    Assignee: Okta, Inc.
    Inventors: Christopher Barbara, RaghuRam Pamidimarri
  • Patent number: 9146733
    Abstract: Updating integration metadata in a system includes determining at a services management platform that a service provider software code has changed in a manner that affects a canonical feature provided by the service management platform with respect to a service of the service provider to end users, wherein the canonical feature is provided at least in part by interacting with the service provider on the behalf of a user; and implementing at the services management platform, with respect to at least a subset of users, an accommodation that enables the canonical feature to be provided subsequent to the service provider software code having been changed.
    Type: Grant
    Filed: October 3, 2014
    Date of Patent: September 29, 2015
    Assignee: Okta, Inc.
    Inventors: Todd McKinnon, Matthew Mihic
  • Patent number: 9055031
    Abstract: A check in communication is received from an agent running inside a firewall via a permitted firewall communication channel. The check in communication is received via the permitted firewall communication channel without modifying a firewall configuration. The check in communication is responding to with an instruction to be performed by the agent running inside the firewall, where the response is via the permitted firewall communication channel.
    Type: Grant
    Filed: April 30, 2014
    Date of Patent: June 9, 2015
    Assignee: Okta, Inc.
    Inventors: Todd McKinnon, Kristoffer J. Grandy
  • Patent number: 9009858
    Abstract: A method for operating a distributed data management and control enclave comprises providing a policy that identifies a set of data to be managed and controlled. The policy further identifies devices upon which the data may be transferred and the conditions under which that data may be transferred to the identified devices. A first data management and control system to be used on a first device is then defined in the policy. A second management and control system to be used on a second device is then defined in the policy. The second data management and control system can be distinct from the first data management and control system. The specified data management and control system is then instantiated on a device. The specified data management and control system is then used to manage and control data on the device in accordance with the policy.
    Type: Grant
    Filed: March 14, 2013
    Date of Patent: April 14, 2015
    Assignee: Okta, Inc.
    Inventors: Kevin Eugene Sapp, II, Victor Ronin
  • Patent number: 8965991
    Abstract: A request is received for a service provider to perform an action associated with a canonical feature. Metadata associated with the service provider is used to interact with the service provider in a way that causes the service provider to perform the action.
    Type: Grant
    Filed: February 5, 2014
    Date of Patent: February 24, 2015
    Assignee: Okta, Inc.
    Inventors: Todd McKinnon, Matthew Mihic
  • Patent number: 8881129
    Abstract: Updating integration metadata in a multi-tenant system includes determining at a multi-tenant services management platform that a service provider software code has changed in a manner that affects a canonical feature provided by the multi-tenant service management platform with respect to a service of the service provider to end users associated with one or more tenants of the multi-tenant services management platform, wherein the canonical feature is provided at least in part by interacting with the service provider on the behalf of a user; and implementing at the multi-tenant services management platform, with respect to at least a subset of said one or more tenants, an accommodation that enables the canonical feature to be provided subsequent to the service provider software code having been changed.
    Type: Grant
    Filed: May 24, 2011
    Date of Patent: November 4, 2014
    Assignee: Okta, Inc.
    Inventors: Todd McKinnon, Matthew Mihic
  • Patent number: 8839408
    Abstract: A check in communication is received from an agent running inside a firewall via a permitted firewall communication channel. The check in communication is received via the permitted firewall communication channel without modifying a firewall configuration. The check in communication is responding to with an instruction to be performed by the agent running inside the firewall, where the response is via the permitted firewall communication channel.
    Type: Grant
    Filed: November 10, 2010
    Date of Patent: September 16, 2014
    Assignee: Okta, Inc.
    Inventors: Todd McKinnon, Kristoffer J. Grandy
  • Publication number: 20140096227
    Abstract: An on-premise software application (“OPA”) is communicated with according to an action received from outside a firewall. The action concerns user account information maintained by the OPA. The OPA is installed on a device located inside the firewall. The action is received from a management server located outside the firewall. The action includes a portion that adheres to a standardized format. An OPA interface request is generated based on the action. The OPA interface request includes the standardized portion. The OPA interface request is sent to an agent/OPA interface.
    Type: Application
    Filed: December 4, 2013
    Publication date: April 3, 2014
    Applicant: Okta, Inc
    Inventors: Christopher Barbara, RaghuRam Pamidimarri
  • Patent number: 8661084
    Abstract: A request is received for a service provider to perform an action associated with a canonical feature. Metadata associated with the service provider is used to interact with the service provider in a way that causes the service provider to perform the action.
    Type: Grant
    Filed: August 27, 2010
    Date of Patent: February 25, 2014
    Assignee: Okta, Inc.
    Inventors: Todd McKinnon, Matthew Mihic