Abstract: Described embodiments provide systems, methods, non-transitory computer-readable medium for initiating one-factor or multi-factor authentication. A device comprising one or more processors and coupled to memory. The device can receive a request to authenticate a user to enable access to an application by the user. The request can originate from an Internet Protocol (IP) address external to a network hosting the application. The device can determine that a previous request to authenticate the user originated from the IP address and was approved based on successful completion of multi-factor authentication by the user. The device can provide, responsive to the determination, the user with access to the application using one-factor authentication instead of the multi-factor authentication.

Abstract: Described embodiments provide systems, methods, non-transitory computer-readable medium for using a single sign-on (SSO) to access an application. A client application on a client device in communication with an identity provider and an application on a remote computing device. The client application can authenticate a user via an identity provider to establish an authentication session. The client application can identify a request to access a uniform resource locator (URL) of the application hosted on the remote computing device. The client application can determine that a configuration of the client application identifies a remapped URL for the URL is available. The client application can access the remapped URL instead of the URL to cause the user to use the authentication session of the identity provider and be redirected from the identity provider to a link of the application on the remote computing device.

Abstract: Methods and systems for token transfer are described herein. A remote computing device may receive, from a mobile computing device, a public key of a public-private key pair. The public key may be associated with a first application of the mobile computing device. The first application may be configured to send credentials to a second application of the mobile computing device. The second application may be isolated from other applications executable on the mobile computing device. The remote computing device may receive, from the first application, a token. The token may have been previously issued to the first application and may have been encrypted, using the public key, by the first application. The remote computing device may send, to the second application, the token to enable the second application to authenticate with a plurality of services that interact with the second application.

Abstract: Described embodiments provide systems, methods, computer readable media for accessing services via identity providers. A computing device may transmit, responsive to a request from a client to access a service, a value to the client. The client may be configured to access the service using an access token. The computing device may receive, from the client, a signature, the signature generated using the value, a device identifier, and a first encryption key. The computing device may determine, using the value and a second encryption key, the device identifier from the signature. The computing device may identify a status of the client according to the device identifier. The computing device may provide, responsive to the status, a new access token to permit access to the access and a refresh token to obtain subsequent access tokens.

Abstract: Described embodiments provide systems and methods for selecting a version of an application to launch for a client device according to a context of the client device. A computing device can receive a request from a client device to launch an application. The request can include an identifier that indicates multiple versions of the application are accessible in which to launch the application. The computing device can select, using the identifier, a version of the application according to a context of the client device. The computing device can provide the client device with access to the selected version of the application, so as to enable the client device to launch a version of the application compatible with the context of the client device.

Abstract: Described embodiments provide systems, methods, non-transitory computer-readable medium for using a single sign-on (SSO) to access an application. A client application on a client device in communication with an identity provider and an application on a remote computing device. The client application can authenticate a user via an identity provider to establish an authentication session. The client application can identify a request to access a uniform resource locator (URL) of the application hosted on the remote computing device. The client application can determine that a configuration of the client application identifies a remapped URL for the URL is available. The client application can access the remapped URL instead of the URL to cause the user to use the authentication session of the identity provider and be redirected from the identity provider to a link of the application on the remote computing device.

Abstract: Described embodiments provide systems, methods, non-transitory computer-readable medium for initiating one-factor or multi-factor authentication. A device comprising one or more processors and coupled to memory. The device can receive a request to authenticate a user to enable access to an application by the user. The request can originate from an Internet Protocol (IP) address external to a network hosting the application. The device can determine that a previous request to authenticate the user originated from the IP address and was approved based on successful completion of multi-factor authentication by the user. The device can provide, responsive to the determination, the user with access to the application using one-factor authentication instead of the multi-factor authentication.

Abstract: Methods and systems for token transfer are described herein. A remote computing device may receive, from a mobile computing device, a public key of a public-private key pair. The public key may be associated with a first application of the mobile computing device. The first application may be configured to send credentials to a second application of the mobile computing device. The second application may be isolated from other applications executable on the mobile computing device. The remote computing device may receive, from the first application, a token. The token may have been previously issued to the first application and may have been encrypted, using the public key, by the first application. The remote computing device may send, to the second application, the token to enable the second application to authenticate with a plurality of services that interact with the second application.

Abstract: System and methods discussed for automatically generating conversation-based reports from email threads for easier and more intuitive user-consumption may include a parser, configured to identify all related emails, extract relevant portions of each email including embedded or in-line comments within quoted portions, and generate a single report document that presents the conversation in chronological order. Duplicate portions of each email are automatically removed and excluded from the report, reducing memory and bandwidth requirements, and also making the report more intuitive and easier to read. Attachments to the email may be included in the report, with additional deduplication to further reduce memory and bandwidth requirements.

Abstract: Methods and systems for token transfer are described herein. A remote computing device may receive, from a mobile computing device, a public key of a public-private key pair. The public key may be associated with a first application of the mobile computing device. The first application may be configured to send credentials to a second application of the mobile computing device. The second application may be isolated from other applications executable on the mobile computing device. The remote computing device may receive, from the first application, a token. The token may have been previously issued to the first application and may have been encrypted, using the public key, by the first application. The remote computing device may send, to the second application, the token to enable the second application to authenticate with a plurality of services that interact with the second application.

Abstract: In one embodiment, a method includes: receiving an input by an application executable on a computing device, the application being presented in a first window displayable on the computing device and configured to provide access to another application, and the another application being displayable in a second window different than the first window; and providing by the application a message to the another application to modify access to content of the another application via the computing device in response to receipt of the input by the application, so as prevent display of the content within the second window of the computing device.

Abstract: Methods and systems for recording, tracking, and analyzing digital software usage in a distributed database that is used by multiple participants are described herein. A single usage event may occur, and may be identified by a client device. The usage event may be emitted to one or more nodes, which may include an aggregator node and/or one or more validator nodes. A block in a distributed database may be created to record the usage event. A mixed-mode mechanism may be used by one or more devices to validate the usage event.

Abstract: A mobile computing device includes a memory and a processor cooperating with the memory to operate a first native SaaS application requiring authentication to access a first SaaS service, and operate a virtual private network (VPN) application. The VPN application is to store an identity provider (IDP) authentication token based on authentication of the VPN application with an identity provider, and intercept traffic from the first SaaS service to the first native SaaS application. The intercepted traffic is modified by inserting the IDP authentication token to be presented to the identity provider without requiring the user to login for authentication, and with the identity provider providing a first SaaS application access token to the VPN application upon authentication.

Abstract: Methods and systems for token transfer are described herein. A remote computing device may receive, from a mobile computing device, a public key of a public-private key pair. The public key may be associated with a first application of the mobile computing device. The first application may be configured to send credentials to a second application of the mobile computing device. The second application may be isolated from other applications executable on the mobile computing device. The remote computing device may receive, from the first application, a token. The token may have been previously issued to the first application and may have been encrypted, using the public key, by the first application. The remote computing device may send, to the second application, the token to enable the second application to authenticate with a plurality of services that interact with the second application.

Abstract: Systems and methods for accessing single-tenant databases comprising a multi-tenant aware cluster manager in communication with instances of single-tenant databases are described. The cluster manager can establish a uniform resource locator (URL) unique for each tenant to access the cluster manager. Each of the instances of single-tenant databases can include data for a corresponding tenant. The cluster manager can receive a request from a client to access a database corresponding to the first tenant. The request can include the URL established for the first tenant. The cluster manager can identify the first tenant based on the URL of the request. The cluster manager can obtain, responsive to identification of the first tenant, a tenant context of the first tenant from a storage. The cluster manager can access, using the first tenant context and responsive to the request, a first instance of the single-tenant databases corresponding to the first tenant.

Abstract: A mobile computing device is configured to allow a user to launch native SaaS applications from different vendors using a single-sign-on without having to modify or hook the native SaaS applications. A VPN application operates as man-in-the-middle (MITM) for identity provider requests from SaaS services. The VPN application is initially authenticated with the identity provider, and receives an IDP authentication token which is stored. The IDP authentication token is used for authentication requests from SaaS services.

Abstract: Methods and systems for providing a token to a protected portion of a computing device are described herein. A computing device may comprise a first portion and a second portion, and the second portion may be prevented by a security policy from interacting with the first portion. A server may receive, from a first application executing on a first portion of the computing device, a token. The server may generate a key based on the token. The server may send the key to a second portion of the computing device. The second portion of the computing device may send a request for the token, and the request may comprise the key. The server may send the token to the second portion of the computing device. The token may be encrypted such that the unencrypted token is not available to the server.

Abstract: Described embodiments provide systems, methods, computer readable media for accessing services via identity providers. A computing device may transmit, responsive to a request from a client to access a service, a value to the client. The client may be configured to access the service using an access token. The computing device may receive, from the client, a signature, the signature generated using the value, a device identifier, and a first encryption key. The computing device may determine, using the value and a second encryption key, the device identifier from the signature. The computing device may identify a status of the client according to the device identifier. The computing device may provide, responsive to the status, a new access token to permit access to the access and a refresh token to obtain subsequent access tokens.

Abstract: Described embodiments provide systems and methods for selecting a version of an application to launch for a client device according to a context of the client device. A computing device can receive a request from a client device to launch an application. The request can include an identifier that indicates multiple versions of the application are accessible in which to launch the application. The computing device can select, using the identifier, a version of the application according to a context of the client device. The computing device can provide the client device with access to the selected version of the application, so as to enable the client device to launch a version of the application compatible with the context of the client device.

Abstract: Systems and methods for accessing single-tenant databases comprising a multi-tenant aware cluster manager in communication with instances of single-tenant databases are described. The cluster manager can establish a uniform resource locator (URL) unique for each tenant to access the cluster manager. Each of the instances of single-tenant databases can include data for a corresponding tenant. The cluster manager can receive a request from a client to access a database corresponding to the first tenant. The request can include the URL established for the first tenant. The cluster manager can identify the first tenant based on the URL of the request. The cluster manager can obtain, responsive to identification of the first tenant, a tenant context of the first tenant from a storage. The cluster manager can access, using the first tenant context and responsive to the request, a first instance of the single-tenant databases corresponding to the first tenant.