Abstract: Methods and systems for handling web requests with latency awareness are described herein. A system may receive a web request from a web client, and determine, based on an exponential moving average of past response times, whether to allow the web request to be sent out to the server. Based on this determination, the system may send the web request to the server. The system may receive a response to the web request and update the exponential moving average based on the response time associated with the received response. The response may be forwarded back to the web client.

Abstract: Methods, systems, computer-readable media, and apparatuses may provide creation and management of composite tokens for use with services in a virtual environment without the user having to re-authenticate each time the user accesses a different service. A composite identity server may receive a request to upgrade a first authentication token for a user. The composite identity server may redirect a user agent to an identity provider for authentication and, in response, may receive a second authentication token for the user. The composite identity server may send the second authentication token to a federated microservice and, in response, may receive one or more claims of the second authentication token designated for inclusion in a composite token. The composite identity server may generate a composite token including the one or more claims of the first authentication token and one or more claims of the second authentication token.

Abstract: Methods and systems for handling web requests with latency awareness are described herein. A system may receive a web request from a web client, and determine, based on an exponential moving average of past response times, whether to allow the web request to be sent out to the server. Based on this determination, the system may send the web request to the server. The system may receive a response to the web request and update the exponential moving average based on the response time associated with the received response. The response may be forwarded back to the web client.

Abstract: Methods, systems, computer-readable media, and apparatuses may provide creation and management of composite tokens for use with services in a virtual environment without the user having to re-authenticate each time the user accesses a different service. A composite identity server may receive a request to upgrade a first authentication token for a user. The composite identity server may redirect a user agent to an identity provider for authentication and, in response, may receive a second authentication token for the user. The composite identity server may send the second authentication token to a federated microservice and, in response, may receive one or more claims of the second authentication token designated for inclusion in a composite token. The composite identity server may generate a composite token including the one or more claims of the first authentication token and one or more claims of the second authentication token.

Abstract: Described embodiments may provide messages via websocket connections. A messaging system may maintain, on a first network, via the messaging system instances, a plurality of persistent websocket connections between each of a plurality of on-premise connectors and each messaging system instance. The messaging system may receive a message to be sent to an endpoint on a second network of an on-premise connector of the plurality of on-premise connectors. The messaging system may identify, via a registry associating on-premise connector endpoints to messaging instances, a messaging system instance of the plurality of messaging system instances via which to send the message to the endpoint. The messaging system instance may maintain the websocket connection to the on-premise connector in communication with the endpoint. The messaging system instance may transmit the message to the endpoint via the websocket connection to the on-premise connector.

Abstract: Methods, systems, computer-readable media, and apparatuses may provide creation and management of composite tokens for use with services in a virtual environment without the user having to re-authenticate each time the user accesses a different service. A composite identity server may receive a request to upgrade a first authentication token for a user. The composite identity server may redirect a user agent to an identity provider for authentication and, in response, may receive a second authentication token for the user. The composite identity server may send the second authentication token to a federated microservice and, in response, may receive one or more claims of the second authentication token designated for inclusion in a composite token. The composite identity server may generate a composite token including the one or more claims of the first authentication token and one or more claims of the second authentication token.

Abstract: Methods, systems, computer-readable media, and apparatuses may provide creation and management of composite tokens for use with services in a virtual environment without the user having to re-authenticate each time the user accesses a different service. A composite identity server may receive a request to upgrade a first authentication token for a user. The composite identity server may redirect a user agent to an identity provider for authentication and, in response, may receive a second authentication token for the user. The composite identity server may send the second authentication token to a federated microservice and, in response, may receive one or more claims of the second authentication token designated for inclusion in a composite token. The composite identity server may generate a composite token including the one or more claims of the first authentication token and one or more claims of the second authentication token.

Abstract: Described embodiments may provide messages via websocket connections. A messaging system may maintain, on a first network, via the messaging system instances, a plurality of persistent websocket connections between each of a plurality of on-premise connectors and each messaging system instance. The messaging system may receive a message to be sent to an endpoint on a second network of an on-premise connector of the plurality of on-premise connectors. The messaging system may identify, via a registry associating on-premise connector endpoints to messaging instances, a messaging system instance of the plurality of messaging system instances via which to send the message to the endpoint. The messaging system instance may maintain the websocket connection to the on-premise connector in communication with the endpoint. The messaging system instance may transmit the message to the endpoint via the websocket connection to the on-premise connector.