Abstract: A method is implemented by a controller executed on at least one processor. The method provides pre-authorized access to a robotic process automation for a resource associated with a job. The method includes causing, by the controller, the robotic process automation to assume a user identity during an authentication flow to enable access by the robotic process automation to a resource. The method includes issuing, by the controller, tokens to the robotic process automation during the authentication flow. The method includes enabling, by the controller via the tokens, the identity service that governs the resource to participate in operations of the controller to provide the pre-authorized access to the robotic process automation.

Abstract: Methods for composable user journeys for user authentication via an identity experience framework are performed by systems and apparatuses. Initiating a user authentication process for an application triggers application calls for dynamic invocation of a specific identity policy, required by the application, of a number of identity policies managed by a host of the identity experience framework. User interfaces defined by the identity policies are provided from the host to the application for interaction by the user and entry of identity information needed to authenticate the user according to specified verification providers. Identity claims and token requests are provided from the application to the host which then authenticates the identity claims via the verification providers and mints a token that includes the claims required by the application, according to the identity policy. The application consumes the token to complete the token request and allow the user access to the application.

Abstract: Methods for composable user journeys for user authentication via an identity experience framework are performed by systems and apparatuses. Initiating a user authentication process for an application triggers application calls for dynamic invocation of a specific identity policy, required by the application, of a number of identity policies managed by a host of the identity experience framework. User interfaces defined by the identity policies are provided from the host to the application for interaction by the user and entry of identity information needed to authenticate the user according to specified verification providers. Identity claims and token requests are provided from the application to the host which then authenticates the identity claims via the verification providers and mints a token that includes the claims required by the application, according to the identity policy. The application consumes the token to complete the token request and allow the user access to the application.

Abstract: A method is implemented by a controller executed on at least one processor. The method provides pre-authorized access to a robotic process automation for a resource associated with a job. The method includes causing, by the controller, the robotic process automation to assume a user identity during an authentication flow to enable access by the robotic process automation to a resource. The method includes issuing, by the controller, tokens to the robotic process automation during the authentication flow. The method includes enabling, by the controller via the tokens, the identity service that governs the resource to participate in operations of the controller to provide the pre-authorized access to the robotic process automation.

Abstract: Systems and methods for operating an RPA (robotic process automation) services delivery platform for implementing a plurality of RPA services on premises of a customer are provided. An installer for installing a plurality of RPA services on one or more computing systems located on premises of a customer is generating using the RPA services delivery platform. One or more of the plurality of RPA services installed on the one or more computing systems using the installer are maintained using the RPA services delivery platform.

Abstract: A business-to-consumer (B2C) cloud service hosts web applications of various businesses as an instance of a cloud service. The B2C cloud service provides an identity management engine that manages the sign-in of consumers of the businesses to a respective cloud service. The identity management engine dynamically creates a security token for the sign-in request that includes claims customized for the hosted cloud service. The claims are based on directives provided by the business and obtained from the consumer via a user interface dynamically created by the identity management engine at a sign-in request.

Abstract: According to examples, an apparatus may include a processor and a memory on which is stored machine readable instructions. The instructions may cause the processor to receive a call request for a cloud-based service and retrieve a first policy corresponding to the cloud-based service, the first policy identifying a policy reroute. The instructions may also cause the processor to determine which second policy of a plurality of second policies that corresponds to the policy reroute and retrieve the second policy that the corresponds to the policy reroute. The instructions may further cause the processor to apply the second policy on the cloud-based service and respond to the call request following the application of the second policy.

Abstract: Methods, systems, apparatuses, and computer program products are described herein that enable a service provider to manage cloud resources deployed to different customer environments, residing in different tenants of a cloud services platform using a single access token. The service provider publishes templates that specify service provider permissions with respect to cloud resource deployments. By deploying such a template, a customer authorizes the service provider to manage cloud resources deployed to the customer's environment. In particular, the deployment causes an access token granted to the service provider to be associated with the customer cloud resources. When the service provider logs into his environment, the access token is provided to the cloud resource manager.

Abstract: A system includes a processor and a computer-readable medium configured to store instructions for execution by the processor. The instructions include receiving a first document corresponding to a first application hosted by a distributed computing provider. The instructions include parsing the first document into a first data structure according to a data structure definition. The data structure definition describes an inheritance property. The instructions include, in response to presence of a first inheritance property in the first data structure: identifying an inherited document based on the first inheritance property; obtaining the inherited document; reading the inherited document; determining inheritance permissions from the inherited document; and, in response to the inheritance permissions permitting the first document to inherit the inherited document, selectively modifying the first data structure based on the inherited document.

Abstract: Methods for composable user journeys for user authentication via an identity experience framework are performed by systems and apparatuses. Initiating a user authentication process for an application triggers application calls for dynamic invocation of a specific identity policy, required by the application, of a number of identity policies managed by a host of the identity experience framework. User interfaces defined by the identity policies are provided from the host to the application for interaction by the user and entry of identity information needed to authenticate the user according to specified verification providers. Identity claims and token requests are provided from the application to the host which then authenticates the identity claims via the verification providers and mints a token that includes the claims required by the application, according to the identity policy. The application consumes the token to complete the token request and allow the user access to the application.

Abstract: According to examples, an apparatus may include a processor and a memory on which is stored machine readable instructions. The instructions may cause the processor to receive a call request for a cloud-based service and retrieve a first policy corresponding to the cloud-based service, the first policy identifying a policy reroute. The instructions may also cause the processor to determine which second policy of a plurality of second policies that corresponds to the policy reroute and retrieve the second policy that the corresponds to the policy reroute. The instructions may further cause the processor to apply the second policy on the cloud-based service and respond to the call request following the application of the second policy.

Abstract: Systems and/or methods for deploying and implementing data loss prevention (DLP) policy definition that may encapsulate the requirements, control objectives and directives, and/or the definitions of sensitive data types as stipulated directly or indirectly by the regulatory policy are disclosed. In one embodiment, DLP policies may be identified by an organization to run on top of a set of electronic file systems (e.g., email systems, file systems, web servers and the like). Organizations and their administrators may implement a set of DLP policy instance which are derived from DLP policy templates. DLP policy templates may comprise both structure and meaning—and may acquire a given DLP policy by the replacement of parameterized expressions with desired parameter values. In another embodiment, the state of the DLP policy instance may change according to the lifecycle of the policy instance deployment.

Abstract: A business-to-consumer (B2C) cloud service hosts web applications of various businesses as an instance of a cloud service. The B2C cloud service provides an identity management engine that manages the sign-in of consumers of the businesses to a respective cloud service. The identity management engine dynamically creates a security token for the sign-in request that includes claims customized for the hosted cloud service. The claims are based on directives provided by the business and obtained from the consumer via a user interface dynamically created by the identity management engine at a sign-in request.

Abstract: A system includes a processor and a computer-readable medium configured to store instructions for execution by the processor. The instructions include receiving a first document corresponding to a first application hosted by a distributed computing provider. The instructions include parsing the first document into a first data structure according to a data structure definition. The data structure definition describes an inheritance property. The instructions include, in response to presence of a first inheritance property in the first data structure: identifying an inherited document based on the first inheritance property; obtaining the inherited document; reading the inherited document; determining inheritance permissions from the inherited document; and, in response to the inheritance permissions permitting the first document to inherit the inherited document, selectively modifying the first data structure based on the inherited document.

Abstract: Systems and/or methods for deploying and implementing data loss prevention (DLP) policy definition that may encapsulate the requirements, control objectives and directives, and/or the definitions of sensitive data types as stipulated directly or indirectly by the regulatory policy are disclosed. In one embodiment, DLP policies may be identified by an organization to run on top of a set of electronic file systems (e.g., email systems, file systems, web servers and the like). Organizations and their administrators may implement a set of DLP policy instance which are derived from DLP policy templates. DLP policy templates may comprise both structure and meaning—and may acquire a given DLP policy by the replacement of parameterized expressions with desired parameter values. In another embodiment, the state of the DLP policy instance may change according to the lifecycle of the policy instance deployment.

Abstract: Methods for composable user journeys for user authentication via an identity experience framework are performed by systems and apparatuses. Initiating a user authentication process for an application triggers application calls for dynamic invocation of a specific identity policy, required by the application, of a number of identity policies managed by a host of the identity experience framework. User interfaces defined by the identity policies are provided from the host to the application for interaction by the user and entry of identity information needed to authenticate the user according to specified verification providers. Identity claims and token requests are provided from the application to the host which then authenticates the identity claims via the verification providers and mints a token that includes the claims required by the application, according to the identity policy. The application consumes the token to complete the token request and allow the user access to the application.

Abstract: Methods for composable user journeys for user authentication via an identity experience framework are performed by systems and apparatuses. Initiating a user authentication process for an application triggers application calls for dynamic invocation of a specific identity policy, required by the application, of a number of identity policies managed by a host of the identity experience framework. User interfaces defined by the identity policies are provided from the host to the application for interaction by the user and entry of identity information needed to authenticate the user according to specified verification providers. Identity claims and token requests are provided from the application to the host which then authenticates the identity claims via the verification providers and mints a token that includes the claims required by the application, according to the identity policy. The application consumes the token to complete the token request and allow the user access to the application.

Abstract: A cloud service can be merged with a client content to provide an integrated user experience. A user interface associated with a client may be accessed. In response to accessing the user interface associated with the client, redirect instructions to navigate to a cloud service may be received. In response to receiving redirect instructions, navigation to the cloud service may be performed. In response to navigating to the cloud service, merger code may be received from the cloud service. In response to receiving the merger code, content data associated with the client may be retrieved based on the received merger code, and service content associated with the cloud service may be generated. Additionally, in response to receiving the merger code, the generated service content may be merged with the retrieved client content data into a single document, and the single document may be set to be rendered for use.

Abstract: A simple mail transfer protocol (“SMTP”) computer fails to deliver a multi-recipient e-mail to another SMTP computer. The SMTP computer generates a multi-line SMTP response including a per-recipient delivery status for each recipient of the multi-recipient e-mail message. The multi-line SMTP response may include a line for each recipient of the e-mail message. The multi-line SMTP response alternatively may include a line only for recipients for which delivery of the e-mail message has failed.

Abstract: System and methods for the implementation and/or enforcement of an email policy for an organization's email system are presented. A Data Loss Prevention (DLP) policy may be implemented on top of the email system. In one embodiment, the DLP policy may comprise modules and/or processing that tests emails for such sensitive data within emails. If an email comprises such sensitive data, then the DLP policy directives may specify processing to be applied as part of each stage of mail processing, from authoring to mail processing on the server and delivery. A single policy may be authored and managed that will apply the policy directives uniformly across all aspects of the message lifecycle. Each of the message policy enforcement systems may evaluate the single policy definition and apply the policy directives in a manner consistent with the contextual evaluation of the policy.