Bank of America Corporation
Systems and methods for simulated single sign-on

Abstract:

A system provides access to a third-party application by a user without revealing at least one sign-on credential used to access the application to the user. The system includes an access management server and a permission server. The access management server hosts a user portal. In response to a user input from the user portal requesting to access the application, the access management server requests, from the permission server, confirmation of user's permission to access the application. The permission server determines whether access is confirmed using stored permission data, which includes applications the user is currently permitted to access. If the permission server confirms the user's permission, the access management server redirects the user to a sign-on page of the application, automatically enter the sign-on credentials in an anonymized format that is not readable by the user, and automatically submits the sign-on credentials.