International Business Machines Corporation
Synchronous multi-tenant single sign-on configuration

Abstract:

A computer implemented method for synchronizing multi-tenant single sign-on configuration. Utilizing a combination layer that is configured a single time to interact with a trust application at an identity provider. The combination layer is also configured to interact with the service provider and manages the security token and authentication state of the user. The identity provider can create a single long-lived trust application that is only responsible for redirecting to the combination layer, rather than a creating plurality of short-lived applications that redirect to a service provider every time a user login request is received. Thus, resulting in improved utilization of computing resources at the identity provider.