What technology area does this patent fall under?

Primary CPC classification G06F21/31. Mapped technology areas include Physics.

When was this patent published?

Publication date Thu Mar 19 2026 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).

Customized identity and access management token generation

US2026080039A1 · US · A1

Patent metadata
Field	Value
Publication number	US-2026080039-A1
Application number	US-202418886485-A
Country	US
Kind code	A1
Filing date	Sep 16, 2024
Priority date	Sep 16, 2024
Publication date	Mar 19, 2026
Grant date	—

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

To generate custom identity and access management (IAM) tokens, an IAM service may receive a set of instructions from an organization to modify a set of parameters of a respective IAM token to enable customized access to one or more services associated with the organization. Further, the IAM service may receive a request for an IAM token from an application associated with the organization based on the IAM service receiving the set of instructions. In response to the request, the IAM service may generate the IAM token for the application and may execute the set of instructions received from the organization to generate a modified IAM token from the initial IAM token. The IAM service may then transmit the modified IAM token to the application based on executing the set of instructions to generate and obtain the modified IAM token.

First claim

Opening claim text (preview).

What is claimed is: 1 . A method for identity and access management (IAM) token generation, comprising: receiving, from an organization, a set of instructions to modify a respective IAM token, wherein the set of instructions are for modifying a set of parameters of the respective IAM token to enable customized access to one or more services associated with the organization; receiving, from the organization via an application, a request for an IAM token based at least in part on receiving the set of instructions; generating, in response to the request, the IAM token for the application; executing the set of instructions received from the organization to generate a modified IAM token using the IAM token; and transmitting, to the application, the modified IAM token based at least in part on executing the set of instructions to obtain the modified IAM token. 2 . The method of claim 1 , further comprising: receiving, from the organization, a second set of instructions to modify a first IAM token that is used to access the one or more services associated with the organization, wherein the second set of instructions indicate instructions for modifying a set of parameters of the first IAM token to enable access to an identity provider; receiving, from the organization via the application and based at least in part on receiving the second set of instructions, a request for information from the identity provider, the request comprising the first IAM token; executing, in response to receiving the request, the second set of instructions to generate a second IAM token to enable access to the identity provider; querying the identity provider using the second IAM token generated by executing the second set of instructions to obtain the information associated with the request; and transmitting, to the application, the information associated with the request based at least in part on querying the identity provider. 3 . The method of claim 2 , wherein the second set of instructions are executed when the request is received or subsequent to receiving the request. 4 . The method of claim 1 , wherein executing the set of instructions comprises: including in the modified IAM token that is generated via the set of instructions an indication that the modified IAM token was generated based at least in part on executing the set of instructions, including a signature from an identity provider in the modified IAM token, or both. 5 . The method of claim 4 , further comprising: receiving, from the application, a request comprising the modified IAM token that comprises the indication; and transmitting, to the application, a denial of the request based at least in part on the modified IAM token comprising the indication. 6 . The method of claim 1 , wherein executing the set of instructions comprises: modifying one or more parameters of the IAM token to generate the modified IAM token. 7 . The method of claim 6 , wherein modifying the one or more parameters of the IAM token comprises adding additional parameters, removing parameters, updating a value of one or more respective parameters, or any combination thereof. 8 . The method of claim 1 , wherein receiving the set of instructions comprises: receiving, from the organization, a unit of executable code, a computer program, or a combination thereof that include the set of instructions. 9 . An apparatus for identity and access management (IAM) token generation, comprising: one or more memories storing processor-executable code; and one or more processors coupled with the one or more memories and individually or collectively operable to execute the code to cause the apparatus to: receive, from an organization, a set of instructions to modify a respective IAM token, wherein the set of instructions are for modifying a set of parameters of the respective IAM token to enable customized access to one or more services associated with the organization; receive, from the organization via an application, a request for an IAM token based at least in part on receiving the set of instructions; generate, in response to the request, the IAM token for the application; execute the set of instructions received from the organization to generate a modified IAM token using the IAM token; and transmit, to the application, the modified IAM token based at least in part on executing the set of instructions to obtain the modified IAM token. 10 . The apparatus of claim 9 , wherein the one or more processors are individually or collectively further operable to execute the code to cause the apparatus to: receive, from the organization, a second set of instructions to modify a first IAM token that is used to access the one or more services associated with the organization, wherein the second set of instructions indicate instructions for modifying a set of parameters of the first IAM token to enable access to an identity provider; receive, from the organization via the application and based at least in part on receiving the second set of instructions, a request for information from the identity provider, the request comprising the first IAM token; execute, in response to receiving the request, the second set of instructions to generate a second IAM token to enable access to the identity provider; query the identity provider using the second IAM token generated by executing the second set of instructions to obtain the information associated with the request; and transmit, to the application, the information associated with the request based at least in part on querying the identity provider. 11 . The apparatus of claim 9 , wherein, to execute the set of instructions, the one or more processors are individually or collectively operable to execute the code to cause the apparatus to: include in the modified IAM token that is generated via the set of instructions an indication that the modified IAM token was generated based at least in part on executing the set of instructions, including a signature from an identity provider in the modified IAM token, or both. 12 . The apparatus of claim 11 , wherein the one or more processors are individually or collectively further operable to execute the code to cause the apparatus to: receive, from the application, a request comprising the modified IAM token that comprises the indication; and transmit, to the application, a denial of the request based at least in part on the modified IAM token comprising the indication. 13 . The apparatus of claim 9 , wherein, to execute the set of instructions, the one or more processors are individually or collectively operable to execute the code to cause the apparatus to: modify one or more parameters of the IAM token to generate the modified IAM token. 14 . The apparatus of claim 13 , wherein modifying the one or more parameters of the IAM token comprises adding additional parameters, removing parameters, updating a value of one or more respective parameters, or any combination thereof. 15 . A non-transitory computer-readable medium storing code for identity and access management (IAM) token generation, the code comprising instructions executable by one or more processors to: receive, from an organization, a set of instructions to modify a respective IAM token, wherein the set of instructions are for modifying a set of parameters of the respective IAM token to enable customized access to one or more services associated with the organization; receive, from the organization via an application, a request for an IAM token based at least in part on receiving the set of instructions; genera

Assignees

Okta Inc

Inventors

Classifications

G06F21/31Primary
User authentication · CPC title

Patent family

Related publications grouped by family.

View patent family 99059824

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US2026080039A1 cover?: To generate custom identity and access management (IAM) tokens, an IAM service may receive a set of instructions from an organization to modify a set of parameters of a respective IAM token to enable customized access to one or more services associated with the organization. Further, the IAM service may receive a request for an IAM token from an application associated with the organization base…
Who is the assignee on this patent?: Okta Inc
What technology area does this patent fall under?: Primary CPC classification G06F21/31. Mapped technology areas include Physics.
When was this patent published?: Publication date Thu Mar 19 2026 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).