# How to Verify Anonymous Users Using Third-Party Identity Services > A method for a system to identify and authorize a user it doesn't know by asking a different, trusted service that already has the user's information. - **Patent:** US 8688813 - **Original title:** Using identity/resource profile and directory enablers to support identity management - **Owner:** Oracle International Corp - **Granted:** 2014 - **Status:** Public domain (expired) - **Times cited:** 39 - **Field:** software, telecommunications, ecommerce, ai_ml ## What it does This patent describes a way for a computer system (the profile enabler) to handle a request from a user it does not recognize. Instead of rejecting the user, the system contacts a directory enabler to find a third-party service that actually knows who the user is. The directory enabler selects an appropriate service based on the user's request, and the profile enabler then asks that service to authenticate the user. Once authenticated, the third-party service provides an identity result, such as a security token or an attribute, allowing the original system to grant or deny access to a resource. ## What it does NOT cover - Does not cover systems where the profile enabler already has the user's credentials. - Does not cover direct authentication where the user logs in directly to the primary system. - Does not cover scenarios where no third-party service can be identified to verify the user. - Does not cover the specific encryption algorithms used to secure the identity tokens. ## The clever bit The system treats the 'anonymous' user as a routing problem: by using a directory enabler to match an unknown user to a known provider, it creates a bridge between isolated identity silos. ## Real-world examples 1. OAuth 2.0 and OpenID Connect workflows 2. Single Sign-On (SSO) portals 3. Cross-domain identity federation ## Why it matters This technology is foundational for modern federated identity management, such as 'Log in with Google' or 'Sign in with Apple.' It allows different organizations to share trust, enabling users to access resources across the internet without creating a new account for every single service they encounter. ## Frequently asked questions ### What does How to Verify Anonymous Users Using Third-Party Identity Services cover? A method for a system to identify and authorize a user it doesn't know by asking a different, trusted service that already has the user's information. ### Who owns patent US 8688813? Oracle International Corp owns this patent, granted in 2014. ### When does this patent expire? This patent is expected to expire on April 1, 2034, when the invention enters the public domain. ### What is patent US 8688813 cited by? This patent has been cited by 39 later patents that build on its ideas. ### What problem does this patent solve? This technology is foundational for modern federated identity management, such as 'Log in with Google' or 'Sign in with Apple.' It allows different organizations to share trust, enabling users to access resources across the internet without creating a new account for every single service they encounter. ### What does this patent NOT cover? Does not cover systems where the profile enabler already has the user's credentials. **Full plain-English explainer:** https://patentbrief.org/patent/us/8688813/kindle-fire-tablet **Original patent:** https://patents.google.com/patent/US8688813 --- _Source: PatentBrief — https://patentbrief.org. Patent facts are from public records; the plain-English explanation is PatentBrief's._