Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of Claims
2.	This Office Action is issued in response to the Amendment filed on 6/24/2021.
Claims 1-20 are pending in this Office Action.
Claims 1-3, 8-10, and 15-17 have been amended.

Response to Arguments
3.	The previous embedded hyperlink issues and specification objection have been withdrawn in response to amendments to specification dated 6/24/2021.
The previous nonstatutory double patenting rejections are withdrawn in response to approved Terminal Disclaimer dated 6/24/2021.
35 U.S.C. §103
Applicant argues: “the Prior Art Fails to Disclose Generating a Derived Access Token for a Job that has a Longer Time to Complete than the Standard Access Token.” The Examiner respectfully disagrees.  Thomas discloses scheduling a job and using a token in executing the job (paragraphs [0029], [0030], [0043], [0053]).  Carter discloses obtaining a new token for a job that is expected to operate longer than the expiration specification (paragraph [0027]).  The combination of Thomas and Carter’s teachings makes it obvious to generate a derived token for a job that has a longer time to 
New rejections are applied for amended limitations as followed.

Claim Rejections - 35 U.S.C. § 103
4.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.	

5.	Claims 1, 4, 7, 8, 11, 14, 15, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Thomas et al. (US 2008/0301685), hereinafter “Thomas”, in view of Carter et al. (US 2012/0017085), hereinafter “Carter” and in view of Wright et al. (US 2019/0303887), hereinafter “Wright”.
	Regarding claim 1, Thomas discloses a non-transitory computer readable medium having instructions stored thereon that, when executed by one or more processors, cause the processors to provide cloud based identity management (paragraphs [0025]-[0026]), the providing comprising: 
	[providing, by a cloud based identity management system, a request access token to a user, the request access token required to invoke a scheduling of an identity management job executed by the cloud based identity management system, the request access token comprising a first validity time and comprising a set of access privileges]; 
(paragraphs [0009], [0043], [0053]), [wherein the job has a timeframe to complete that exceeds the first validity time of the request access token]; 
validating the request access token (paragraph [0053]); 
scheduling the job (paragraphs [0029]-[0030]); 
persisting the request access token (paragraph [0009]: creation of token; paragraph [0053]:  it is obvious to store a created token and retrieved it for using at scheduled time); triggering the job at a scheduled start time (paragraph [0031]: payload is delivered as scheduled); 
Thomas does not explicitly disclose providing, by a cloud based identity management system, a request access token to a user, the request access token required to invoke a scheduling of an identity management job executed by the cloud based identity management system, the request access token comprising a first validity time and comprising a set of access privileges, the job has a timeframe to complete that exceeds a first validity time of a request access token, generating a derived access token based on the request access token, wherein the derived access token comprises the access privileges and comprises a second validity time that is greater than the timeframe to complete; injecting the derived access token; and calling a service using the derived access token to execute the job.  However, Carter discloses a cloud based identity management system provides access token (paragraph [0004], Fig. 2, boxes 250 and 251: communication between cloud agent with security manager to obtain a security token that could be used for future requests within the target cloud environment.  Paragraphs [0023] and [0029]: security token is issued by security manager and is used for future request) with (paragraph [0023] and [0027]: identity is equivalent to a token), obtaining a new token for a job that operates longer than the expiration specification (paragraph [0027]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Thomas’s teaching of job scheduling with Carter’s teaching of a cloud based identity management system provides an access token with validity time and a set of access privileges and obtaining a new token for a job that operates longer than the expiration specification.  The motivation to do so would be to ensure network efficiency as taught by Carter (paragraph [0015]).
Thomas and Cater do not explicitly disclose the derived access token comprises a same set of access privileges as the request token.  However, additional tokens with the same rights as a first token is known in the art and Wright’s teaching is an example (paragraph [0227]).  Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Thomas and Carter’s teachings of job scheduling using a cloud based identity management system provides access token with validity time and a set of access privileges and obtaining a new token for a job that operates longer than the expiration specification with Wright’s teaching of additional tokens with the same rights as a first token because the result would be predictable and resulted in having the derived access token with the same set of access privileges as the request token.
Regarding claim 4, Thomas, Carter and Wright disclose the non-transitory computer readable medium of claim 1, wherein the calling the service comprises (Thomas, paragraph [0071] and Fig. 16 with associated text).
Regarding claim 7, Thomas, Carter and Wright disclose the non-transitory computer readable medium of claim 1, wherein the request comprises an identity of a tenant of a plurality of tenants that comprises a resource needed to execute the job (Thomas, paragraphs [0001] and [0008]: different scheduling jobs are delivered to different receivers of an enterprise).
Claims 8, 11, and 14 claim similar subject matters to claims 1, 4, and 7 respectively; therefore, claims 8, 11, and 14 are rejected at least for the same reasons as claims 1, 4, and 7 respectively.
Claims 15 and 18 claim similar subject matters to claims 1 and 4 respectively; therefore, claims 15 and 18 are rejected at least for the same reasons as claims 1 and 4 respectively.
6.	Claims 5, 12, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Thomas et al. (US 2008/0301685), hereinafter “Thomas”, in view of Carter et al. (US 2012/0017085), hereinafter “Carter”, in view of Wright et al. (US 2019/0303887), hereinafter “Wright” and in view of Park et al. (US 2011/0067097), hereinafter “Park”.
Regarding claim 5, Thomas, Carter and Wright disclose the non-transitory computer readable medium of claim 1.  Thomas, Carter and Wright do not explicitly disclose the request access token is persisted with metadata corresponding to the job.  However, storing token with metadata corresponding to the job is known in the art and (Figs 3 and 4 with associated text: authentication keys are stored with corresponding functions).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Thomas, Carter and Wright’s teachings of job scheduling, obtaining a derived token for a job that operates longer than the expiration specification and the derived token comprises a same set of access privileges as the request token with Park’s teaching of storing token with metadata corresponding to the job because the results would be predictable and resulted in storing the token with its corresponding data.
Claims 12 and 19 claim similar subject matters to claim 5; therefore, claims 12 and 19 are rejected at least for the same reasons as claim 5.
7.	Claims 6, 13, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Thomas et al. (US 2008/0301685), hereinafter “Thomas”, in view of Carter et al. (US 2012/0017085), hereinafter “Carter”, in view of Wright et al. (US 2019/0303887), hereinafter “Wright”, in view of Park et al. (US 2011/0067097), hereinafter “Park” and in view of Brady et al. (US 2015/0271200), hereinafter “Brady”.
Regarding claim 6, Thomas, Carter, Wright and Park disclose the non-transitory computer readable medium of claim 5. Thomas, Carter, Wright and Park do not explicitly disclose the request access token is retrieved from the metadata and decoded.  However, storing encrypted token is known in the art and Brady’s teaching is an example (paragraph [0098]).

Claims 13 and 20 claim similar subject matters to claim 6; therefore, claims 13 and 20 are rejected at least for the same reasons as claim 6.

Allowable Subject Matter
8.	Claims 2, 3, 9, 10, 16, and 17 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Conclusion
9.	Applicant’s amendment necessitated the new ground(s) of rejection presented in this Office Action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to THANH T. LE whose telephone number is (571)270-0279.  The examiner can normally be reached on Monday-Thursday 8:00 am - 2:00 pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).  If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


Examiner, Art Unit 2495

/JASON K GEE/Primary Examiner, Art Unit 2495