DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to the amendment filed on 11/9/2021.
In the instant amendment, claims 1-3, 5, 8, 9, 11-13, 15, 16 and 18-20 have been amended; claims 1, 11 and 20 are independent claims. Claims 1-20 have been examined and are pending. This Action is made Final. 

Response to Arguments
The rejections of claims 8, 9, and 18 under 35 U.S.C. § 112(b) are withdrawn as the claims have been amended.
Applicant Argument with respect to rejections of Claims 1-20 under 35 U.S.C. § 102(a)(1)/ 35 U.S.C. § 103 have been considered but are moot in view of the new ground(s) of rejection.








Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claim(s) 1-4, 6-14 and 16-20  is/are rejected under 35 U.S.C. 103 as being unpatentable over Mortimore, Jr. et al. (US 2016/0301679 A1) in view of Bocanegra Alvarez et al. (US 2015/0113626 A1).

Regarding Claim 1;
Mortimore, Jr. discloses a method comprising: 
([0025] - In one embodiment, when attempting to access resource environment 140, a user is presented with login interface 180, which can be, for example, a login screen requesting a user name and/or password, or any other type of login interface and [0028]-[0030] – Login Interface... TOTP Login Interface);
identifying a first user, by the computing device, with a first degree of accuracy based on the first input, wherein the first degree of accuracy is insufficient to authenticate the first user ([0025]-[0026] - In response to receiving some login information, a profile for the user and/or client device is determined. The profile can be based on, for example, the user's position within an organization (e.g., sales, IT, legal, support), whether or not the user has completed required activities (e.g., complete HR profile, training certificates, agreed to terms of service), additional verification/validation can be performed (e.g., third-party validation, two-factor authentication, TOTP) and/or other types of information. In one embodiment, before the log in process is completed, the user is routed through profile flow(s) 182 and any corresponding action(s) 184 can be taken and [0028]-[0030] – Login Interface... TOTP Login Interface)); The examiner notes receiving some login information in which a profile is determined is identifying with a first degree of accuracy based on first input, and as login flows are needed before the login process is completed that represents wherein the first degree of accuracy is insufficient to authenticate the first user.
configuring a client device based on the identified first user ([0025] - In response to receiving some login information, a profile for the user and/or client device is determined. The profile can be based on, for example, the user's position within an organization (e.g., sales, IT, legal, support) and [0026] - In one embodiment, before the log in process is completed, the user is routed through profile flow(s) 182 and any corresponding action(s) 184 can be taken and [0037] - The users of user systems 312 may differ in their respective capacities, and the capacity of a particular user system 312 might be entirely determined by permissions (permission levels) for the current user. For example, where a salesperson is using a particular user system 312 to interact with system 316, that user system has the capacities allotted to that salesperson. However, while an administrator is using that user system to interact with system 316, that user system has the capacities allotted to that administrator... Thus, different users will have different capabilities with regard to accessing and modifying application and database information, depending on a user's security or permission level and [0044] – configured to provide ... user (client) systems 312 to support the access by user systems 312) The examiner notes allotting are forms of configuration as users of user systems 312 may differ in their respective capacities, and the capacity of a particular user system 312 might be entirely determined by permissions (permission levels) for the current user. For example, where a salesperson is using a particular user system 312 to interact with system 316, that user system has the capacities allotted to that salesperson. However, while an administrator is using that user system to interact with system 316, that user system has the capacities allotted to that administrator and such allotting is based on profile determination during the login flow, see [0025] - In response to receiving some login information, a profile for the user and/or client device is determined. The profile can be based on, for example, the user's position within an organization (e.g., sales, IT, legal, support).
...receiving second input comprising user authentication information ([0028]-[0030] – Login Interface... TOTP Login Interface and [0031]-[0032] - After TOTP registration 220 or getting TOTP token 240, the user is routed to TOTP validation 250. If the validation is successful, the user is returned to login flow 270. If the validation is not successful, the user can be returned to TOTP login 210, or the login process can be terminated. Multiple profile types can be supported concurrently. For example, some users may be required to use TOTP validation 290, while other users may be required to use a fingerprint scanner (not illustrated in FIG. 2). The custom login flows described herein can also be extended beyond validation procedures. For example, personal information may be periodically gathered and/or updated. These other customized login flows may be performed independently of the validation flows);
authenticating a second user based on the second input ([0026] - When the login and profile flows have been completed, the user can be granted access to the resource(s) of resource environment 14 and [0031] - After TOTP registration 220 or getting TOTP token 240, the user is routed to TOTP validation 250. If the validation is successful, the user is returned to login flow 270. If the validation is not successful, the user can be returned to TOTP login 210, or the login process can be terminated); and 
authorizing, based on successful authentication of the second user, access to a mobile workspace associated with the authenticated second user and executing on the configured client device ([0025] and [0026] - When the login and profile flows have been completed, the user can be granted access to the resource(s) of resource environment 14 and [0031] - After TOTP registration 220 or getting TOTP token 240, the user is routed to TOTP validation 250. If the validation is successful, the user is returned to login flow 270. If the validation is not successful, the user can be returned to TOTP login 210, or the login process can be terminated and [0037] – allotted and [0044] – configured).
Mortimore, Jr. fails to explicitly disclose after configuring the device, receiving second input comprising user authentication information.  
However, in an analogous art, Bocanegra Alvarez teaches concepts of:
(Bocanegra Alvarez, [0045] - . A domain identifier associated with a user log-in attempt via a log-in page of service provider is recognized before credentials are submitted for authentication to access resources (block 502). For example, input of credentials by a user or automatically based upon saved log-in data may be examined to recognize a domain identifier associated with the credentials, as described previously. The recognition may be based upon parsing of credential fields or other fields indicative of a particular domain. This may occur before complete information (e.g., username and password) for authentication of a user is input and/or submitted to initiate the authentication. In other words, the domain identifier may be extracted from suitable fields prior to completion of the user log-in attempt);
configuring a client device based on [a] identified first user (Bocanegra Alvarez, [0027[ and [0043] and [0046]-[0047] - In any event, the domain identifier may be employed to look-up, access, download, or otherwise obtain a corresponding style document that is indicative of one or more customizations to apply to the log-in page. Then, the one or more customizations indicated by the style document are applied to the log-in page prior to completion of the user log-in attempt (block 506). For example, a downloaded style document may be applied to a default page to effectuate one or more customizations and re-render the page as a customized page as discussed and depicted in relation to FIGS. 2 and 3);
after configuring the client device, receiving second input comprising user authentication information (Bocanegra Alvarez, [0043] - For example, in a scenario in which a username field is employed as a trigger for the customizations, the page is customized responsive to input of a username and regardless of whether or not a corresponding password is input, e.g., independently of input of the corresponding password.[0047] - The customizations may occur based on input of credentials in relation to a user log-in attempt, but prior to completion of the user log-in attempt. Thus, the default page is customized in a domain-specific manner even before a user is authenticated to access resources from a provider).  As constructed a user name filed is noted to be the first input and the second input would be constructed to be the password.
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention to combine the teachings of Bocanegra Alvarez to the profile flows and TOTP of Mortimore, Jr. to include after configuring the client device, receiving second input comprising user authentication information
One would have been motivated to combine the teachings of Bocanegra Alvarez to Mortimore, Jr to do so as it provides / allows a tailored user experience... even before user authentication to access resources (Bocanegra Alvarez, [0004]).

Regarding Claim 2;
Mortimore, Jr. and Bocanegra Alvarez discloses the method to Claim 1.
Mortimore, Jr. further discloses wherein the authorizing the access to the mobile workspace associated with the authenticated second user is further based on a determination that the identified first user is the same as the authenticated second user ([0025]-[0026] - In response to receiving some login information, a profile for the user and/or client device is determined. The profile can be based on, for example, the user's position within an organization (e.g., sales, IT, legal, support), whether or not the user has completed required activities (e.g., complete HR profile, training certificates, agreed to terms of service), additional verification/validation can be performed (e.g., third-party validation, two-factor authentication, TOTP) and/or other types of information. In one embodiment, before the log in process is completed, the user is routed through profile flow(s) 182 and any corresponding action(s) 184 can be taken and [0031] - After TOTP registration 220 or getting TOTP token 240, the user is routed to TOTP validation 250. If the validation is successful, the user is returned to login flow 270. If the validation is not successful, the user can be returned to TOTP login 210, or the login process can be terminated);

Regarding Claim 3;
Mortimore, Jr. and Bocanegra Alvarez discloses the method to Claim 1.
Mortimore, Jr. further discloses wherein the configuring the client device comprises identifying an authentication portal, and wherein receiving the second input comprises receiving the second input via the identified authentication portal ([0025] - In one embodiment, when attempting to access resource environment 140, a user is presented with login interface 180, which can be, for example, a login screen requesting a user name and/or password, or any other type of login interface and [0026] - In one embodiment, before the log in process is completed, the user is routed through profile flow(s) 182 and any corresponding action(s) 184 can be taken. For example, requested information can be stored in a database or forwarded to appropriate parties, licenses can be acquired/registered, etc. When the login and profile flows have been completed, the user can be granted access to the resource(s) of resource environment 140 and [0028]-[0030] – Login Interface... TOTP Login Interface);
Bocanegra Alvarez additionally teaches wherein the configuring the client device comprises identifying an authentication portal, and wherein receiving the second input comprises receiving the second input via the identified authentication portal ((Bocanegra Alvarez,[0045]-[0047]).

Regarding Claim 4;
Mortimore, Jr. and Bocanegra Alvarez discloses the method to Claim 3.
Mortimore, Jr. further discloses wherein a first authentication portal is identified based on a first user, and a second authentication portal is identified based on a second user ([0019] and [0025]-[0026] - In one embodiment, when attempting to access resource environment 140, a user is presented with login interface 180, which can be, for example, a login screen requesting a user name and/or password, or any other type of login interface... The profile can be based on, for example, the user's position within an organization (e.g., sales, IT, legal, support), whether or not the user has completed required activities (e.g., complete HR profile, training certificates, agreed to terms of service), additional verification/validation can be performed (e.g., third-party validation, two-factor authentication, TOTP) and/or other types of information. In one embodiment, before the log in process is completed, the user is routed through profile flow(s) 182 and any corresponding action(s) 184 can be taken. - and [0027] - FIG. 2 is a flow diagram of one embodiment of a time-based one-time password (TOTP) authentication flow that can be used to provide customized user validations and [0037]).  The examiner notes different types of customized user validation flows, thus interfaces may be provided. 

Regarding Claim 6;
Mortimore, Jr. and Bocanegra Alvarez discloses the method to Claim 1.
Mortimore, Jr. further discloses wherein the user identifying information comprises biometric data ([0028]-[0030] – Login Interface... fingerprint and  TOTP Login Interface);


Regarding Claim 7;
Mortimore, Jr. and Bocanegra Alvarez discloses the method to Claim 6.
Mortimore, Jr. further discloses wherein the biometric data comprises at least one of a voice sample, a retinal scan, a fingerprint, or feature recognition data ([0028]-[0030] – Login Interface... fingerprint).

Regarding Claim 8;
Mortimore, Jr. and Bocanegra Alvarez discloses the method to Claim 1.
Mortimore, Jr. further discloses wherein the user identifying information comprises biometric data, and wherein the identifying the first user comprises matching the biometric data of with stored biometric data corresponding to the first user ([0028]-[0030] – Login Interface... fingerprint... the profile can be determined based on... etc.).  The examiner notes fingerprint.

Regarding Claim 9;
Mortimore, Jr. and Bocanegra Alvarez discloses the method to Claim 8.
Mortimore, Jr. further discloses wherein the stored biometric data corresponding to the first user was previously provided by the first user ([0025] - In one embodiment, when attempting to access resource environment 140, a user is presented with login interface 180, which can be, for example, a login screen requesting a user name and/or password, or any other type of login interface. In response to receiving some login information, a profile for the user and/or client device is determined and [0026] - the requested information can be stored in a database and [0028]-[0030] – Login Interface... fingerprint... the profile can be determined based on... etc.).
Regarding Claim 10;
Mortimore, Jr. and Bocanegra Alvarez discloses the method to Claim 1.
Mortimore, Jr. further discloses wherein the identifying of the first user based on the first input comprises identifying an entity that is associated with the first user, and wherein the configuring of the client device is based on the identified entity ([0025] - In one embodiment, when attempting to access resource environment 140, a user is presented with login interface 180, which can be, for example, a login screen requesting a user name and/or password, or any other type of login interface. In response to receiving some login information, a profile for the user and/or client device is determined. The profile can be based on, for example, the user's position within an organization (e.g., sales, IT, legal, support), whether or not the user has completed required activities (e.g., complete HR profile, training certificates, agreed to terms of service), additional verification/validation can be performed (e.g., third-party validation, two-factor authentication, TOTP) and/or other types of information and [0037] - The users of user systems 312 may differ in their respective capacities, and the capacity of a particular user system 312 might be entirely determined by permissions (permission levels) for the current user. For example, where a salesperson is using a particular user system 312 to interact with system 316, that user system has the capacities allotted to that salesperson. However, while an administrator is using that user system to interact with system 316, that user system has the capacities allotted to that administrator).



Regarding Claim(s) 11-14 and 16-20; claim(s) 11-14 and 16-19 is/are directed to a/an system associated with the method claimed in claim(s) 1-4, 6-8, and 10.  Claim(s) 11-14 and 16-19 is/are similar in scope to claim(s) 1-4, 6-8, and 10, and is/are therefore rejected under similar rationale.

Regarding Claim(s) 20; claim(s) 20 is/are directed to a/an medium associated with the method claimed in claim(s) 1.  Claim(s) 20 is/are similar in scope to claim(s) 1, and is/are therefore rejected under similar rationale.

Claims 5 and 15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Mortimore, Jr. et al. (US 2016/0301679 A1) in view of  Bocanegra Alvarez et al. (US 2015/0113626 A1) and further in view of Kelly et al. (US 2017/0289128 A1).

Regarding Claim 5;
M Mortimore, Jr. and Bocanegra Alvarez discloses the method to Claim 1.
Mortimore, Jr. discloses wherein the configuring the client device comprises prepopulating a user identification and any authentication data at the identified authentication portal (Mortimore, [0011]);
Mortimore, Jr. and Bocanegra Alvarez fails to explicitly disclose and not prepopulating any authentication data at the identified authentication portal.
However, in an analogous art, Kelly teaches an authentication portal in which wherein configuring the mobile workspace comprises prepopulating a user identification at the identified authentication portal, and not prepopulating any authentication data at the identified authentication portal (Kelly, [0061]-[0062] - The enterprise management component 153 can then populate the field for the email address with the enterprise email address associated with the user of the client device 106. In other examples, the user can manually input the enterprise email address into the field for the email address. The enterprise management component 153 can then prompt the user to input the password for the user account 163 into the password field of the user interface. In alternative examples, the enterprise management component 153 can automatically populate the password field with the password for the user account 163)).
Since each individual element and its function are shown in the prior art, albeit shown in separate references, the difference between the claimed subject matter and the prior art rests not on any individual element or function but in the very combination itself that is in the substitution of requiring input of the password (i.e., not prepopulating any authentication data at the identified authentication portal) of the secondary reference(s) for prepopulated any authentication data of the primary reference. Thus, the simple substitution of one known element for another producing a predictable result renders the claim obvious.

Regarding Claim(s) 15; claim(s) 15 is/are directed to a/an system associated with the method claimed in claim(s) 5.  Claim(s) 15 is/are similar in scope to claim(s) 5, and is/are therefore rejected under similar rationale.





Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KARI L SCHMIDT whose telephone number is (571)270-1385. The examiner can normally be reached Monday-Friday 10am - 6pm (MDT).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571)270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.






/KARI L SCHMIDT/Primary Examiner, Art Unit 2439