DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1.	Claims 1-12, 15-17, and 19-23 are in condition for allowance.
	Claims 13-14 and 18 are canceled by Appellant. 

EXAMINER’S AMENDMENT
Authorization for this examiner’s amendment was given in an interview with Mr. Mark Seegers on 1/7/21.
The application has been amended as follows: 
Claim 10. (Currently Amended) A non-transitory computer readable medium having program instructions stored thereon that are capable of causing a computer system to perform operations comprising:
	generating cryptographic information usable to authenticate communications between first and second multi-tenant applications, wherein the cryptographic information includes:
		a master private key usable to derive, based on tenant identifiers, tenant-specific private keys for a plurality of tenants hosted by the first multi-tenant application; and
		public key parameters usable to derive, based on the tenant identifiers, tenant-specific public keys for the plurality of tenants;
	sending the public key parameters to a directory service accessible to the second multi-tenant application for retrieving the public key parameters, wherein the second multi-tenant application is operable to use the public key parameters to derive, without the second multi-tenant application maintaining public keys for each of the plurality of tenants, tenant-specific public keys that can be used to authenticate communications from the first multi-tenant application;
	receiving, from the first multi-tenant application, a key request for a tenant-specific private key specific to a tenant of the plurality of tenants that is useable to sign a request to the second multi-tenant application on behalf of the tenant, wherein the key request and the request to the second multi-tenant application include a tenant identifier that identifies the tenant;
	performing a key derivation function to generate a particular tenant-specific private key specific to the tenant based on the master private key and the tenant identifier; and
	sending, to the first multi-tenant application, the particular tenant-specific private key.

Claim 15.  (Currently Amended) A method, comprising:
	receiving, by a first multi-tenant application executing on a first computer system, an operation request signed by a second multi-tenant application executing on a second computer system, wherein the operation request specifies a set of operations to be performed on behalf of a tenant of a plurality of tenants of the second computer system, and wherein the operation request includes a tenant identifier that identifies the tenant and a reference to master public information stored by a directory service, and wherein master public information is usable by the first multi-tenant application to derive, without the first multi-tenant application maintaining public keys for each of the plurality of tenants, tenant-specific public keys that can be used to authenticate communications from the second multi-tenant application
	retrieving, by the first multi-tenant application
	performing, by the first multi-tenant application
	verifying, by the first multi-tenant application

Claim 19.  (Currently Amended) The method of claim 15, further comprising:
	in response to determining that a signature of the operation request is invalid, the first multi-tenant applicationthe second multi-tenant application

Allowable Subject Matter
2.	Claims 1-12, 15-17, and 19-23 are allowed over art.
3.	The following is an examiner’s statement of reasons for allowance: 
Independent claims 1, 10, and 15 limit to a method and non-transitory medium for authenticating communications between first and second multi-tenant applications by 
The previous rejection over the Abgrall, et al. and Wang combination was overcome by the current amendments.  Further searching failed to disclose prior art that reads the claimed authenticating communications between first and second multi-tenant applications by using cryptographic information of a master public configuration information, whereby the master public configuration information is sent to a directory service accessible to the second multi-tenant applications, wherein the second multi-tenant application is operable to use the master public configuration information to 
Therefore, none of the references alone or in combination disclose or suggest the invention as claimed.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LEYNNA TRUVAN whose telephone number is (571) 272-3851. The examiner can normally be reached Monday-Friday 8:00AM-5:00PM, EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on 571-272-3685. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available 

LEYNNA TRUVAN
Examiner
Art Unit 2435



/L.TT/Examiner, Art Unit 2435                                                                                                                                                                                                        
/BAOTRAN N TO/Primary Examiner, Art Unit 2435