DETAILED ACTION
This Office Action is in response to the communication filed on 04/29/2022.
The rejections of claims 8-20 under 35 U.S.C. 101 have been withdrawn in view of amendments of the claims.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Examiner's Amendment
An Examiner's amendment to the record appears below. Should the changes and/or additions be unacceptable to applicants, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this Examiner's amendment was given in a discussion with Eric P. Vandenburg (Reg. No. 73,725) on 05/06/2022.
The application has been amended as follows:
Claim 1: 
	Lines 10-11: replace "determining, at the first SSO and based at least in part on the identity of the user and a service of the service provider which the user is attempting to access, whether:" with --determining, at the first SSO service and based at least in part on the identity of the user and a service of the service provider which the user is attempting to access, whether:--
	Lines 21-23: replace "in response to determining that the communication flow is to be routed through the security service before being provided access to the service to result in a secured connection, routing the communication flow to the security service." with --in response to determining that the communication flow is to be routed through the security service before being provided access to the service to result in the secured connection, routing the communication flow to the security service.--
Claim 8: 
	Lines 15-16: replace "determining, at the first SSO and based at least in part on the identity of the user and a service of the service provider which the user is attempting to access, whether:" with --determining, at the first SSO service and based at least in part on the identity of the user and a service of the service provider which the user is attempting to access, whether:--
	Lines 26-28: replace "in response to determining that the communication flow is to be routed through the security service before being provided access to the service to result in a secured connection, routing the communication flow to the security service." with --in response to determining that the communication flow is to be routed through the security service before being provided access to the service to result in the secured connection, routing the communication flow to the security service.--
Claim 15: 
	Lines 6-7: replace "receiving, at a first authentication service, first data including a first request to authenticate a user of a client device to access an application;" with --receiving, at a first single sign-on authentication service, first data including a first request to authenticate a user of a client device to access an application of a service provider;--
	Lines 13-25: replace "determining, based at least in part on an attribute associated with at least one of the client device or the application, whether: (i) a communication flow from the client device is allowed to access the service of the service provider using an unsecured connection; or (ii) the communication flow from the client device is to be routed through a security service before being provided access to the service of the service provider to result in a secured connection; in response to determining that the communication flow is allowed to access the service using the unsecured connection, routing the communication flow to the service; and in response to determining that the communication flow is to be routed through the security service before being provided access to the service to result in a secured connection, routing the communication flow to the security service." with --determining, at the first single sign-on authentication service and based at least in part on an attribute associated with the client device and the application of the service provider which the user is attempting to access, whether: (i) a communication flow from the client device is allowed to access the application of the service provider using an unsecured connection; or (ii) the communication flow from the client device is to be routed through a security service before being provided access to the application of the service provider to result in a secured connection; in response to determining that the communication flow is allowed to access the application using the unsecured connection, routing the communication flow to the application; and in response to determining that the communication flow is to be routed through the security service before being provided access to the application to result in the secured connection, routing the communication flow to the security service.--
Allowable Subject Matter
Claims 1-20 are allowed.
The following is an examiner's statement of reasons for allowance:
Regarding independent claim 1: None of the prior art of record discloses, individually or in a reasonable combination, the following combination of limitations as recited in claim 1: "determining, at the first SSO service and based at least in part on the identity of the user and a service of the service provider which the user is attempting to access, whether: (i) a communication flow from the client device is allowed to access the service of the service provider using an unsecured connection; or (ii) the communication flow from the client device is to be routed through a security service before being provided access to the service of the service provider to result in a secured connection; in response to determining that the communication flow is allowed to access the service using the unsecured connection, routing the communication flow to the service; and in response to determining that the communication flow is to be routed through the security service before being provided access to the service to result in the secured connection, routing the communication flow to the security service" in combination with other limitations as a whole and in the context recited in claim 1.
Regarding independent claim 8: None of the prior art of record discloses, individually or in a reasonable combination, the following combination of limitations as recited in claim 8: "determining, at the first SSO service and based at least in part on the identity of the user and a service of the service provider which the user is attempting to access, whether: (i) a communication flow from the client device is allowed to access the service of the service provider using an unsecured connection; or (ii) the communication flow from the client device is to be routed through a security service before being provided access to the service of the service provider to result in a secured connection; in response to determining that the communication flow is allowed to access the service using the unsecured connection, routing the communication flow to the service; and in response to determining that the communication flow is to be routed through the security service before being provided access to the service to result in the secured connection, routing the communication flow to the security service" in combination with other limitations as a whole and in the context recited in claim 8.
Regarding independent claim 15: None of the prior art of record discloses, individually or in a reasonable combination, the following combination of limitations as recited in claim 15: "determining, at the first single sign-on authentication service and based at least in part on an attribute associated with the client device and the application of the service provider which the user is attempting to access, whether: (i) a communication flow from the client device is allowed to access the application of the service provider using an unsecured connection; or (ii) the communication flow from the client device is to be routed through a security service before being provided access to the application of the service provider to result in a secured connection; in response to determining that the communication flow is allowed to access the application using the unsecured connection, routing the communication flow to the application; and in response to determining that the communication flow is to be routed through the security service before being provided access to the application to result in the secured connection, routing the communication flow to the security service" in combination with other limitations as a whole and in the context recited in claim 15.
Regarding dependent claims: Dependent claims are allowed as they depend from allowable independent claims.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance."
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AMIE C LIN whose telephone number is (571)272-7752. The examiner can normally be reached M-F 9:00AM -5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, GELAGAY SHEWAYE can be reached on (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/AMIE C. LIN/Primary Examiner, Art Unit 2436