US Patent 10043025 Persistent key access to a resources in a collection

A method includes receiving a first request from a first user device to access a first resource that includes data for a second user account for which access to the data is restricted to authorized users, the first request including an authorization token and associated with a first user identifier that identifies a first user; determining that the first user identifier does not identify an authorized user and in response: determining that the first user identifier identifies an authorized user based on the authorization token, and provide the first resource to the first user device; receiving a second request for access to data to the second user account, the second request associated with the first user identifier; and based on the first user identifier being determined to identify authorized user, providing access to the data to the second user account in response to the second request.