Patent attributes
Login authentication in a cloud storage platform includes: receiving, in a cloud storage platform, a user identifier for a user; extracting, based on the user identifier, a domain registered with the cloud storage platform, where each domain registered with the cloud storage platform is associated with an identity authentication endpoint and one or more groups to which users from the domain may be assigned; determining an identity authentication endpoint associated with the extracted domain; providing, to the identity authentication endpoint associated with the extracted domain, login credentials for the user; receiving an identity authorization from the identity authentication endpoint associated with the extracted domain, where the identity authorization includes a plurality of groups for the user; and filtering any groups included in the identity authorization that are not registered with the cloud storage platform.