US Patent 11991164 Access to federated identities on a shared kiosk computing device

A kiosk device is shared by many users of an organization in a sequential manner. The kiosk is provisioned so that each of the appropriate users of the organization may use it, and so that each such user may be provided with a federated identity by an external identity provider (IdP) system. The federated identity may be used to automatically provide the user with access to the user's different resources (e.g., the user's accounts on various third-party applications). An authenticator component of the kiosk device communicates with the external IdP system so as to securely and transparently provide the users with a federated identity. In order to provide additional security, the authenticator component and/or the IdP system may take into account organization-specific details when authenticating a user, such as whether a particular user is expected to be on duty with the organization at the current time.