Patent attributes
An identity and access management (IAM) extended trust server (ETS) can work with a cloud-based IAM platform to authorize a user in a home zone to access a resource such as an enterprise application in an enterprise computing network. The IAM ETS receives a request from the user to access another resource, determines that other resource resides in a geographical zone that is different from the home zone, checks with the cloud-based IAM platform on whether the user is authorized to access the resource in the geographical zone, and responsive to an indication from the cloud-based IAM platform that the user is authorized to access the resource in the geographical zone, redirects a browser on the user device to the resource in the geographical zone without initiating a new session for the user, thereby providing the user with seamless access across multiple zones in a single global session.