Providing a single session experience across multiple applications
First Claim
Patent Images
1. A method, comprising:
- receiving, at an application programming interface (API) proxy, a user'"'"'s login credentials from a client device, the API proxy being an application configured to initiate sessions on behalf of the user with each application in a predetermined set of applications that are hosted on one or more remote servers;
authenticating the user at the API proxy based on the received login credentials and initiating a user session between the client device and the API proxy;
conveying the user'"'"'s login credentials for a first application in the predetermined set of applications from the API proxy to an API of the first application to authenticate the user and initiate a first session between the API proxy and the first application on behalf of the client device;
enabling interaction with the first application on the client device via the API proxy by;
receiving at the API proxy a request from the client device, the request being targeted to the API of the first application;
conveying the request from the API proxy to the API of the first application and receiving a response to the request at the API proxy;
forwarding the response to the client device;
wherein the API proxy is configured to send dummy calls to prevent idle expiration of applications that provide a state-full session experience, and to not send dummy calls to applications that do not provide a state-full session experience, wherein an application provides a state-full session experience if it associates additional user data with a session, which user data is lost if the session is logged out;
wherein initiating the session between the client device and the API proxy further comprises, in exchange for the login credentials received at the API proxy, receiving an API proxy session key at the client device from the API proxy, wherein the API proxy session key is an alphanumeric sequence, and wherein the API proxy session key is included in calls from the client device to the API proxy to authenticate the calls; and
wherein initiating the first session between the API proxy and the first application further comprises, in exchange for the login credentials received at the API of the first application, receiving at the API proxy a corresponding application session key from the first application, wherein the corresponding application session key is an alphanumeric sequence, and wherein the corresponding application session key is included in calls from the API proxy to the API of the first application to authenticate the calls.
2 Assignments
0 Petitions
Accused Products
Abstract
A system is described allowing a user to log into an API proxy by supplying login credentials and to have the API proxy log into the APIs of various web-based applications on behalf of the user by using the user'"'"'s login credentials, without the user needing to separately log into each application. Calls made by the user to an application and application replies are routed through the API proxy. Further, the API proxy manages session expirations, e.g., by sending dummy calls to applications that exhibit idle expiration.
-
Citations
17 Claims
-
1. A method, comprising:
-
receiving, at an application programming interface (API) proxy, a user'"'"'s login credentials from a client device, the API proxy being an application configured to initiate sessions on behalf of the user with each application in a predetermined set of applications that are hosted on one or more remote servers; authenticating the user at the API proxy based on the received login credentials and initiating a user session between the client device and the API proxy; conveying the user'"'"'s login credentials for a first application in the predetermined set of applications from the API proxy to an API of the first application to authenticate the user and initiate a first session between the API proxy and the first application on behalf of the client device; enabling interaction with the first application on the client device via the API proxy by; receiving at the API proxy a request from the client device, the request being targeted to the API of the first application; conveying the request from the API proxy to the API of the first application and receiving a response to the request at the API proxy; forwarding the response to the client device; wherein the API proxy is configured to send dummy calls to prevent idle expiration of applications that provide a state-full session experience, and to not send dummy calls to applications that do not provide a state-full session experience, wherein an application provides a state-full session experience if it associates additional user data with a session, which user data is lost if the session is logged out; wherein initiating the session between the client device and the API proxy further comprises, in exchange for the login credentials received at the API proxy, receiving an API proxy session key at the client device from the API proxy, wherein the API proxy session key is an alphanumeric sequence, and wherein the API proxy session key is included in calls from the client device to the API proxy to authenticate the calls; and wherein initiating the first session between the API proxy and the first application further comprises, in exchange for the login credentials received at the API of the first application, receiving at the API proxy a corresponding application session key from the first application, wherein the corresponding application session key is an alphanumeric sequence, and wherein the corresponding application session key is included in calls from the API proxy to the API of the first application to authenticate the calls. - View Dependent Claims (2, 3, 4, 5, 15)
-
-
6. A computing device, comprising:
-
at least one processor; and memory including instructions that, when executed by the at least one processor, cause the computing device to; receive, at an application programming interface (API) proxy, a user'"'"'s login credentials from a client device, the API proxy being an application configured to initiate sessions on behalf of the user with each application in a predetermined set of applications that are hosted on one or more remote servers; authenticate the user at the API proxy based on the received login credentials and initiate a user session between the client device and the API proxy; convey the user'"'"'s login credentials for a first application in the predetermined set of applications from the API proxy to an API of the first application to authenticate the user and initiate a first session between the API proxy and the first application on behalf of the client device; enable interaction with the first application on the client device via the API proxy by; receiving at the API proxy a request from the client device, the request being targeted to the API of the first application; conveying the request from the API proxy to the API of the first application and receiving a response to the request at the API proxy; forwarding the response to the client device; wherein the API proxy is configured to send dummy calls to prevent idle expiration of applications that provide a state-full session experience, and to not send dummy calls to applications that do not provide a state-full session experience, wherein an application provides a state-full session experience if it associates additional user data with a session, which user data is lost if the session is logged out; wherein initiating the session between the client device and the API proxy further comprises, in exchange for the login credentials received at the API proxy, receiving an API proxy session key at the client device from the API proxy, wherein the API proxy session key is an alphanumeric sequence, and wherein the API proxy session key is included in calls from the client device to the API proxy to authenticate the calls; and wherein initiating the first session between the API proxy and the first application further comprises, in exchange for the login credentials received at the API of the first application, receiving at the API proxy a corresponding application session key from the first application, wherein the corresponding application session key is an alphanumeric sequence, and wherein the corresponding application session key is included in calls from the API proxy to the API of the first application to authenticate the calls. - View Dependent Claims (7, 8, 9, 10, 16)
-
-
11. A non-transitory computer readable storage medium comprising one or more sequences of instructions, the instructions when executed by one or more processors causing the one or more processors to execute the operations of:
-
receiving, at an application programming interface (API) proxy, a user'"'"'s login credentials from a client device, the API proxy being an application configured to initiate sessions on behalf of the user with each application in a predetermined set of applications that are hosted on one or more remote servers; authenticating the user at the API proxy based on the received login credentials and initiating a user session between the client device and the API proxy; conveying the user'"'"'s login credentials for a first application in the predetermined set of applications from the API proxy to an API of the first application to authenticate the user and initiate a first session between the API proxy and the first application on behalf of the client device; enabling interaction with the first application on the client device via the API proxy by; receiving at the API proxy a request from the client device, the request being targeted to the API of the first application; conveying the request from the API proxy to the API of the first application and receiving a response to the request at the API proxy; forwarding the response to the client device; wherein the API proxy is configured to send dummy calls to prevent idle expiration of applications that provide a state-full session experience, and to not send dummy calls to applications that do not provide a state-full session experience, wherein an application provides a state-full session experience if it associates only to applications that associate additional user data with a session, which user data is lost if the session is logged out; wherein initiating the session between the client device and the API proxy further comprises, in exchange for the login credentials received at the API proxy, receiving an API proxy session key at the client device from the API proxy, wherein the API proxy session key is an alphanumeric sequence, and wherein the API proxy session key is included in calls from the client device to the API proxy to authenticate the calls; and wherein initiating the first session between the API proxy and the first application further comprises, in exchange for the login credentials received at the API of the first application, receiving at the API proxy a corresponding application session key from the first application, wherein the corresponding application session key is an alphanumeric sequence, and wherein the corresponding application session key is included in calls from the API proxy to the API of the first application to authenticate the calls. - View Dependent Claims (12, 13, 14, 17)
-
Specification