Securing partner-enabled web service
First Claim
1. A method for securing a partner service, comprising:
- receiving a request, wherein the request comprises a unique value, to access the partner service, wherein the request is received from a browser client for a partner application;
authenticating a user, the partner application generating a token that associates the user with the partner application;
generating a signature for the token, the signature to enable the partner service to independently regenerate the signature, the token comprising an identifier for the partner application enabling the partner service to detect which partner application generates the token; and
sending the token with the signature to the browser client.
1 Assignment
0 Petitions
Accused Products
Abstract
The claimed subject matter provides a method for securing a partner service. The method can include receiving a request, wherein the request comprises a unique value, to access the partner service, wherein the request is received from a browser client for a partner application and determining that a user is authorized to access the partner application, the partner application generating a token that associates the user with the partner application. The method can also include generating a signature for the token, the signature to enable the partner service to independently regenerate the signature, the token comprising an identifier for the partner application enabling the partner service to detect which partner application generates the token and sending the token with the signature to the browser client.
50 Citations
20 Claims
-
1. A method for securing a partner service, comprising:
-
receiving a request, wherein the request comprises a unique value, to access the partner service, wherein the request is received from a browser client for a partner application; authenticating a user, the partner application generating a token that associates the user with the partner application; generating a signature for the token, the signature to enable the partner service to independently regenerate the signature, the token comprising an identifier for the partner application enabling the partner service to detect which partner application generates the token; and sending the token with the signature to the browser client. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for securing a partner service, comprising:
-
a processing unit; and a system memory, wherein the system memory comprises code configured to direct the processing unit to; receive a request, wherein the request comprises a unique value to access the partner service, wherein the request is received from a browser client for a partner application, wherein the browser client is associated with a user; authenticate the user; generate a token, using the partner application, the token associating the user with the partner application, and the token comprising an identifier for the partner application enabling the partner service to identify the partner application as generating the token; generate a signature for the token, the signature to enable the partner service to independently regenerate the signature; and send the token with the signature to the browser client. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. One or more computer-readable storage devices, comprising code configured to direct a processing unit to:
-
receive a request to access a partner service, wherein the request comprises a unique value and the request is received from a browser client for a partner application, wherein the browser client is associated with a user; authenticate the user; generate a token that associates the user with the partner application, wherein the token comprises an identifier of the partner application enabling the partner service to identify the partner application as generating the token; generate a signature for the token, the signature to enable the partner service to independently regenerate the signature; send the token with the signature to the browser client; and encode the token using a one-way hashing algorithm. - View Dependent Claims (17, 18, 19, 20)
-
Specification