Apparatus and method for API authentication using two API tokens
First Claim
Patent Images
1. An application programming interface (API) authentication method using two API tokens, the API authentication method comprising:
- obtaining, at a user device, a general API token and information required for a one-time API token creation from a service providing apparatus, the general API token having an expiration time;
checking, at the user device, whether or not the general API token has expired, andupon determining that the general API token has expired, obtaining a new general API token and new information required for the one-time API token creation from the service providing apparatus, andupon determining that the general API token has not expired,creating the one-time API token using the obtained information from the service providing apparatus, andsending an API request to the service providing apparatus with both the general API token and the created one-time API token; and
in response to the API request from the user device, processing, at the service providing apparatus, the API request according to a result of authentication based on the general API token and the one-time API token, whereinthe processing of the API request comprises;
receiving the API request that contains the first one-time API token and the general API token from the user device,identifying the user device with the general API token,extracting information required for one-time API token creation which is to be mapped to the identified user device in mapping information,generating a second one-time API token using the extracted information,checking whether the first one-time API token is identical to the second one-time API token, andprocessing the API request according to a result of the checking.
1 Assignment
0 Petitions
Accused Products
Abstract
An application programming interface (API) authentication method using two API tokens which includes issuing a general API token and providing information required for a one-time API token to a user device; and in response to an API request from the user device, processing an API request according to a result of authentication based on the general API token and a one-time API token, which is generated using the information required for a one-time API token creation.
-
Citations
8 Claims
-
1. An application programming interface (API) authentication method using two API tokens, the API authentication method comprising:
-
obtaining, at a user device, a general API token and information required for a one-time API token creation from a service providing apparatus, the general API token having an expiration time; checking, at the user device, whether or not the general API token has expired, and upon determining that the general API token has expired, obtaining a new general API token and new information required for the one-time API token creation from the service providing apparatus, and upon determining that the general API token has not expired, creating the one-time API token using the obtained information from the service providing apparatus, and sending an API request to the service providing apparatus with both the general API token and the created one-time API token; and in response to the API request from the user device, processing, at the service providing apparatus, the API request according to a result of authentication based on the general API token and the one-time API token, wherein the processing of the API request comprises; receiving the API request that contains the first one-time API token and the general API token from the user device, identifying the user device with the general API token, extracting information required for one-time API token creation which is to be mapped to the identified user device in mapping information, generating a second one-time API token using the extracted information, checking whether the first one-time API token is identical to the second one-time API token, and processing the API request according to a result of the checking. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
Specification