Methods, Apparatuses, and Computer Program Products for Providing a Single Service Sign-On
First Claim
1. A method comprising:
- receiving a request for an access token from a remote entity, wherein the request includes an indication of a requested service;
determining a request type, wherein the request type may be a user identification and password combination, a request token exchange, or an access token exchange;
extracting one or more parameters included in the request based upon the determined request type;
performing one or more security checks based at least in part upon the one or more extracted parameters;
creating an access token based at least in part upon results of the one or more security checks; and
providing the access token to the remote entity.
2 Assignments
0 Petitions
Accused Products
Abstract
An apparatus may include a processor configured to receive a request for an access token from a remote entity, wherein the request includes an indication of a requested service. The processor may be further configured to determine a request type, wherein the request type may be a user identification and password combination, a request token exchange, or an access token exchange. The processor may be additionally configured to extract one or more parameters included in the request based upon the determined request type and to perform one or more security checks based at least in part upon the one or more extracted parameters. The processor may be further configured to create an access token based at least in part upon the results of the one or more security checks and to provide the access token to the remote entity.
166 Citations
25 Claims
-
1. A method comprising:
-
receiving a request for an access token from a remote entity, wherein the request includes an indication of a requested service; determining a request type, wherein the request type may be a user identification and password combination, a request token exchange, or an access token exchange; extracting one or more parameters included in the request based upon the determined request type; performing one or more security checks based at least in part upon the one or more extracted parameters; creating an access token based at least in part upon results of the one or more security checks; and providing the access token to the remote entity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer program product comprising at least one computer-readable storage medium having computer-readable program code portions stored therein, the computer-readable program code portions comprising:
-
a first program code portion for receiving a request for an access token from a remote entity, wherein the request includes an indication of a requested service; a second program code portion for determining a request type, wherein the request type may be a user identification and password combination, a request token exchange, or an access token exchange; a third program code portion for extracting one or more parameters included in the request based upon the determined request type; a fourth program code portion for performing one or more security checks based at least in part upon the one or more extracted parameters; a fifth program code portion for creating an access token based at least in part upon results of the one or more security checks; and a sixth program code portion for providing the access token to the remote entity. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. An apparatus comprising a processor configured to:
-
receive a request for an access token from a remote entity, wherein the request includes an indication of a requested service; determine a request type, wherein the request type may be a user identification and password combination, a request token exchange, or an access token exchange; extract one or more parameters included in the request based upon the determined request type; perform one or more security checks based at least in part upon the one or more extracted parameters; create an access token based at least in part upon results of the one or more security checks; and provide the access token to the remote entity. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
-
25. An apparatus comprising:
-
means for receiving a request for an access token from a remote entity, wherein the request includes an indication of a requested service; means for determining a request type, wherein the request type may be a user identification and password combination, a request token exchange, or an access token exchange; means for extracting one or more parameters included in the request based upon the determined request type; means for performing one or more security checks based at least in part upon the one or more extracted parameters; means for creating an access token based at least in part upon results of the one or more security checks; and means for providing the access token to the remote entity.
-
Specification