System and Method for Mobile Single Sign-On Integration
First Claim
1. A method for providing access to mobile web services provided by a service provider system using a single sign-on (SSO) credential managed by a client-side computer system, the method comprising:
- receiving an authentication token from the mobile device, the authentication token generated by the client-side computer system upon authenticating the identity of a user at the mobile device using the user'"'"'s single sign on credential;
processing the authentication token to validate the authentication token;
generating an authorization access token;
providing the authorization access token to the mobile device;
processing a service request received from the mobile device, the service request containing the authorization access token;
processing the authorization access token to validate authority to receive the service request; and
servicing the service request in response to the step of processing the authorization access token.
1 Assignment
0 Petitions
Accused Products
Abstract
Improved methods and systems for integrating client-side single sign-on (SSO) authentication security infrastructure with a mobile authorization protocol are disclosed that provide clients with secured SSO mobile access to third-party services. Embodiments of the present invention leverage SSO authentication protocols that are utilized at many client-side systems already and integrate these SSO authentication protocols with a mobile SSO authorization protocol, thereby effectively extending the SSO framework to mobile service requests of web services at third-party service provider systems. Embodiments of the present invention provide a secure and automated solution which may be implemented in any existing client-side SSO frameworks with minimum cost and time, while providing a lightweight and secure solution that provides users using either native applications or mobile web application to access third-party web services.
-
Citations
26 Claims
-
1. A method for providing access to mobile web services provided by a service provider system using a single sign-on (SSO) credential managed by a client-side computer system, the method comprising:
-
receiving an authentication token from the mobile device, the authentication token generated by the client-side computer system upon authenticating the identity of a user at the mobile device using the user'"'"'s single sign on credential; processing the authentication token to validate the authentication token; generating an authorization access token; providing the authorization access token to the mobile device; processing a service request received from the mobile device, the service request containing the authorization access token; processing the authorization access token to validate authority to receive the service request; and servicing the service request in response to the step of processing the authorization access token. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A service provider computer system for providing web services to mobile devices using single sign-on (SSO) credentials managed by a client-side computer system, the system comprising:
-
a web authentication engine for receiving an authentication token generated by the client-side computer system upon authenticating an identity of a user at the mobile device using the user'"'"'s single sign on credential and processing the authentication token to validate the authentication token; a token engine for generating an authorization access token and providing the authorization access token to the mobile device; a web services engine for processing a service request received from the mobile device, the service request containing the authorization access token, processing the authorization access token to validate authority to receive the service request, and servicing the service request in response to the step of processing the authorization access token. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A method for providing seamless access to mobile web services provided by a service provider system using a single sign-on (SSO) credential managed by a client-side computer system, the method comprising:
-
receiving, at the service provider system, a request to access web services using the mobile device redirecting the mobile device to an web-identification authentication service at the client-side computer system to authenticate the identity of the user using the user'"'"'s single sign on credential, said redirect causing the client-side computer system to generate an authentication token and communicate to the mobile device a message containing the authentication token and a redirect function call that, when processed by a processor at the mobile device, causes the mobile device to automatically communicate the authentication token the service provider system; receiving an authentication token from the mobile device, the authentication token being generated by the client-side computer system upon authenticating the identity of the user and in accordance with a web SSO protocol; processing the authentication token to validate the authentication token; generating an authorization code in response to the step of processing the authentication token; communicating the authorization code to the mobile device, the authorization code, when processed by a processor at the mobile device, causes the mobile device to communicate the authorization code to the service provider system to request the authorization access token; receiving the authorization code from the mobile device; validating the authorization code; generating the authorization access token in response to validating the authorization code; and providing the authorization access token to the mobile device. - View Dependent Claims (26)
-
Specification