ASYNCHRONOUS USER PERMISSION MODEL FOR APPLICATIONS
First Claim
1. A method for providing an access token to an application without requiring the application to interact with a user-agent through which a third party contemporaneously authorizes use of the access token, the method comprising:
- retrieving an application authorization universal resource locator (appAuthURL);
retrieving an access token universal resource locator (accessTokenURL);
providing an application ID and a shared secret to the appAuthURL, the application ID identifying an application requiring access to a service, an authorization server at the appAuthURL generating an application token (appToken) and an event URL (eventURL) when the shared secret is verified, the appToken granting permission to the application to perform an event at the eventURL related to the service;
polling the accessTokenURL to obtain an access token (accessToken), the accessToken indicating third party approval for the application to perform the event on behalf of the third party, the authorization server at the accessTokenURL providing the accessToken to the application as a part of the polling if the appToken is verified and the third party contemporaneously engages a user-agent to authorize the application, the accessToken being provided to the application without the application performing a related interaction with the user-agent; and
providing the accessToken to the eventURL, thereby enabling the application to perform the event.
1 Assignment
0 Petitions
Accused Products
Abstract
Use of an application to engage services on behalf of a third party is contemplated. The services may be engaged one behalf of the third party with delivery of a third party permission to a Web service, optionally with the third party permission being recognized in the form of an access token (accessToken) provided from the application to the Web service without requiring the application to interact with an user-agent used to obtain the third party permission.
27 Citations
20 Claims
-
1. A method for providing an access token to an application without requiring the application to interact with a user-agent through which a third party contemporaneously authorizes use of the access token, the method comprising:
-
retrieving an application authorization universal resource locator (appAuthURL); retrieving an access token universal resource locator (accessTokenURL); providing an application ID and a shared secret to the appAuthURL, the application ID identifying an application requiring access to a service, an authorization server at the appAuthURL generating an application token (appToken) and an event URL (eventURL) when the shared secret is verified, the appToken granting permission to the application to perform an event at the eventURL related to the service; polling the accessTokenURL to obtain an access token (accessToken), the accessToken indicating third party approval for the application to perform the event on behalf of the third party, the authorization server at the accessTokenURL providing the accessToken to the application as a part of the polling if the appToken is verified and the third party contemporaneously engages a user-agent to authorize the application, the accessToken being provided to the application without the application performing a related interaction with the user-agent; and providing the accessToken to the eventURL, thereby enabling the application to perform the event. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of enabling an application to direct a Web service to perform an event on behalf of a third party, the Web service requiring receipt of an access token (accessToken) issued from an authorization server in order to perform the event, the authorization server generating the accessToken following receipt of a third party permission from an user-agent, the user-agent providing a user interface for receiving the third party permission from the third party, the method comprising:
-
providing an application ID and a shared secret to the authorization server, the application ID identifying the application requesting to perform the event, the authorization server generating an application token (appToken) and an event URL (eventURL) if the shared secret is verified, the appToken granting permission to the application to perform the event; providing the appToken to the authorization server, and if verified by the authorization server, responsively obtaining the accessToken from the authorization server, whereby the application obtains the accessToken without interacting with the user-agent; and providing the accessToken to the eventURL to enable the application to perform the event. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system for engaging a Web service to perform an event on behalf of a third party, the system comprising:
-
an application operable to issue a request to the Web service to perform the event on behalf of the third party, the application operable to include an access token (accessToken) with the request, the Web service verifying the accessToken prior to performing the event; an authorization server operable to provide the accessToken to the application, the authorization server verifying an application token (appToken) provided from the application prior to providing the accessToken; and a user-agent operable to receive a third party permission from the third party, the third party permission indicating approval of the third party for the application to perform the event behalf of the third party, the user-agent identifying the application requesting to perform the event as a function of an application ID provided from the authorization server and without corresponding interaction with the application. - View Dependent Claims (20)
-
Specification