BUNDLED AUTHORIZATION REQUESTS
First Claim
1. A computer-implemented method comprising:
- receiving, at an OAuth authorization server, from a client application, a token request that specifies multiple separate services;
in response to receiving the token request, generating, at the OAuth authorization server, a single token that includes scope of access information for each of the multiple separate services; and
sending the single token from the OAuth authorization server to the client application.
1 Assignment
0 Petitions
Accused Products
Abstract
A framework, which conforms to the OAuth standard, involves a generic OAuth authorization server that can be used by multiple resource servers in order to ensure that access to resources stored on those resource servers is limited to access to which the resource owner consents. Each resource server registers, with the OAuth authorization server, metadata for that resource server, indicating scopes that are recognized by the resource server. The OAuth authorization server refers to this metadata when requesting consent from a resource owner on behalf of a client application, so that the consent will be of an appropriate scope. The OAuth authorization server refers to this metadata when constructing an access token to provide to the client application for use in accessing the resources on the resource server. The OAuth authorization server uses this metadata to map issued access tokens to the scopes to which those access tokens grant access.
-
Citations
20 Claims
-
1. A computer-implemented method comprising:
-
receiving, at an OAuth authorization server, from a client application, a token request that specifies multiple separate services; in response to receiving the token request, generating, at the OAuth authorization server, a single token that includes scope of access information for each of the multiple separate services; and sending the single token from the OAuth authorization server to the client application. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-readable memory comprising instructions which, when executed by one or more processors, cause the one or more processors to perform:
-
receiving, at an OAuth authorization server, from a client application, a token request that specifies multiple separate services; in response to receiving the token request, generating, at the OAuth authorization server, a single token that includes scope of access information for each of the multiple separate services; and sending the single token from the OAuth authorization server to the client application. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system comprising:
-
a first machine that stores a client application; a second machine that stores an OAuth authorization server that is configured to; receive, from the client application, a token request that specifies multiple separate services; generate, in response to receiving the token request, a single token that includes scope of access information for each of the multiple separate services; and sending the single token to the client application. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification