Delegating Authorizations
First Claim
1. A method for delegating authorization to access user content kept at a plurality of service providers, the plurality of service providers associating the user content for a plurality of users with one or more of a plurality of access tokens such that each access token confers access to the user content of the associated user, the method comprising:
- receiving the plurality of access tokens from the plurality of service providers after the plurality of service providers associates each of the plurality of access tokens with at least one of the plurality of users;
receiving credentials from a control device identifying a first user of the plurality of the users;
selecting a first access token associated with the first user identified with the credentials from the plurality of access tokens received from the plurality of service providers;
transmitting the first access token to the control device for subsequent transmission to a sink device; and
transmitting a content request redirect to the sink device to prompt the sink device to transmit the first access token to a first service provider of the plurality of service providers, the first service provider verifying the first access token prior to responsively transmitting a first user content associated with the first access token to the sink device.
1 Assignment
0 Petitions
Accused Products
Abstract
Delegation of authorizations from one device to another device is contemplated. The contemplated capabilities may enable an authenticated device to confer access tokens or other authoritative permissions to a non-authenticated or unsecured device, such as to enable the delegated device to access user content without the user having to enter a username and password or other identifying credentials thereto.
-
Citations
20 Claims
-
1. A method for delegating authorization to access user content kept at a plurality of service providers, the plurality of service providers associating the user content for a plurality of users with one or more of a plurality of access tokens such that each access token confers access to the user content of the associated user, the method comprising:
-
receiving the plurality of access tokens from the plurality of service providers after the plurality of service providers associates each of the plurality of access tokens with at least one of the plurality of users; receiving credentials from a control device identifying a first user of the plurality of the users; selecting a first access token associated with the first user identified with the credentials from the plurality of access tokens received from the plurality of service providers; transmitting the first access token to the control device for subsequent transmission to a sink device; and transmitting a content request redirect to the sink device to prompt the sink device to transmit the first access token to a first service provider of the plurality of service providers, the first service provider verifying the first access token prior to responsively transmitting a first user content associated with the first access token to the sink device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method of enabling access to user content kept at a first service provider without requiring a requesting device to provide a username and password or other user identifying credential for an associated user to the first service provider, the first service provider requiring receipt of the username and password or the other user identifying credential prior to issuing an access token required to access the user content, the method comprising:
-
storing the access token at a second service provider after issuance from the first service provider; authenticating a conferring device to access a my services everywhere (MSE) service associated with the second service provider as a function of user identifying information received therefrom; receiving a request from the conferring device to enable the requesting device to access the user content via the MSE service; and transmitting the access token from the second service provider to the conferring device, the conferring device then transmitting the access token to the requesting device to access the user content from the service provider, the access token thereby being provided to the requesting device without the requesting device having to provide the username and password or the other user identifying credential to either one of the first and second service providers. - View Dependent Claims (15, 16, 17)
-
-
18. A non-transitory computer-readable medium having a plurality of instructions operable with a processor to facilitate a my services everywhere (MSE) service, the MSE service enabling a control device to confer authorizations to a sink device to access user content without requiring input of personally identifying information through the sink device, the user content being kept at a plurality of service providers, the plurality of service providers associating the user content for a plurality of users with one or more of a plurality of access tokens such that each access token confers access to the user content of the associated user, the plurality of instructions being sufficient for:
-
facilitating an access token issuance process whereby the plurality of access tokens are received from the plurality of service providers as a function of personally identifying information obtained from the plurality of users; downloading a first MSE page to the control device as a function of personally identifying credentials received therethrough, the personally identifying credentials identifying a first user of the plurality of users; transmitting a first access token to the control device via the first MSE page subsequent transmission to the sink device, the first access token being determined based on the credentials to be associated with the first user, the first access token being selected from the plurality of access tokens received from the plurality of service providers as a function of the personally identifying information; and downloading a second MSE page to the sink device, the second MSE page prompting the sink device to transmit the first access token to a first service provider of the plurality of service providers, the first service provider verifying the first access token prior to responsively transmitting a first user content associated with the first access token to the sink device. - View Dependent Claims (19, 20)
-
Specification