SINGLE SIGN ON (SSO) AUTHORIZATION AND AUTHENTICATION FOR MOBILE COMMUNICATION DEVICES
First Claim
1. A method comprising:
- transmitting, from the mobile communication device to an application server associated with one application among a native application executing on the mobile communication device and a hybrid application executing in a native application container on the mobile communication device, authentication credentials for a user of the mobile device and a single sign on (SSO) token for authenticating the mobile communication device in communications with application servers;
in response to transmitting the authentication credentials and the SSO token to the application server associated with the one application, receiving services reserved for authenticated users of the one application from the application server associated with the one application;
following the transmitting of the authentication credentials and the SSO token to the application server associated with the one application, transmitting, from the mobile communication device to an application server associated with another application among the native application executing on the mobile communication device and the hybrid application executing in the native application container on the mobile communication device, the SSO token without the authentication credentials; and
in response to transmitting the SSO token without the authentication credentials to the application server associated with the other application, receiving services reserved for authenticated users of the other application from the application server associated with the other application.
1 Assignment
0 Petitions
Accused Products
Abstract
Single sign on (SSO) functionality is provided across native and hybrid applications executing on a mobile communication device, such that both native and hybrid applications can access authenticated services offered through respective application servers without repeatedly providing authentication credentials. In operation, the mobile device obtains an SSO token from an SSO server providing the SSO functionality, and native applications executing on the mobile device retrieve the SSO token from memory for use in accessing authenticated services. In the case of hybrid applications, an alias is assigned to the mobile device in response to receiving a page request received from the hybrid application. The alias is associated with SSO token of the mobile device in the SSO server, and is used to provide the SSO token directly to the hybrid application from the SSO server such that the hybrid application can use the SSO token for authentication.
-
Citations
20 Claims
-
1. A method comprising:
-
transmitting, from the mobile communication device to an application server associated with one application among a native application executing on the mobile communication device and a hybrid application executing in a native application container on the mobile communication device, authentication credentials for a user of the mobile device and a single sign on (SSO) token for authenticating the mobile communication device in communications with application servers; in response to transmitting the authentication credentials and the SSO token to the application server associated with the one application, receiving services reserved for authenticated users of the one application from the application server associated with the one application; following the transmitting of the authentication credentials and the SSO token to the application server associated with the one application, transmitting, from the mobile communication device to an application server associated with another application among the native application executing on the mobile communication device and the hybrid application executing in the native application container on the mobile communication device, the SSO token without the authentication credentials; and in response to transmitting the SSO token without the authentication credentials to the application server associated with the other application, receiving services reserved for authenticated users of the other application from the application server associated with the other application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A mobile communication device comprising:
-
a processor; a user interface for receiving commands from a user and displaying information to the user; a mobile wireless communication interface for communicating across a mobile wireless communication network with a plurality of application servers; and a memory storing instructions for execution on the processor, wherein execution of the instructions causes the processor to; transmit, to an application server associated with one application among a native application executing on the mobile communication device and a hybrid application executing in a native application container on the mobile communication device, authentication credentials for the user of the mobile device and a single sign on (SSO) token for authenticating the mobile communication device; in response to transmitting the authentication credentials and the SSO token to the application server associated with the one application, receive services reserved for authenticated users of the one application from the application server associated with the one application; following the transmitting of the authentication credentials and the SSO token to the application server associated with the one application, transmit, to an application server associated with another application among the native application executing on the mobile communication device and the hybrid application executing in the native application container on the mobile communication device, the SSO token without the authentication credentials; and in response to transmitting the SSO token without the authentication credentials to the application server associated with the other application, receive services reserved for authenticated users of the other application from the application server associated with the other application. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A method comprising:
-
generating, in a single sign on (SSO) server communicatively coupled to a plurality of mobile devices and a plurality of application servers, an SSO token for use in authenticating one of the plurality of mobile devices; providing the generated SSO token to the one mobile device for use in authenticating the mobile device with application servers associated with native applications executing on the one mobile device; generating in the SSO server, in response to receiving a request from an application server associated with a hybrid application configured for execution in native application containers of mobile devices, an alias for uniquely identifying a mobile device having transmitted a request to the application server associated with the hybrid application; associating the generated alias with the generated SSO token of the one mobile device in response to receiving a registration request including the generated alias from the one mobile device; and providing the generated SSO token to the hybrid application on the one mobile device, for use in authenticating the mobile device with the application server associated with the hybrid application, in response to receiving a request for the token from the hybrid application on the mobile device. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification