METHODS AND APPARATUS FOR DELEGATED AUTHENTICATION TOKEN RETRIEVAL
10 Assignments
0 Petitions
Accused Products
Abstract
In some embodiments, a non-transitory processor-readable medium includes code to cause a processor to send, from an authorization client on a device to a client authorization module, an indication of multiple applications installed on the device, and receive, at the authorization client and in response to the indication, multiple application tokens from the client authorization module. Each individual application token from the multiple application tokens received by the authorization client is uniquely associated with an application from the multiple applications installed on the device. The authorization client provides each application its associated application token such that each application from the multiple applications can use that application token in order to be authenticated to an application server associated with the application.
14 Citations
44 Claims
-
1-20. -20. (canceled)
-
21. A non-transitory processor-readable medium storing code representing instructions to be executed by a processor, the code comprising code to cause the processor to:
-
send, at a first time, from an authorization client to a client authorization module, an indication of a first application and a second application; receive, at a second time after the first time, at the authorization client, in response to the indication, and from the client authorization module, a first application token and a second application token, the first application token being uniquely associated with the first application and the second application token being uniquely associated with the second application; provide, using the authorization client, the first application the first application token such that the first application is authenticated to an application server associated with the first application when the first application token is received at the application server associated with the first application; and provide, using the authorization client, the second application the second application token such that the second application is authenticated to an application server associated with the second application when the second application token is received at the application server associated with the second application. - View Dependent Claims (22, 23, 24, 25, 26, 27)
-
-
28. An apparatus, comprising:
-
an authorization client, the authorization client configured to send, at a first time, to a client authorization module, an application token request associated with a plurality of applications, subsequent to intercepting a request to launch an application from the plurality of applications such that the application is at least temporarily prevented from receiving the indication, the authorization client configured to receive, at a second time after the first time, in response to the application token request, (1) a set of application tokens associated with a first set of applications from the plurality of applications, and (2) an indication that the user is unauthorized to use each application from a second set of applications from the plurality of applications and mutually exclusive of the first set of applications, each application token from the set of application tokens being uniquely associated with an application from the first set of applications, the authorization client configured to provide each application from the first set of applications with its associated application token from the set of application tokens such that each application from the first set of applications is authenticated to an application server associated with that application when its associated application token is received at the application server. - View Dependent Claims (29, 30, 31, 32, 33)
-
-
34. An apparatus, comprising:
-
a client authorization module configured to receive, at a first time, from an authorization client, an application token request associated with a plurality of applications, the client authorization module configured to send, at a second time after the first time, in response to the application token request, a plurality of tokens to the authorization client such that the authorization client provides each application from the plurality of applications with a uniquely associated token from the plurality of tokens, the client authorization module configured to receive an authentication request from an application module associated with an application from the plurality of applications, the authentication request including a token from the plurality of tokens and uniquely associated with that application, the client authorization module configured to send an authentication signal to the application module in response to the client authorization module verifying the token as a valid token for the application. - View Dependent Claims (35, 36, 37, 38, 39)
-
-
40. A non-transitory processor-readable medium storing code representing instructions to be executed by a processor, the code comprising code to cause the processor to:
-
receive, at an authorization client on a device and at a first time, an indication that a user has requested to launch an application such that the application is at least temporarily prevented from receiving the indication; send, at a second time after the first time from the authorization client to a client authorization module and in response to the indication, a request for an application token for the application; receive, at the authorization client and in response to the request, the application token from the client authorization module; associate, using the authorization client, the application token with the application; and send, using the authorization client and, after associating the application token with the application, the indication to the application such that the application launches with the application token and in response to the indication. - View Dependent Claims (41, 42, 43, 44)
-
Specification