SINGLE SIGN-ON FRAMEWORK FOR BROWSER-BASED APPLICATIONS AND NATIVE APPLICATIONS
First Claim
Patent Images
1. A system for providing a single sign-on capability to a browser-based application accessed by a browser:
- a client device comprising a processor and a memory, the client device executing the browser and configured to at least;
store an authentication key on the client device in response to an initial authentication of credentials associated with a particular user account;
transmit a request to authenticate access to the browser-based application from the client device to an identity provider server;
receive an authentication challenge from the identity provider server in response to the request to authenticate access to the browser-based application;
retrieve the authentication key;
transmit the authentication key and the authentication challenge to the identity provider server; and
obtain an indication that the particular user account is authenticated by the identity provider server.
2 Assignments
0 Petitions
Accused Products
Abstract
Disclosed are various approaches for providing single sign-on capabilities for a user on a client device. A user'"'"'s credentials can be authenticated by an identity provider application. The identity provider application can facilitate single sign-on capabilities for browser-based applications and native applications on the client device.
21 Citations
20 Claims
-
1. A system for providing a single sign-on capability to a browser-based application accessed by a browser:
a client device comprising a processor and a memory, the client device executing the browser and configured to at least; store an authentication key on the client device in response to an initial authentication of credentials associated with a particular user account; transmit a request to authenticate access to the browser-based application from the client device to an identity provider server; receive an authentication challenge from the identity provider server in response to the request to authenticate access to the browser-based application; retrieve the authentication key; transmit the authentication key and the authentication challenge to the identity provider server; and obtain an indication that the particular user account is authenticated by the identity provider server. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
8. A method for providing a single sign-on capability to a browser-based application accessed by a browser on a client device, comprising:
-
storing an authentication key on the client device in response to an initial authentication of credentials associated with a particular user account; transmitting a request to authenticate access to the browser-based application from the client device to an identity provider server; receiving an authentication challenge from the identity provider server in response to the request to authenticate the access to the browser-based application; retrieving the authentication key; and transmitting the authentication key and the authentication challenge to the identity provider server; and obtaining an indication that the particular user account is authenticated by the identity provider server. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable medium comprising machine-readable instructions providing a single sign-on capability to a browser-based application accessed by a browser on a client device, wherein when executed by a processor of the client device, the machine-readable instructions cause the client device to at least:
-
store an authentication key on the client device in response to an initial authentication of credentials associated with a particular user account; transmit a request to authenticate access to the browser-based application from the client device to an identity provider server; receive an authentication challenge from the identity provider server in response to the request to authenticate access to the browser-based application; retrieve the authentication key; and transmit the authentication key and the authentication challenge to the identity provider server; and obtain an indication that the particular user account is authenticated by the identity provider server. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification