Delivery of authentication information to a RESTful service using token validation scheme
First Claim
Patent Images
1. A computer-implemented method of providing entity-related information, comprising:
- receiving, at a relying party, a request for entity-related information, the request being from a RESTful service authentication component,wherein an entity agent is redirected from the RESTful service authentication component to the relying party;
redirecting the entity agent by the relying party to an identity provider;
authenticating an entity to the identity provider using entity-supplied information;
retrieving the entity-related information;
returning, by the relying party, a service ticket to the RESTful service authentication component,wherein the service ticket is returned by redirecting the entity agent to the RESTful service authentication component;
receiving, at the relying party using a back channel, a validate service ticket request associated with the request for the entity-related information; and
returning, using the back channel, the entity-related information associated with the validate service ticket request.
4 Assignments
0 Petitions
Accused Products
Abstract
Information useful for authenticating an entity is sent over a back channel during the authentication of an entity to a RESTful service. The delivery of the entity-related information is triggered by the validation of a service ticket received by the authentication component of the RESTful service.
-
Citations
33 Claims
-
1. A computer-implemented method of providing entity-related information, comprising:
-
receiving, at a relying party, a request for entity-related information, the request being from a RESTful service authentication component, wherein an entity agent is redirected from the RESTful service authentication component to the relying party; redirecting the entity agent by the relying party to an identity provider; authenticating an entity to the identity provider using entity-supplied information; retrieving the entity-related information; returning, by the relying party, a service ticket to the RESTful service authentication component, wherein the service ticket is returned by redirecting the entity agent to the RESTful service authentication component; receiving, at the relying party using a back channel, a validate service ticket request associated with the request for the entity-related information; and returning, using the back channel, the entity-related information associated with the validate service ticket request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A computer system providing entity-related information, comprising:
-
a relying party configured to receive a request for entity-related information, the request being from a RESTful service authentication component, wherein the relying party receives the request from an entity agent redirected by the RESTful service authentication component; an identity provider configured to; accept the entity-related information request; receive the request for entity-related information from the entity agent redirected from the relying party; authenticate an entity using entity-supplied information; and retrieve the entity-related information; a service ticket associated with the request for entity-related information, wherein the service ticket is returned by redirecting the entity agent to the RESTful service authentication component; and a back channel operable to receive at the relying party a validate service ticket request associated with the request for the entity-related information, wherein the back channel is operable to return the entity-related information associated with the validate service ticket request. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
Specification