Invocation of third party's service
First Claim
1. A method for invoking a computer-implemented service on a computer system including at least one processor, the method comprising:
- receiving a request from a delegate user to invoke a service on behalf of a managing user authorized to invoke the service, the managing user different than the delegate user, the request including a security token specific to the delegate user and including at least one of an identity token specific to the managing user and a pointer to the identity token specific to the managing user;
authenticating, via the at least one processor, the delegate user based on the security token;
identifying one or more service features of the service that the delegate user is authorized to invoke on behalf of the managing user based on the identity token and the security token; and
enabling the delegate user to invoke the identified one or more service features on behalf of the managing user.
7 Assignments
0 Petitions
Accused Products
Abstract
Invoking a computer implemented service includes receiving a request from a first user to access a service associated with a second user. The request is associated with a security token for the first user and an identity token for the second user. The acceptability of the security token is determined to authenticate the first user, and the acceptability of the identity token is determined to securely identify the second user. The first user is able to access the service associated with the second user conditioned on the security token being determined to be acceptable and the identity token being determined to be acceptable.
28 Citations
18 Claims
-
1. A method for invoking a computer-implemented service on a computer system including at least one processor, the method comprising:
-
receiving a request from a delegate user to invoke a service on behalf of a managing user authorized to invoke the service, the managing user different than the delegate user, the request including a security token specific to the delegate user and including at least one of an identity token specific to the managing user and a pointer to the identity token specific to the managing user; authenticating, via the at least one processor, the delegate user based on the security token; identifying one or more service features of the service that the delegate user is authorized to invoke on behalf of the managing user based on the identity token and the security token; and enabling the delegate user to invoke the identified one or more service features on behalf of the managing user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 17)
-
-
9. A non-transitory computer-readable medium comprising instructions that are executed by at least one processor to cause the at least one processor to perform steps comprising:
-
receiving a request from a delegate user to invoke a service on behalf of a managing user authorized to invoke the service, the managing user different than the delegate user, the request including a security token specific to the delegate user and including at least one of an identity token specific to the managing user and a pointer to the identity token specific to the managing user; authenticating the delegate user based on the security token; identifying one or more service features of the service that the delegate user is authorized to invoke on behalf of the managing user based on the identity token and the security token; and enabling the delegate user to invoke the identified one or more service features on behalf of the managing user. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 18)
-
Specification