Mobile application, identity interface
First Claim
Patent Images
1. A system, comprising:
- a memory storing a plurality of instructions; and
one or more hardware processors configured to access the memory, wherein the one or more hardware processors are further configured to execute the plurality of instructions to;
receive, from a mobile client application of a mobile device, an access request requesting access to an access management service provider, the access request formatted as a representational state transfer (REST) call;
determine, based at least in part on the REST call, an access management service call for accessing an access management service corresponding to the access management service provider;
determine a format for providing the access management service call based on a Lightweight Directory Access Protocol (LDAP) schema associated with the access management service provider;
perform the access management service call in accordance with the determined format, the access management service call including a token request specified in the determined format for accessing the access management service provider, the token request including a mobile client token and a user token;
receive an access token for accessing the access management service provider based at least in part on the mobile client token and the user token; and
cause the mobile client application to perform a function associated with the access management service provider based on the received access token upon authentication of a user of the mobile client application.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for managing identities are provided. In some examples, identity management, authentication, authorization, and token exchange frameworks may be provided for use with mobile devices, mobile applications, cloud applications, and/or other web-based applications. For example a mobile client may request to perform one or more identity management operations associated with an account of a service provider. Based at least in part on the requested operation and/or the particular service provider, an application programming interface (API) may be utilized to generate and/or perform one or more instructions and/or method calls for managing identity information of the service provider.
-
Citations
19 Claims
-
1. A system, comprising:
-
a memory storing a plurality of instructions; and one or more hardware processors configured to access the memory, wherein the one or more hardware processors are further configured to execute the plurality of instructions to; receive, from a mobile client application of a mobile device, an access request requesting access to an access management service provider, the access request formatted as a representational state transfer (REST) call; determine, based at least in part on the REST call, an access management service call for accessing an access management service corresponding to the access management service provider; determine a format for providing the access management service call based on a Lightweight Directory Access Protocol (LDAP) schema associated with the access management service provider; perform the access management service call in accordance with the determined format, the access management service call including a token request specified in the determined format for accessing the access management service provider, the token request including a mobile client token and a user token; receive an access token for accessing the access management service provider based at least in part on the mobile client token and the user token; and cause the mobile client application to perform a function associated with the access management service provider based on the received access token upon authentication of a user of the mobile client application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer-implemented method, comprising:
-
receiving, by a computer system, a representational state transfer (REST) interface access request for accessing a third-party server, the REST interface access request received from a mobile client application; determining, by the computer system, an access management service call corresponding to the third-party server for which access is requested, the determining based at least in part on the REST interface access request received from the mobile client application; determining, by the computer system, a format for providing the access management service call based on a Lightweight Directory Access Protocol (LDAP) schema associated with the access management service provider; providing, by the computer system, the access management service call in accordance with the determined format to an access management service associated with the third-party server for which access is requested, the access management service call including a token request specified in the determined format for accessing the third-party server, the token request including a mobile client token and a user token; receiving, by the computer system, an access token for accessing the third-party server based at least in part on the mobile client token and the user token; providing, by the computer system, the access token to the mobile client application; and causing the mobile client application to perform a function associated with the access management service provider based on the received access token upon authentication of a user of the mobile client application. - View Dependent Claims (11, 12, 13)
-
-
14. A computer-readable memory storing a plurality of instructions executable by one or more hardware processors, the plurality of instructions comprising:
-
instructions that cause the one or more hardware processors to receive, from a mobile client application, a representational state transfer (REST) interface call for requesting access to a service provider; instructions that cause the one or more hardware processors to determine, based at least in part on the REST interface call from the mobile client application, a method call for utilizing an access management service associated with the service provider; instructions that cause the one or more hardware processors to determine a format for providing the method call based on a Lightweight Directory Access Protocol (LDAP) schema associated with the service provider; instructions that cause the one or more hardware processors to transmit, to the access management service associated with the service provider, the method call for utilizing the access management service in accordance with the determined format, the method call including a token request specified in the determined format for accessing the service provider, the token request including a mobile client token and a user token; instructions that cause the one or more hardware processors to receive, from the access management service, an access decision based on the mobile client token and the user token; and instructions that cause the one or more hardware processors to provide, based at least in part on the access decision, an access token to the mobile client application so that the mobile client application can perform a function associated with the access management service provider based on the received access token upon authentication of a user of the mobile client application. - View Dependent Claims (15, 16, 17, 18, 19)
-
Specification