Credential linking across multiple services
First Claim
Patent Images
1. A method comprising:
- receiving, by a first server device and from a user device, a request to authenticate the user device for a first service using first authentication credentials for a second service that is different than the first service;
providing, by the first server device, the first authentication credentials to a second server device that provides the second service;
receiving, by the first server device, from the second server device, and when the first authentication credentials are valid for the second service, user information relating to a user of the user device;
generating, by the first server device and in response to receiving the user information, a token that logically associates the user of the user device, the first authentication credentials for the second service, and the user information;
providing, by the first server device and to the user device, an authentication response, associated with the user information, that provides authentication of the user device for the first service;
providing the token as part of the authentication response;
receiving the token from a third server device that provides the first service;
providing the user information to the third server device to cause the third server device to provide the user device with access to the first service;
receiving, from the third server device, second authentication credentials, associated with the second service, based on providing the user information to the third server device;
associating the second authentication credentials with the token;
receiving the second authentication credentials from the user device;
identifying the token based on receiving the second authentication credentials from the user device;
providing the token to the user device based on identifying the token;
receiving the token from the second server device based on providing the token; and
providing the user information to the second server device to cause the second server device to provide the user device with access to the first service.
1 Assignment
0 Petitions
Accused Products
Abstract
A first server device may receive, from a user device, a request to authenticate the user device for a first service using authentication credentials for a second service that is different than the first service; provide the authentication credentials to a second server device that provides the second service; receive from the second server device, and when the authentication credentials are valid for the second service, user information relating to a user of the user device; and provide, to the user device, an authentication response, associated with the user information, that provides authentication of the user device for the first service.
-
Citations
15 Claims
-
1. A method comprising:
-
receiving, by a first server device and from a user device, a request to authenticate the user device for a first service using first authentication credentials for a second service that is different than the first service; providing, by the first server device, the first authentication credentials to a second server device that provides the second service; receiving, by the first server device, from the second server device, and when the first authentication credentials are valid for the second service, user information relating to a user of the user device; generating, by the first server device and in response to receiving the user information, a token that logically associates the user of the user device, the first authentication credentials for the second service, and the user information; providing, by the first server device and to the user device, an authentication response, associated with the user information, that provides authentication of the user device for the first service; providing the token as part of the authentication response; receiving the token from a third server device that provides the first service; providing the user information to the third server device to cause the third server device to provide the user device with access to the first service; receiving, from the third server device, second authentication credentials, associated with the second service, based on providing the user information to the third server device; associating the second authentication credentials with the token; receiving the second authentication credentials from the user device; identifying the token based on receiving the second authentication credentials from the user device; providing the token to the user device based on identifying the token; receiving the token from the second server device based on providing the token; and providing the user information to the second server device to cause the second server device to provide the user device with access to the first service. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system comprising:
a first server device to; receive, from a user device, a request to authenticate the user device for a first service using first authentication credentials for a second service that is different than the first service; provide the first authentication credentials to a second server device that provides the second service; receive from the second server device, and when the first authentication credentials are valid for the second service, user information relating to a user of the user device; generate, in response to receiving the user information, a token that logically associates the user of the user device, the first authentication credentials for the second service, and the user information; provide, to the user device, an authentication response, associated with the user information, that provides authentication of the user device for the first service; provide the token as part of the authentication response; receive the token from a third server device that provides the first service; provide the user information to the third server device to cause the third server device to provide the user device with access to the first service; receive, from the third server device, second authentication credentials, associated with the second service, based on providing the user information to the third server device; associate the second authentication credentials with the token; receive the second authentication credentials from the user device; identify the token based on receiving the second authentication credentials from the user device; provide the token to the user device based on identifying the token; receive the token from the second server device based on providing the token; and provide the user information to the second server device to cause the second server device to provide the user device with access to the first service. - View Dependent Claims (8, 9, 10, 11)
-
12. A system comprising:
a first server device to; receive, from a user device, an enrollment request including user information regarding a user; authenticate an identity of the user associated with the enrollment request; generate universal credentials, for the user, based on authenticating the identity, the universal credentials including a logical association between credentials for a first service provided by a second server, credentials for a second service provided by a third server, and the identity of the user; provide, to the user device and in response to the enrollment request, an authentication response, based on the generated universal credentials, that provides authentication of the user device for the first service provided by the second server device and for the second service that is different from the first service and that is provided by third server device; generate a token based on generating the universal credentials; generate an association between the universal credentials and the token; receive the universal credentials from the user device after generating the association between the universal credentials and the token; identify the token associated with the universal credentials; provide, based on identifying the token, the token to the user device as part of the authentication response; receive the token from the second server device or the third server device; identify the user information associated with the token; provide the user information to the second server device or the third server device to cause the second server device to provide the user device with access to the first service or the third server device to provide the user device with access to the second service; receive updated user information, from the second server device or the third server device, for accessing the first service or the second service; and update the user information associated with the universal credentials for the user. - View Dependent Claims (13, 14, 15)
Specification