Methods and systems for single sign-on while protecting user privacy
First Claim
1. A method for enabling an application to identify a user of the application, the method comprising:
- at a computing device on which the application is executing;
receiving, from the application, a first request for a first user identifier that references the user only within a scope of the application, wherein the first request includes a container identifier associated with the application;
in response to the first request, sending a second request for the first user identifier to a server, wherein the second request includes;
a second user identifier that references the user,a second authentication token for the second user identifier, andthe container identifier, wherein;
the container identifier references a container that corresponds to the application,the container includes information that correlates the second user identifier to the first user identifier, andthe second user identifier, the second authentication token, and the container are not accessible to the application;
receiving, from the server, the first user identifier and a first authentication token for the first user identifier; and
providing the first user identifier to the application.
1 Assignment
0 Petitions
Accused Products
Abstract
A method of enabling applications to reference user information is provided, including receiving a request for a user identifier that references a user of the application and sending a second request for the user identifier to a server. The second request may include a second user identifier that references the user and a second authentication token for the second user identifier. Furthermore, the second user identifier and the second authentication token are not accessible by the user. The method includes receiving the user identifier and an authentication token for the first user identifier. The user identifier corresponds to the second identifier; and providing the user identifier and authentication token to the application. A method of enabling an application to identify users associated with a user of the application is provided; the method may include receiving, from the server, user identifiers that reference one or more users scoped to the application.
-
Citations
20 Claims
-
1. A method for enabling an application to identify a user of the application, the method comprising:
at a computing device on which the application is executing; receiving, from the application, a first request for a first user identifier that references the user only within a scope of the application, wherein the first request includes a container identifier associated with the application; in response to the first request, sending a second request for the first user identifier to a server, wherein the second request includes; a second user identifier that references the user, a second authentication token for the second user identifier, and the container identifier, wherein; the container identifier references a container that corresponds to the application, the container includes information that correlates the second user identifier to the first user identifier, and the second user identifier, the second authentication token, and the container are not accessible to the application; receiving, from the server, the first user identifier and a first authentication token for the first user identifier; and providing the first user identifier to the application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
9. A non-transitory computer readable storage medium configured to store instructions that, when executed by a processor included in a computing device, cause the computing device to enable an application to identify a user of the application, by carrying out steps that include:
-
receiving, from the application, a first request for a first user identifier that references the user only within a scope of the application, wherein the first request includes a container identifier associated with the application; in response to the first request, sending a second request for the first user identifier to a server, wherein the second request includes; a second user identifier that references the user, a second authentication token for the second user identifier, and the container identifier, wherein; the container identifier references a container that corresponds to the application, the container includes information that correlates the second user identifier to the first user identifier, and the second user identifier, the second authentication token, and the container are not accessible to the application; receiving, from the server, the first user identifier and a first authentication token for the first user identifier; and providing the first user identifier to the application. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A system configured to enable an application to identify a user of the application, the system comprising:
-
a server device; and a computing device configured to carry out steps that include; receiving, from the application, a first request for a first user identifier that references the user only within a scope of the application, wherein the first request includes a container identifier associated with the application; in response to the first request, sending a second request for the first user identifier to the server device, wherein the second request includes; a second user identifier that references the user, a second authentication token for the second user identifier, and the container identifier, wherein; the container identifier references a container that corresponds to the application, the container includes information that correlates the second user identifier to the first user identifier, and the second user identifier, the second authentication token, and the container are not accessible to the application; receiving, from the server device, the first user identifier and a first authentication token for the first user identifier; and providing the first user identifier to the application. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification