Using representational state transfer (REST) for consent management
First Claim
1. A method comprising:
- sending, from an application executing on a device associated with a user, through a Representational State Transfer (REST)-based interface, to an authorization computer system, a request for permission to access a scope of information associated with the user;
based on authentication of the user associated with the device, receiving, at the device associated with the user, through the REST-based interface, from the authorization computer system, a request for consent by the user to allow the application to access information that is within the scope of information associated with the user; and
responsive to the device receiving consent from the user, sending, from the device associated with the user, through the REST-based interface, to the authorization computer system, information indicating the consent to allow the application to access the information, wherein the authorization computer system stores a mapping between the application and the scope of information.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques are disclosed for sending, from an application executing on a device associated with a user, through a Representational State Transfer (REST)-based interface, to an authorization computer system, a request for permission to access a scope of information associated with the user. The techniques can further include, based on authentication of the user, receiving, at the device associated with the user, through the REST-based interface, a request for consent by the user to allow the application to access information that is within the scope of information associated with the user. Furthermore, the techniques can include, responsive to the device receiving consent from the user, sending, from the device associated with the user, through the REST-based interface, to the authorization computer system, the consent to allow the application to access the information for the authorization computer system to store a mapping between the application and the scope.
-
Citations
20 Claims
-
1. A method comprising:
-
sending, from an application executing on a device associated with a user, through a Representational State Transfer (REST)-based interface, to an authorization computer system, a request for permission to access a scope of information associated with the user; based on authentication of the user associated with the device, receiving, at the device associated with the user, through the REST-based interface, from the authorization computer system, a request for consent by the user to allow the application to access information that is within the scope of information associated with the user; and responsive to the device receiving consent from the user, sending, from the device associated with the user, through the REST-based interface, to the authorization computer system, information indicating the consent to allow the application to access the information, wherein the authorization computer system stores a mapping between the application and the scope of information. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A machine-readable memory comprising instructions which, when executed by one or more processors, cause the one or more processors to perform operations comprising:
-
sending, from an application executing on a device associated with a user, through a Representational State Transfer (REST)-based interface, to an authorization computer system, a request for permission to access a scope of information associated with the user; based on authentication of the user associated with the device, receiving, at the device associated with the user, through the REST-based interface, from the authorization computer system, a request for consent by the user to allow the application to access information that is within the scope of information associated with the user; and responsive to the device receiving consent from the user, sending, from the device associated with the user, through the REST-based interface, to the authorization computer system, information indicating the consent to allow the application to access the information, wherein the authorization computer system stores a mapping between the application and the scope of information. - View Dependent Claims (8, 9, 10)
-
-
11. A system comprising:
-
one or more hardware processors; and a memory storing a plurality of instructions, the plurality of instructions, when executed by the one or more hardware processors, causes the one or more hardware processors to; send, from an application executing on a device associated with a user, through a Representational State Transfer (REST)-based interface, to an authorization computer system, a request for permission to access a scope of information associated with the user; based on authentication of the user associated with the device, receive, at the device associated with the user, through the REST-based interface, from the authorization computer system, a request for consent by the user to allow the application to access information that is within the scope of information associated with the user; and responsive to the device receiving consent from the user, send, from the device associated with the user, through the REST-based interface, to the authorization computer system, information indicating the consent to allow the application to access the information, wherein the authorization computer system stores a mapping between the application and the scope of information. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification