Method and apparatus for identity federation gateway
First Claim
1. A method comprising:
- receiving a provisioning request from a device to access a network resource, wherein the provisioning request includes a request to determine whether to use a provider of the network resource or a different party to identify a user of the device;
deciding that the user is to be identified by the different party;
sending an identification message to the device from an identifier (ID) federation gateway with a redirect instruction to the different party;
receiving identification data that indicates an identity of the user to the different party;
receiving user credentials data from an authentication process of the provider,wherein the user credentials data includes an indication that the user is successfully identified by the different party.
2 Assignments
0 Petitions
Accused Products
Abstract
Techniques for an ID federation gateway include determining whether a user associated with a request for a particular network resource is to be identified by the provider of the particular service or by a different party. The service also comprises causing the different party to provide identification data that indicates an identity for the user, if the user is to be identified by the different party. The method further comprises causing user credentials data, based on the identification data, to be sent to an authentication process of the provider for a set of one or more network resources that includes the particular network resource requested by the user, if the data indicates that the user is successfully identified.
15 Citations
20 Claims
-
1. A method comprising:
-
receiving a provisioning request from a device to access a network resource, wherein the provisioning request includes a request to determine whether to use a provider of the network resource or a different party to identify a user of the device; deciding that the user is to be identified by the different party; sending an identification message to the device from an identifier (ID) federation gateway with a redirect instruction to the different party; receiving identification data that indicates an identity of the user to the different party; receiving user credentials data from an authentication process of the provider, wherein the user credentials data includes an indication that the user is successfully identified by the different party. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus comprising:
-
at least one processor; and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to perform at least the following; receive a provisioning request from a device to access a network resource, wherein the provisioning request includes a request to determine whether to use a provider of the network resource or a different party to identify a user of the device; decide that the user is to be identified by the different party; send an identification message to the device from an identifier (ID) federation gateway with a redirect instruction to the different party; receive identification data that indicates an identity of the user to the different party; receive user credentials data from an authentication process of the provider, wherein the user credentials data includes an indication that the user is successfully identified by the different party. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A user equipment requesting access for a particular network resource, comprising:
-
determining to send a request associated with a user for the particular network resource for identification of the user by a provider of a particular service or by a different party; when deciding that the user is to be identified by the different party, causing receipt of an identification message at the user equipment from an identifier (ID) federation gateway with a redirect instruction to the different party; causing to send identification data that indicates an identity for the user to the different party; and causing receipt of user credentials data from an authentication process of the provider for the particular network resource requested by the user, wherein the user credentials data includes an indication that the user is successfully identified by the different party. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification