Systems and methods for an extensible authentication framework
First Claim
1. A method for providing credential gathering requirements to an agent executing on a client, to gather credentials from a user, the method comprising:
- (a) receiving, by an agent executing on a client, a logon point configuration including credential gathering requirements from a device intermediary to the client and one or more servers, wherein the logon point configuration identifies an authentication flow type and the credential gathering requirements define a credential type and an input field type, the input field type defining a type of user interface element from which to obtain input to provide a credential corresponding to the credential type;
(b) detecting, by the agent, a request to access a logon point corresponding to the logon point configuration;
(c) implementing, by the agent, an authentication workflow process corresponding to the authentication flow type;
(d) displaying, by the agent via a user interface generated by the agent in accordance with the received credential gathering requirements, the type of user interface element corresponding to the input field type, the displayed type of user interface element to receive as input a credential from a user at the client, the credential identified by the credential type; and
(e) transmitting, by the agent independent of the user interface, to the device for authentication, the credential received from the user via the user interface element generated by the agent.
8 Assignments
0 Petitions
Accused Products
Abstract
The present disclosure describes systems and methods of an authentication framework to implement varying authentication schemes in a configurable and extendable manner. This authentication framework provides a level of abstraction in which requirements for credential gathering and authentication workflow are independent from the agents or authentication implementation that does the credential gathering and authentication workflow. A higher level of abstraction and a more comprehensive authentication framework allows handling the associated authentication transactions of complex authentication schemes without requiring any specific understanding of their internals. For example, the requirements to gather certain credentials for a particular authentication scheme may be configured and maintained separately from the client-side authentication agent that gathers the credentials. The flexible, configurable and extendable authentication framework supports a wide variety of authentication scheme and supports third party, proprietary and customized authentication schemes.
-
Citations
20 Claims
-
1. A method for providing credential gathering requirements to an agent executing on a client, to gather credentials from a user, the method comprising:
-
(a) receiving, by an agent executing on a client, a logon point configuration including credential gathering requirements from a device intermediary to the client and one or more servers, wherein the logon point configuration identifies an authentication flow type and the credential gathering requirements define a credential type and an input field type, the input field type defining a type of user interface element from which to obtain input to provide a credential corresponding to the credential type; (b) detecting, by the agent, a request to access a logon point corresponding to the logon point configuration; (c) implementing, by the agent, an authentication workflow process corresponding to the authentication flow type; (d) displaying, by the agent via a user interface generated by the agent in accordance with the received credential gathering requirements, the type of user interface element corresponding to the input field type, the displayed type of user interface element to receive as input a credential from a user at the client, the credential identified by the credential type; and (e) transmitting, by the agent independent of the user interface, to the device for authentication, the credential received from the user via the user interface element generated by the agent. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for providing credential gathering requirements to an agent executing on a client, to gather credentials from a user, comprising:
-
at least one processor of the client; and an agent executed on the at least one processor, the agent configured to; receive a logon point configuration including credential gathering requirements from a device intermediary to the client and one or more servers, wherein the logon point configuration identifies an authentication flow type and the credential gathering requirements define a credential type and an input field type, the input field type defining a type of user interface element from which to obtain input to provide a credential corresponding to the credential type; detect a request to access a logon point corresponding to the logon point configuration; implement an authentication workflow process corresponding to the authentication flow type; display, via a user interface generated in accordance with the received credential gathering requirements, the type of user interface element corresponding to the input field type, the displayed type of user interface element to receive as input a credential from a user at the client, the credential identified by the credential type; and transmit, independent of the user interface, to the device for authentication, the credential received from the user via the user interface element. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification