Authorization based on access token
First Claim
Patent Images
1. A system comprising:
- at least one data processor; and
memory storing instructions which, when executed by the at least one data processor, result in operations comprising;
generating by a mobile client device, an authorization request with a secure token that corresponds to both the mobile client device and to a third party application and which is used to access a server, the authorization request being embedded with a plurality of parameters to allow the server to determine, based upon at least one of the plurality of parameters, if an authorization token should be provided to the mobile client device, the plurality of parameters chosen from a group comprising;
a requesting mobile client device, a third-party application, and a scope of usage;
requesting, by the mobile client device, access to the server by using the authorization token, in response to the authorization request, the server comprising a database and a register, the register storing a plurality of profiles of mobile client devices with respective secure tokens in the database;
receiving, by the mobile client device, the authorization token if the server determines that the authorization token should be provided to the mobile client device;
first determining that the secure token is valid by determining that a scope of usage is within a defined security level for the mobile client device and the third-party application;
second determining, using the register, that the mobile client device and the third-party application are registered in one of the plurality of profiles in the register; and
providing the mobile client device access to the server based on the first determining and the second determining.
0 Assignments
0 Petitions
Accused Products
Abstract
A mobile device may include an authenticator and a processor. The authenticator may generate an authorization request with a secure token to access a server. The processor may access the server using an authorization token, if the authenticator receives the authorization token in response to the authorization request. The authenticator may embed the authorization request with a plurality of parameters to allow the server to determine, based upon at least one of the plurality of parameters, if the authorization token should be given to the mobile device.
16 Citations
15 Claims
-
1. A system comprising:
at least one data processor; and memory storing instructions which, when executed by the at least one data processor, result in operations comprising; generating by a mobile client device, an authorization request with a secure token that corresponds to both the mobile client device and to a third party application and which is used to access a server, the authorization request being embedded with a plurality of parameters to allow the server to determine, based upon at least one of the plurality of parameters, if an authorization token should be provided to the mobile client device, the plurality of parameters chosen from a group comprising;
a requesting mobile client device, a third-party application, and a scope of usage;requesting, by the mobile client device, access to the server by using the authorization token, in response to the authorization request, the server comprising a database and a register, the register storing a plurality of profiles of mobile client devices with respective secure tokens in the database; receiving, by the mobile client device, the authorization token if the server determines that the authorization token should be provided to the mobile client device; first determining that the secure token is valid by determining that a scope of usage is within a defined security level for the mobile client device and the third-party application; second determining, using the register, that the mobile client device and the third-party application are registered in one of the plurality of profiles in the register; and providing the mobile client device access to the server based on the first determining and the second determining. - View Dependent Claims (2, 3, 4, 5)
-
6. A computer-implemented method comprising:
-
generating by a mobile client device, an authorization request with a secure token that corresponds to both the mobile client device and to a third party application and which is used to access a server, the authorization request being embedded with a plurality of parameters to allow the server to determine, based upon at least one of the plurality of parameters, if an authorization token should be provided to the mobile client device, the plurality of parameters chosen from a group comprising;
a requesting mobile client device, a third-party application, and a scope of usage;requesting, by the mobile client device, access to the server by using the authorization token, in response to the authorization request, the server comprising a database and a register, the register storing a plurality of profiles of mobile client devices with respective secure tokens in the database; receiving, by the mobile client device, the authorization token if the server determines that the authorization token should be provided to the mobile client device; first determining that the secure token is valid by determining that a scope of usage is within a defined security level for the mobile client device and the third-party application; second determining, using the register, that the mobile client device and the third-party application are registered in one of the plurality of profiles in the register; and providing the mobile client device access to the server based on the first determining and the second determining. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A non-transitory computer program product storing instructions which, when executed by at least one data processor forming part of at least one computing device, result in operations comprising:
-
generating by a mobile client device, an authorization request with a secure token that corresponds to both the mobile client device and to a third party application and which is used to access a server, the authorization request being embedded with a plurality of parameters to allow the server to determine, based upon at least one of the plurality of parameters, if an authorization token should be provided to the mobile client device, the plurality of parameters chosen from a group comprising;
a requesting mobile client device, a third-party application, and a scope of usage;requesting, by the mobile client device, access to the server by using the authorization token, in response to the authorization request, the server comprising a database and a register, the register storing a plurality of profiles of mobile client devices with respective secure tokens in the database; receiving, by the mobile client device, the authorization token if the server determines that the authorization token should be provided to the mobile client device; first determining that the secure token is valid by determining that a scope of usage is within a defined security level for the mobile client device and the third-party application; second determining, using the register, that the mobile client device and the third-party application are registered in one of the plurality of profiles in the register; and providing the mobile client device access to the server based on the first determining and the second determining. - View Dependent Claims (12, 13, 14, 15)
-
Specification