IDENTITY APPLICATION PROGRAMMING INTERFACE
First Claim
1. A method, comprising:
- receiving an application'"'"'s request for access to a user'"'"'s network-based account, the application running as an application process or processes outside a web browser on a computing device;
if there is an outstanding user consent to access by the application to the user'"'"'s network-based account, returning an access token to the application, the access token enabling access to the user'"'"'s network-based account; and
if there is no outstanding user consent to access by the application to the user'"'"'s network-based account, presenting a web-based user consent dialog embedded in a system-generated window on the computing device as a process that is independent of the application process or processes.
2 Assignments
0 Petitions
Accused Products
Abstract
A method includes receiving a packaged application'"'"'s request for access to a user'"'"'s cloud- or network-based account. The packaged application runs outside a web browser on a computing device. If there is an outstanding user consent to access by the packaged application to the user'"'"'s cloud- or network-based account, the method includes returning an access token to the packaged application. The access token gives the packaged application access to the user'"'"'s cloud- or network-based account. If there is no outstanding user consent to access by the packaged application to the user'"'"'s cloud- or network-based account, the method includes presenting a web-based user consent dialog in a webview container in an identity component application installed on the computing device.
196 Citations
35 Claims
-
1. A method, comprising:
-
receiving an application'"'"'s request for access to a user'"'"'s network-based account, the application running as an application process or processes outside a web browser on a computing device; if there is an outstanding user consent to access by the application to the user'"'"'s network-based account, returning an access token to the application, the access token enabling access to the user'"'"'s network-based account; and if there is no outstanding user consent to access by the application to the user'"'"'s network-based account, presenting a web-based user consent dialog embedded in a system-generated window on the computing device as a process that is independent of the application process or processes. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for getting a user consent to provide access to an application to the user'"'"'s network-based account, the application running outside a web browser on a computing device having a web OS and a computing device runtime that is a browser process, the method comprising:
-
providing an identity application programming interface (API) on the computing device to the application to communicate with an identity provider, the identity API being configured to exchange a user login token with the identity provider in return for session cookies for a web-based user consent UI session; and providing an identity component application coupled to the identity provider through the identity API and configured to serve the user consent UI on the computing device. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A non-transitory computer-readable storage medium having instructions stored thereon, which instructions when executed by one or more microprocessors cause a computer system to:
-
process an application'"'"'s request for access to a user'"'"'s network-based account, the application running as an application process or processes outside a web browser on a computing device; if there is an outstanding user consent to access by the application to the user'"'"'s network-based account, return an access token to the application, the access token enabling access to the user'"'"'s network-based account; and if there is no outstanding user consent to access by the application to the user'"'"'s network-based account, presenting a web-based user consent dialog embedded in a system-generated window on the computing device as a process that is independent of the application process or processes. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A non-transitory computer-readable storage medium for getting a user consent to provide an application access to the user'"'"'s network-based account, the application running outside a web browser on a computing device, the computing device having a web OS and a computing device runtime that is a browser process, the non-transitory computer-readable storage medium having instructions stored thereon, which instructions when executed by one or more microprocessors cause a computer system to:
-
provide an identity application programming interface (API) in computing device runtime to the application for communication with an identity provider, the identity API being configured to exchange a user login token with the identity provider in return for session cookies for a web-based user consent user interface (UI) session; and provide an identity component application coupled to the identity API and configured to serve the user-consent UI on the computing device. - View Dependent Claims (26, 27, 28, 29, 30)
-
-
31. A computing device comprising:
-
at least one processor; at least one memory, the processor configured to run an application installed in memory, the application running an application process or processes in its own application container outside a web browser on the computing device; an identity application program interface (API) configured to receive requests from the application in computing device runtime for access to the user'"'"'s data or accounts and to forward such requests to an identity provider server configured to authenticate a user and authorize requests for access to the user'"'"'s data or accounts based on user consent; and an identity component application coupled to the identity API, the identity component application configured to present a web-based user consent dialog on the computing device as a process that is independent of the application process or processes. - View Dependent Claims (32, 33, 34, 35)
-
Specification