Method for providing access to a service
First Claim
Patent Images
1. A method comprising the steps of:
- receiving, by a service provider comprising a processor, a request from a user for access to a service; and
sending an authentication request to an identity provider in order to obtain credentials for said user, wherein said authentication request includes details of a plurality of acceptable authentication formats for said credentials,wherein the plurality of acceptable authentication formats comprises at least one of email, persistent ID, and/or transient ID formats, andthe plurality of acceptable authentication formats is arranged in an order of preference comprising a descending order of preference or an ascending order of preference.
1 Assignment
0 Petitions
Accused Products
Abstract
A system is described comprising a service provider and an identity provider. A user requests access to the service provider and the service provider seeks user credentials from the identity provider. In use, the service provider issues an authentication request, which request specifies details of a plurality of acceptable authentication formats. The identity provider responds to the request either by providing authentication details for said user in one of the formats specified in the request, or by returning an error message indicating that it cannot support any of the specified authentication formats.
6 Citations
15 Claims
-
1. A method comprising the steps of:
-
receiving, by a service provider comprising a processor, a request from a user for access to a service; and sending an authentication request to an identity provider in order to obtain credentials for said user, wherein said authentication request includes details of a plurality of acceptable authentication formats for said credentials, wherein the plurality of acceptable authentication formats comprises at least one of email, persistent ID, and/or transient ID formats, and the plurality of acceptable authentication formats is arranged in an order of preference comprising a descending order of preference or an ascending order of preference. - View Dependent Claims (2, 3, 4)
-
-
5. A method comprising the steps of:
-
receiving, by an identity provider comprising a processor, an authentication request from a service provider requesting credentials for a user, wherein the request includes details of a plurality of acceptable authentication formats for said credentials; and returning credentials for the user in response to the authentication request in the event that credentials for the user are available in one of the plurality of acceptable authentication formats, wherein the plurality of acceptable authentication formats comprises at least one of email, persistent ID, and/or transient ID formats, and the plurality of acceptable authentication formats is arranged in an order of preference comprising a descending order of preference or an ascending order of preference. - View Dependent Claims (6, 7, 8)
-
-
9. A service provider comprising:
-
a processor and memory; the processor and memory configured to cause the service provider to receive a request from a user for access to a service; and send an authentication request to an identity provider in order to obtain credentials for said user, wherein said authentication request includes details of a plurality of acceptable authentication formats for said credentials, wherein the plurality of acceptable authentication formats comprises at least one of email, persistent ID, and/or transient ID formats, and the plurality of acceptable authentication formats is arranged in an order of preference comprising a descending order of preference or an ascending order of preference.
-
-
10. An identity provider comprising:
-
a processor and memory; the processor and memory configured to cause the identity provider to receive an authentication request from a service provider requesting credentials for a user, wherein the request includes details of a plurality of acceptable authentication formats for the credentials; and return credentials for the user to the service provider in response to the request in the event that credentials for the user are available in one of the plurality of acceptable authentication formats, wherein the plurality of acceptable authentication formats comprises at least one of email, persistent ID, and/or transient ID formats, and the plurality of acceptable authentication formats is arranged in an order of preference comprising a descending order of preference or an ascending order of preference. - View Dependent Claims (11, 12)
-
-
13. A system comprising:
-
a service provider and an identity provider each comprising a processor and memory, wherein; the service provider is adapted to send an authentication request to the identity provider requesting credentials for a user in response to said user requesting access to a service provided by the service provider; the authentication request specifies a plurality of acceptable authentication formats for said credentials; and the identity provider is adapted to respond to the request by providing credentials for said user in the event that credentials for the user are available in one of the plurality of acceptable formats, wherein the plurality of acceptable authentication formats comprises at least one of email, persistent ID, and/or transient ID formats, and the plurality of acceptable authentication formats is arranged in an order of preference comprising a descending order of preference or an ascending order of preference.
-
-
14. A computer program, embodied on a non-transitory computer readable medium, the computer program, when executed by a processor, causes the processor to:
-
receive a request from a user for access to a service; and send an authentication request to an identity provider in order to obtain credentials for said user, wherein said authentication request includes details of a plurality of acceptable authentication formats for the credentials, wherein the plurality of acceptable authentication formats comprises at least one of email, persistent ID, and/or transient ID formats, and the plurality of acceptable authentication formats is arranged in an order of reference comprising a descending order of reference or an ascending order of preference.
-
-
15. A computer program, embodied on a non-transitory computer readable medium, the computer program, when executed by a processor, causes the processor to:
-
receive an authentication request from a service provider requesting credentials for a user, wherein the request includes details of a plurality of acceptable authentication formats for the credentials; and return credentials for the user in response to the request in the event that authentication details are available in one of the said plurality of acceptable authentication formats, wherein the plurality of acceptable authentication formats comprises at least one of email, persistent ID, and/or transient ID formats, and the plurality of acceptable authentication formats is arranged in an order of preference comprising a descending order of preference or an ascending order of preference.
-
Specification