Extended OAuth architecture support in a scalable environment
US10547622B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 30, 2017 |
| Grant date | Jan 28, 2020 |
| Priority date | — |
| Expiry date | Apr 6, 2038 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/31
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
An approach is provided for sharing valid token(s) across application instances. If refresh token rotation is used, (i) a token request is received which includes a number of tokens required, (ii) access and refresh token pairs are generated and shared so that a total number of the pairs equals the number of tokens, and (iii) the access and refresh token pairs are sent to a client so that in response to token requests, the application instances obtain respective access and refresh token pairs. If refresh token rotation is not used, (iv) a request for a refresh token is received, (v) an existing access token is validated, where the access token is bound to the refresh token, and (vi) if the existing access token is expired, a new access token is generated and sent to the client; otherwise, the existing access token is sent to the client.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.