Third-party authorization of access tokens

Assignee

• International Business Machines Corporation · US

Inventors

• Chaya Berezin · Nes Ziona, IL
• Tamir Faibish · Ashdod, IL
• Lior Luker · Nes Ziona, IL
• Nitzan Nissim · Nes Ziona, IL

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L67/563
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A computer system comprising a resource server running on the computer system. The resource server receives a client request from a client in which the client request includes an access token. The resource server sends an introspection request to an introspection gateway, wherein the introspection request is for introspection of the access token based on the client request, and wherein the introspection gateway uses a third-party authorization server from a plurality of third-party authorization servers to handle the introspection request. The resource server receives a response from the introspection gateway, wherein the response identifies a set of scopes for the access token. The resource server determines whether the access token has sufficient scope from a resource server response. The client is granted access to the resource server in response to the access token having the sufficient scope.