Patent · US Active

Third-party authorization of access tokens

US10771466B2 · kind B2 · utility

0Cited by

3References

6Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Chaya Berezin · Nes Ziona, IL
Tamir Faibish · Ashdod, IL
Lior Luker · Nes Ziona, IL
Nitzan Nissim · Nes Ziona, IL

Key dates

Filing date	Apr 22, 2019
Grant date	Sep 8, 2020
Priority date	—
Expiry date	Apr 22, 2039

Classification

Technology area (CPC H)Electricity
CPC primaryH04L67/563
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method for third-party authorization is presented. A client request is received by a resource server in a computer system from a client, wherein the client request includes an access token. An introspection request for the access token based on the client request. The introspection gateway uses a third-party authorization server from a plurality of third-party authorization servers to handle the introspection request. A resource server response is received from the introspection gateway, wherein the resource server response identifies a set of scopes for the access token. A determination is made as to whether the access token has sufficient scope from the resource server response. In response to the access token having the sufficient scope, the client is granted access to the resource server.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.