Single sign-on through customer authentication systems
US11669805B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | May 22, 2020 |
| Grant date | Jun 6, 2023 |
| Priority date | — |
| Expiry date | Mar 8, 2041 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0442
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Described herein is a system, method, and non-transitory computer readable medium related to a service provider using a third party identity provider to authenticate a user with improved security. An authentication token is received from the identity provider, and can be verified against internal configuration information. The internal configuration information includes data that is not included in the authentication token, and therefore, is not vulnerable to some security attacks, such as a man-in-the-middle attack. After the authentication token is verified, the internal configuration information and authentication token may be used to create a custom identifier, referred to as an identity ID. The identity ID may be used by the service provider to verify user access to resources.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.