Patent · US Active

Limiting scopes in token-based authorization systems

US11716325B2 · kind B2 · utility

0Cited by

4References

25Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Martin Smolny · Hessenhöfe, DE
Thomas Dürr · Magstadt, DE
Michael Beck · Lauderdale, US

Key dates

Filing date	Jan 20, 2021
Grant date	Aug 1, 2023
Priority date	—
Expiry date	Apr 26, 2041

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/20
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Access token scope limiting is provided. An access token of a client containing a list of scopes is presented to an authorization application programming interface of the computer. Each scope in the list of scopes defines a permission to access a particular protected resource hosted by a resource server. A new access token is returned to the client containing a decreased number of scopes using a scope alias in response to the authorization application programming interface requesting a decrease in a number of scopes in the list of scopes. The scope alias representing a plurality of specific scopes from the list of scopes contained in the presented access token.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.