Token brokering in a descendant frame

Assignee

• MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

• Hirsch Patrick Singhal · Seattle, US
• Pavel Michailov · Redmond, US
• Jason Donchey Nutter · Seattle, US
• Adrian Frei · Seattle, US
• William Alden BARTLETT · Dunn, US
• Thomas Lyle Norling · Bellevue, US
• Prithviraj Sanjeev Kanherkar · Seattle, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/0892
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

The disclosed technology is generally directed to web authentication. In one example of the technology, authentication of a broker is obtained with an identity provider. Obtaining the authentication includes at least communication between the broker and a top-level frame and communication between the broker and the identity provider. The broker is executing in a descendant frame of the top-level frame. The top-level frame and the broker are hosted on different domains. At the broker, from an embedded application that is executing on another descendant frame of the top-level frame, a token request is received. Via the broker, a token is requested from the identity provider. The token is associated with an authorization of secure delegated remote access of at least one resource by the embedded application. At the broker, from the identity provider, the token is received. Via the broker, the token is provided to the embedded application.