Protection configuration for application programming interfaces
US12021880B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jan 12, 2022 |
| Grant date | Jun 25, 2024 |
| Priority date | — |
| Expiry date | Aug 7, 2042 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/121
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A system is configured to authorize client access to an application programming interface (API) of a host device. A proxy is configured to handle network traffic between a host and a client device. The system determines that an API request lacks a form of authentication including a token where the first API request cannot be authenticated. The API request is denied, and a challenge is transmitted to the client device. A subsequent API request from the client device is determined to include a presented token as the form of authentication. The presented token of the second API request is verified based on attributes of the presented token. The system permits the second API request in response to the presented token being verified. An IP-token pair is stored and the permitted second API request is transmitted to the host device for servicing.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.