Managing API authorization
US8782744B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 15, 2012 |
| Grant date | Jul 15, 2014 |
| Priority date | — |
| Expiry date | Sep 15, 2032 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2101
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Multiple variants of an API can coexist through API management by using metadata in a pre-processing and post-processing system to weed out requests to which a client does not have permission and return parameters that do not belong with the API request variant. Metadata is added to request objects such that an instance of a request object may be examined to determine a request handler to properly inspect the request object and recommend further processing or rejection of the instance. Metadata may also be added to a response object created as a result of processing the request object such that a response handler may be identified to ensure the fields match the proper response to the request object. The API may be dynamically managed at the point of request and also at the point of return rather than a statically coded whitelist checked multiple times within the code itself.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.