Authentication of API-based endpoints
US9578004B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Sep 12, 2014 |
| Grant date | Feb 21, 2017 |
| Priority date | — |
| Expiry date | Dec 11, 2034 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2103
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A method includes detecting an incoming request from a first application to a second application. The method further includes performing an authentication that involves sending a challenge message to a first application. The challenge message may request an account of information associated with processed transactions between the first application and the second application during a particular period preceding the incoming request, a solution to a high-cost calculation associated with a high level of resource use, or a concatenated sequence of characters located at specific positions of a shared value. The authentication further involves receiving a challenge response to the challenge message from the first application, determining a verified response based on the challenge message, and determining whether the challenge response matches the verified response. The method includes authorizing the second application to process the incoming request in response to determining that the challenge response matches the verified response.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.