主权项 |
1. A method for efficiently enabling access to cloud-hosted resources by remote clients in communication with cloud-based computing systems, the method comprising:
receiving, by a first server system of a cloud service, a bearer token for accessing the cloud service, wherein the bearer token is generated based on authenticating a remote client in communication with the first server system; determining, by the first server system, that a resource of the cloud service is hosted by a second server system of the cloud service rather than the first server system, wherein the first server system determines that the resource is hosted by the second server system based at least in part on the bearer token, wherein determining that the resource is hosted by the second server system comprises:
requesting a resource identifier from an authentication provider that provided the bearer token to the first server system,receiving the resource identifier from the authentication provider, anddetermining that the resource identifier identifies the resource that is hosted by the second server system and that is not hosted by the first server system; redirecting the remote client to the resource at the second server system based on determining that the resource of the cloud service is hosted by the second server system of the cloud service rather than the first server system, wherein redirecting the remote client comprises:
generating, by the first server system, a cookie comprising the bearer token and a redirect command for instructing the remote client to access the second server system, andtransmitting, by the first server system and via a data network, the cookie having the bearer token and the redirect command to the remote client for accessing the second server system; receiving, by the second server system, the bearer token and the redirect command from the remote client; and establishing, by the second server system, a session between the second server system and the remote client for accessing the resource in response to receiving the bearer token. |