| 发明名称 |
OPTIMIZED TOKEN-BASED PROXY AUTHENTICATION |
| 摘要 |
Methods, systems, apparatuses, and computer program products are provided for authentication of users in a service-to-service context. At a first service, a user authentication token is received from a client device that was obtained from an identity provider. The user authentication token was received to enable access to the first service by a user. The user is authenticated based on the user authentication token. A second service is determined to be needed to be accessed by the first service on behalf of the user. The user authentication token is converted into a proxy token that is not convertible back to the user authentication token. The proxy token is forwarded from the first service to the second service to enable access to the second service. A response is received by the first service from the second service due to the user having been authenticated based on the proxy token. |
| 申请公布号 |
US2016142409(A1) |
申请公布日期 |
2016.05.19 |
| 申请号 |
US201414546963 |
申请日期 |
2014.11.18 |
| 申请人 |
Microsoft Technology Licensing, LLC |
发明人 |
Frei Adrian;Kamel Tarek B.;Wetter Allan Edwin;Vincent Benjamin R. |
| 分类号 |
H04L29/06;H04L9/32 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method in a first service, comprising:
receiving a user authentication token from a client device that was obtained from an identity provider, the user authentication token received to enable access to the first service by a user; authenticating the user based on the user authentication token; determining that a second service is to be accessed by the user; converting the user authentication token into a proxy token that is not convertible back to the user authentication token; forwarding the proxy token to the second service to enable access to the second service; and receiving a response from the second service due to the user having been authenticated based on the proxy token. |
| 地址 |
Redmond WA US |
