| 主权项 |
1. A method comprising:
receiving, by a computing system of an authentication service provider and from a user device associated with a user, a federated identity protocol request to validate the user using second-factor authentication, wherein the federated identity protocol request corresponds to validation results received by the user device, the validation results indicative of a first-factor authentication of the user at an application server with respect to a user access attempt regarding an application hosted by the application server; determining a user identifier associated with the user in the federated identity protocol request; searching mapping data stored in a data store that is coupled to the computing system to identify a type of virtual token that corresponds to the user identifier in the federated identity protocol request; authenticating the user, at the authentication service provider, based on second-factor authentication by requesting the identified type of virtual token from a user device without notifying the user, receiving a virtual token from the user device without receiving user input, and verifying the virtual token received from the user device using the mapping data; and sending second-factor authentication results to the application server via the federated identity protocol. |
