AUTHORIZING APPLICATION ACCESS TO SECURE RESOURCES
An application submits a permission request to a resource server. In response to receiving the request, the resource server generates a user interface that asks the user to grant or deny the requested permissions. If the permissions are granted, data is stored indicating that the application has the...
Saved in:
Main Authors | , , , , , |
---|---|
Format | Patent |
Language | English French German |
Published |
24.04.2019
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | An application submits a permission request to a resource server. In response to receiving the request, the resource server generates a user interface that asks the user to grant or deny the requested permissions. If the permissions are granted, data is stored indicating that the application has the requested permissions. When a runtime request for a resource is received, the resource server determines whether the request has been made by a user, by an application, or by an application on behalf of a user. If the request is made by an application only, the request is granted only if the application has permission to access the resource by way of a direct call not on behalf of a user. If the request is made by an application on behalf of a user, the request is granted only if both the user and the application have sufficient permission. |
---|---|
Bibliography: | Application Number: EP20120852799 |