Systems and methods for controlling third-party access of a protected data resource
A method for controlling third-party access of a protected resource is disclosed. The method includes: receiving, from a client device associated with a user account at a protected resource, an indication of access permissions for a first application to access the user account, the access permission...
Gespeichert in:
| Hauptverfasser: | , , |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | A method for controlling third-party access of a protected resource is disclosed. The method includes: receiving, from a client device associated with a user account at a protected resource, an indication of access permissions for a first application to access the user account, the access permissions defining at least one permission level and one or more permitted user account operations that are associated with the at least one permission level; receiving a request for the first application to access the user account for performing a first access operation; determining that the first access operation is not among the one or more permitted user account operations; in response to determining that the first access operation is not among the one or more permitted user account operations: providing, to the client device, a request for a one-time authorization for the first application to access the user account for performing the first access operation; receiving, from the client device, an indication of the requested one-time authorization; and granting, to the first application access to the user account. |
|---|