Systems and methods for controlling third-party access of a protected data resource

A computer-implemented method is disclosed. The method includes: receiving, via an application server associated with a first application, a request for the first application to perform a first access operation in connection with a user account at a protected resource; determining that the first acc...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Dunjic, Milos, Tax, David Samuel, Kliewer, Gregory Albert
Format: Patent
Sprache:eng
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A computer-implemented method is disclosed. The method includes: receiving, via an application server associated with a first application, a request for the first application to perform a first access operation in connection with a user account at a protected resource; determining that the first access operation is not among permitted user account operations for the first application in connection with the user account; and in response to determining that the first access operation is not among the permitted user account operations: generating a request for a one-time authorization for the first application to perform the first access operation; sending, to a client device, the request for the one-time authorization; receiving, via the client device, an indication of the requested one-time authorization; generating an access token for a one-time access of the user account based on the indication of one-time authorization; and transmitting the access token to the application server associated with the first application to grant, to the first application, one-time access to the user account.