US 12,244,717 B1
Processing access requests on a service-to-service basis using a third-party identification token
Mukund Sarma, San Francisco, CA (US); Afaaq Alam Patel, Burnaby (CA); Robert Morris, Jr., Crystal Lake, IL (US); Arkadiy Tetelman, San Francisco, CA (US); Jeffrey Trudeau, Concord, CA (US); and Paul Michael Kuliniewicz, Monee, IL (US)
Assigned to Chime Financial, Inc., San Francisco, CA (US)
Filed by Chime Financial, Inc., San Francisco, CA (US)
Filed on May 29, 2024, as Appl. No. 18/677,595.
Int. Cl. H04L 9/32 (2006.01); H04L 9/40 (2022.01)
CPC H04L 9/3213 (2013.01) [H04L 63/101 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A computer-implemented method comprising:
identifying, based on detecting a third-party identification token issued by a third-party authentication service outside a computer system environment, that a user is authenticated for a first computer service within the computer system environment, the computer system environment comprising a microservice environment;
generating, by the first computer service, an access request to a second computer service within the computer system environment, the access request comprising a requested action and the third-party identification token;
determining, by the second computer service, whether the access request is authorized based on determining:
an authorization policy defined at the second computer service authorizes the requested action by the first computer service; and
the third-party identification token is valid; and
providing, by the second computer service to the first computer service, a response to the access request in response to determining whether the access request is authorized.