CPC H04L 63/102 (2013.01) [H04L 63/0884 (2013.01)] | 20 Claims |
1. A computer implemented method comprising:
generating a client application entry in a source tenant scope of an OAuth provider having a secret corresponding to a client application and a target service authorization authorizing a target service to access the secret, the client application entry in the source tenant scope including:
a client application identifier identifying the client application,
a resource identifier that identifies a resource, served by a source tenant service corresponding to a source tenant computing system, to be accessed by the client application, and
a permissions definition that defines a permission to perform an operation on the resource;
receiving, from the target service at an authorization server corresponding to the source tenant computing system, a request for a token authorizing access to the resource, the request for the token including the secret corresponding to the client application;
generating, by the authorization server, an authorization result that authorizes the target service to receive the token authorizing access to the resource based on:
the request including the secret, and
the permission definition in the client application entry; and
sending the token to the target service based on the authorization result.
|