| CPC H04L 63/083 (2013.01) | 17 Claims |
|
1. A system comprising:
a network resource server including an administration module, an authentication service, a token management module and an enrollment and policy module;
a plurality of machines communicatively coupled to said network resource server, each said machine including a plurality of autonomous computer processes configured to request resource access from said network resource server, a token module, and an agent;
wherein said network resource server and said plurality of machines comprise one or more processors, and executable code stored on a non-transitory computer-readable storage media and executed by the one or more processors;
wherein said agent in each of said plurality of machines is configured to enroll a corresponding one of said plurality of machines with said network resource server, and accept machine policies and login credentials from said enrollment and policy module, and after one of said plurality of machines is enrolled with said network resource server, if said token module does not know what resource scopes are available on the one machine, the token module issues a request to said agent on the one machine for available resource scopes and the agent returns a list of available resource scopes to the token module;
wherein the token module determines an available one of said resource scopes that contains a resource for which access is requested by one of said autonomous computer processes running on said one of said plurality of machines;
said token module requests from said agent an access token for the available one resource scope.
|