US 12,294,650 B2
Dynamic authorization and access management
Nathanael Coffing, Seattle, WA (US)
Assigned to SecureAuth Corporation, Irvine, CA (US)
Filed by Cloudentity, Inc., Seattle, WA (US)
Filed on Jan. 13, 2022, as Appl. No. 17/575,540.
Claims priority of provisional application 63/137,423, filed on Jan. 14, 2021.
Prior Publication US 2022/0224535 A1, Jul. 14, 2022
Int. Cl. H04L 9/32 (2006.01); H04L 9/40 (2022.01)
CPC H04L 9/3213 (2013.01) [H04L 63/101 (2013.01); H04L 63/102 (2013.01); H04L 63/205 (2013.01)] 19 Claims
OG exemplary drawing
 
1. A method for dynamic authorization and access management, the method comprising:
receiving from a client application a request to access requested data accessible via one or more endpoints, wherein the request is transmitted to an identity provider for authentication;
receiving, from the identity provider, a user authentication based on one or more user attributes;
defining a scope of access to one or more portions of the one or more endpoints based on user context and one or more security policies, wherein the user context includes the user authentication;
generating an enriched token based on the authenticated request and the defined scope of access, wherein the enriched token provides the defined scope of access;
controlling access to the requested data in accordance with the defined scope of access provided by the enriched token, wherein the defined scope of access to each portion of an endpoint is dynamically updated based on one or more modifications to the one or more security policies; and
providing the enriched token to the client application, the client application using the enriched token to access the requested data in accordance with the scope of access.