| CPC H04L 63/0815 (2013.01) [G06F 9/45558 (2013.01); H04L 9/3213 (2013.01); H04L 63/08 (2013.01); H04L 67/10 (2013.01); H04L 67/306 (2013.01); G06F 2009/45587 (2013.01); G06F 2009/45595 (2013.01)] | 16 Claims |
|
1. A method comprising:
receiving, by a multi-cloud infrastructure included in a first cloud infrastructure provided by a first cloud service provider (CSP), a first request from a user associated with an account in a second cloud infrastructure provided by a second CSP, the first request requesting use of a service provided by the first cloud infrastructure and including a first token issued by the second CSP;
validating, by the multi-cloud infrastructure, the first token issued by the second CSP;
responsive to successfully validating the first token, sending by the multi-cloud infrastructure, a second request requesting a second token to an identity system of the first CSP, wherein the second request is a signed request including the first token, and wherein the identity system of the first CSP validates the first token based on a public key obtained from the second cloud infrastructure;
obtaining, by the multi-cloud infrastructure, the second token issued by the first CSP, wherein the second token is usable by the service, and the first token is not usable by the service; and
transmitting, by the multi-cloud infrastructure, the second token to the service, wherein the second token enables the user to utilize the service provided by the first cloud infrastructure.
|