US 11,658,983 B2
Authentication and authorization across microservices
Matthias Leibmann, Redmond, WA (US); Grigory V. Kaplin, Redmond, WA (US); Vikas Ahuja, Sammamish, WA (US); Kapil Kumar Jain, Issaquah, WA (US); Qinxiao Zhou, Bellevue, WA (US); and Ran Cheng, Bellevue, WA (US)
Assigned to Microsoft Technology Licensing, LLC, Redmond, WA (US)
Filed by Microsoft Technology Licensing, LLC, Redmond, WA (US)
Filed on Feb. 7, 2020, as Appl. No. 16/784,802.
Prior Publication US 2021/0250361 A1, Aug. 12, 2021
Int. Cl. H04L 29/06 (2006.01); H04L 9/40 (2022.01)
CPC H04L 63/105 (2013.01) [H04L 63/083 (2013.01)] 20 Claims
OG exemplary drawing
1. A computer implemented method, comprising:
receiving an access request made to a microservice from a requesting entity, requesting access to the microservice, along with an access token;
obtaining an identity of the requesting entity from the access token;
identifying an access pattern used by the requesting entity, the access pattern representing computing actions performed to obtain the access token and request access to the microservice;
identifying permissions in an access policy, corresponding to the microservice, based on:
the identity of the requesting entity, and
the access pattern; and
generating, based on the permissions, an authorization output indicative of an authorization determination with respect to the access request.