| CPC H04L 63/0876 (2013.01) [H04L 2101/663 (2022.05)] | 20 Claims |
|
1. A method performed by an authentication service, the method comprising:
receiving, from an application on a remote client device, an access request to access a resource managed by the authentication service, the access request received via a first communication channel between the authentication service and the remote client device;
in response to the access request, sending a directive to the application, the directive directing the application to send an identity request for an identity of the application to an identification agent on the remote client device, the identification agent configured to, in response to the directive, make an identity determination of an identity of the application without relying on the application for the identity determination;
receiving, from the identification agent, the identity of the application, wherein the identity is received via a second communication channel between the authentication service and the identification agent, the second communication channel being separate from the first communication channel;
based at least in part on the identity of the application, making an access determination regarding whether to allow the application to access to the resource; and
sending, to the application at the remote client device, a response to the access request, the response based at least in part on the access determination.
|