| CPC H04L 9/3213 (2013.01) [H04L 9/3247 (2013.01); H04L 9/40 (2022.05)] | 18 Claims |
|
1. A method comprising:
identifying, via an authentication service, a target entity that corresponds to an application programing interface (API) request based on authentication data included in the API request;
obtaining, via an authorization service, a set of permissions that the target entity is allowed to perform within an online service;
generating, at the authorization service, a protobuf web token based on (i) the target entity and (ii) the set of permissions associated with the target entity, wherein generating the protobuf web token includes:
generating a header object, wherein generating the header object includes encoding the header object based on a protobuf-header encoding protocol defined by the authorization service, wherein the header object, when encoded, includes instructions for a downstream service or downstream component of the online service to decode and validate the protobuf web token, and
serializing, via a serialization algorithm, the header object into a serialized header byte array;
adapting the API request to an adapted API request based on generating the protobuf web token, wherein the adapted API request includes the protobuf web token; and
executing, via a network, the adapted API request based on an API-processing service receiving the adapted API request.
|